[Samba] Raise Domain Level, Forest Level and Schema for Bitlocker integration
james.atwell365 at gmail.com
james.atwell365 at gmail.com
Wed Mar 20 18:25:31 UTC 2024
> -----Original Message-----
> From: samba <samba-bounces at lists.samba.org> On Behalf Of Paul Littlefield
> via samba
> Sent: Wednesday, March 20, 2024 1:14 PM
> To: samba at lists.samba.org
> Subject: Re: [Samba] Raise Domain Level, Forest Level and Schema for
Bitlocker
> integration
>
> On 18/03/2024 15:44, Paul Littlefield via samba wrote:
> >
> > I would like to add BitLocker integration to the three DCs we have
running
> 4.15.13 on Ubuntu 22.04 LTS.
> >
> > The DC has been around a while and is currently on Schema version 47 and
> Domain level 2008_R2.
> >
> > Can I confirm that the procedure to upgrade the three DCs is as
follows:-
> >
> > 1) backup
> > 2) upgrade domain and forest to latest 2012_R2
> > 3) upgrade the schema to latest 2012_R2
> >
> > Also, in what order of DCs should I perform these changes?
> >
> > DC5 (FSMO Role)
> > DC6
> > DC7
>
> Did anyone have a comment on this please?
>
> --
>
> Paul Littlefield
Paul,
>From my experience I recommend you read the 4.19.0 release notes for
instructions on raising the domain and functional levels to 2012. It's what
I used recently without issue. Basically, your steps are what you will do.
If only one DC holds all the FSMO roles, I recommend you perform the upgrade
on that server last.
After the upgrade you may notice objects that can't be resolved to its SID.
This appears to be related to Samba not fully supporting 2012 or 2016.
Rowland confirmed this for me when I posed the question on the list.
More information about the samba
mailing list