[Announce] Samba 4.11.0rc1 Available for Download
garming at catalyst.net.nz
Wed Jul 17 04:50:34 UTC 2019
I've been spending some time untangling what it actually means to be
compatible with 2012 R2. I've been writing a wiki page this week because
there is hardly any information about this:
I'm still working on adding some more detail, but I should be done in
the next few days.
Really one of the complications in saying what we're compatible with is
certain features which we do or do not implement. From an AD perspective
in terms of functional level, we're about 2008 R2, but there's still
things we're missing from that like managed service accounts (MSA),
recycling bin, trusts, DFSR etc. Functional levels in MS-AD are normally
in lock-step and version the entire directory, so we're basically our
In terms of FSMO roles, I expect we handle the RID master role
adequately, the schema master to a reasonable extent and likely most
2008 R2 (functional level) relevant parts for the PDC. As long as the
domain is at 2008 R2 functional level, it shouldn't matter what versions
of Windows are interacting with it. However, partition creation in Samba
for domain naming master doesn't work properly and so there shouldn't be
any code for that and infrastructure master concerns multi-domain
forests which we have only partial support for (and we haven't sorted
out recycling bin which also appears affected). Leaving these roles to
Samba even on a 2008 R2-only domain, with trusts, is unlikely to work as
Joining a 2012 R2 Windows DC to Samba without too much hassle is now
supposed to work for the first time (although I just found a new
regression, see https://bugzilla.samba.org/show_bug.cgi?id=14029).
Although we've updated the schema version defaults, we haven't updated
the preparation version defaults which are also still required (and
still needs more testing at this point).
On 16/07/19 9:38 AM, Harry Duncan via samba-technical wrote:
> On Tue Jul 9 10:20:44 UTC 2019, Karolin Seeger wrote:
>> Release Announcements
>> This is the first release candidate of Samba 4.11. This is *not*
>> intended for production environments and is designed for testing
>> purposes only. Please report any defects via the Samba bug reporting
>> system at https://bugzilla.samba.org/.
>> Samba 4.11 will be the next version of the Samba suite.
>> Default schema updated to 2012_R2
>> Default AD schema changed from 2008_R2 to 2012_R2. 2012_R2 functional level
>> is not yet available. Older schemas can be used by provisioning with the
>> '--base-schema' argument. Existing installations can be updated with the
>> samba-tool command "domain schemaupgrade".
>> Samba's replication code has also been improved to handle replication
>> with the 2012 schema (the core of this replication fix has also been
>> backported to 4.9.11 and will be in a 4.10.x release).
> I would like to dedicate some resources to testing this, would I be
> right in saying that because only the schema is supported and not the
> functional level, that I should be able to put a windows 2012 R2
> server as a domain controller with the schema master FSMO role, that I
> can add Samba 4.11.0rc1 to that domain and have it function with its
> reduced subset for rudimentary functions that are already supported?
> If so, are there any FSMO roles that Samba can hold, like domain
> naming, or must all the roles be mastered by a windows host?
> Any particular features you would like us to test in tandem with the
> funciionality that we will be testing for our future use when this is
> production released?
More information about the samba-technical