Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-1168: DirectControl and DirectAuthorize compatibility with domain and forest functional levels

Centrify DirectControl ,  

31 July,17 at 09:13 AM

What domain and forest functional levels are DirectControl and DirectAuthorize compatible with?

Please see the table below:
DFL/FFL LevelDirectControlDirectAuthorizeComments 
Windows 2000NoNoNo longer supported by Centrify
Windows 2003NoNoNo longer supported by Centrify
Windows 2003 R2YesYesMinimum supported DFL/FFL Level (Support will be ended in Centrify Suite 2017.3)
Windows 2008 R2YesYesSupported as of
Centrify DirectControl 4.2.0
Windows 2008 Read-Only Domain Controllers (RODC)YesYesSupported as of
Centrify DirectControl 5.1.0
(Server Suite 2013)
Windows 2012YesYesSupported as of
Centrify DirectControl 5.1.0 
(Server Suite 2013)
Windows 2012 R2YesYesSupported as of Centrify DirectControl 5.1.3 
(Server Suite 2014)
DC running Windows 2012 OS or above at Windows 2008 R2 FFL/DFLYesYesEnsure DirectControl 5.2.1 or above is used to address issue with SID compression enabled by default on Windows 2012 R2
*Kerberos Armoring support requires DirectControl 5.4.0 (Centrify Suite 2017) or above
Windows 2016YesYesSupported as of  
Centrify DirectControl 5.4.0 (Server Suite 2017)
For further information on Supported Platforms with Centrify, please see our Supported Platforms Page

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.