question

Chong-7118 avatar image
0 Votes"
Chong-7118 asked DaisyZhou-MSFT answered

Windows server and functional level compatibility list

Hi Support,

Do Microsoft have any official documents that list out different Windows Server version support which protocol (SMB, LDAP, TLS, etc)?
How about domain/forest functional level?

I found these documents but seems they cannot proved that new windows version supported all protocol that same as old windows version:

https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels
https://docs.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-
https://docs.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3


Best Regards
Chong

windows-serverwindows-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DaisyZhou-MSFT avatar image
0 Votes"
DaisyZhou-MSFT answered

Hello @Chong-7118,

Thank you for posting here.

Q: Do Microsoft have any official documents that list out different Windows Server version support which protocol (SMB, LDAP, TLS, etc)?
A: I think the official documents you mentioned are helpful.

The first link applies to: Windows Server

The second link applies to: Windows 10, Windows 8.1, Windows 8, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

The third link applies to: Windows 10, Windows 8.1, Windows 8, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012


For LDAP protocol, I did not find any official document. And I only find the following link for your reference.

Differences between LDAP 2 and LDAP 3
https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ldap/differences-between-ldap-2-and-ldap-3


For Windows server Domain Controllers, maybe different Windows servers have different default NTLM authentication level.

For more information about NTLM authentication level, please refer to link below.

Network security: LAN Manager authentication level
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level



Hope the information above is helpful.

Should you have any question or concern, please feel free to let us know.


Best Regards,
Daisy Zhou

============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

LeonLaude avatar image
0 Votes"
LeonLaude answered

Hi @Chong-7118,

The documentations that you've found are more or less the correct ones and the currently up-to-date ones, these will be updated whenever a new operating system is released.

LDAP
https://support.microsoft.com/en-us/topic/2020-ldap-channel-binding-and-ldap-signing-requirements-for-windows-ef185fb8-00f7-167d-744c-f299a66fc00a

Forest and Domain Functional Levels
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels

Protocols in TLS/SSL (Schannel SSP)
https://docs.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-

SMB
https://docs.microsoft.com/en-us/windows-server/storage/file-server/file-server-smb-overview


If the reply was helpful please don't forget to upvote and/or accept as answer, thank you!


Best regards,
Leon

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.