VMware vCenter Server 7.0 Deprecate IWA

For those who ain't aware that in the release of vSphere 7.0, support for Integrated Windows Authentication (IWA) will be deprecated. This has been published in this KB.

The existing method of AD over LDAP, OpenLDAP will still works or the new feature in 7.0, AD Federated Identity (AD FS). Check out this article.

To be honest, I would recommend to use AD FS if you are using a windows environment since this will prevent vSphere from talking directly to AD. Which in a way much safer and its a session based on the token method via OAUTH2 and OIDC protocol than to have user name and password been exposed.

You can refer to the documentation on how to setup AD FS for vCenter Server here and also check out this TAM LAB video.

With the support of AD FS, this will allow MFA to be implemented. However, this is still limited as due to the number of support on AD FS.


Popular posts from this blog

Why VMware or Why Not after Broadcom?

VMware vExpert 2025 Applications Starts Now!

VMware Certifications Updates