[Samba] Anyone Pls? Domain function levels, etc

Christopher Welsh cpwe at deakin.edu.au
Sun Jan 2 19:57:32 GMT 2005 

Andrew,

Thanks for your reply.

I've been a little confused, as I have been finding conflicting info on 
the net.

For example. An extract from this article - 
http://www.thechannelinsider.com/article2/0,1759,1647348,00.asp:

Quote
You can run Samba 3 with an AD server running native mode. In this mode, 
you can run Samba 3, W2K (Windows 2000) server and Server 2003. You 
cannot, however, run Samba 3 in Server 2003 mode, a superset of native 
mode, which requires that all servers be running Server 2003.

End Quote


Your thoughts?


Andrew Bartlett wrote:

>On Sat, 2005-01-01 at 21:24 +1100, Christopher Peter Welsh wrote:
>  
>
>>Hi, 
>> 
>>I have resent this, as I have had no replies so far.  
>> 
>>I'm gonna have to be putting a good argument to my ICT team against going to 
>>2003 in 2003 server mode ( I think thats what they call the highest mode for 
>>2003 server) to keep samba at our school. I like what windows 2003 has to 
>>offer, but do not want to lock samba out forever. 
>>I know samba will work at lower mode. And that's what I'm pushing. 
>> 
>>Can people chip in with some arguments and advice. 
>> 
>>What is the highest 2003 mode (forest and domain) that we can go to and still 
>>have samba function as a member file server? 
>>    
>>
>
>I don't know of any limits, so long as Samba is configured correctly.
>
>  
>
>>Is there really better security in that higher 2003 mode? What in particular? 
>>    
>>
>
>There are many things broken security wise in NT, and the compatability
>interfaces with it (mostly regarding anonymous access).
>
>  
>
>>Will winbind (ADS and kerb mode) break? As we use it for squid auth, etc. 
>>    
>>
>
>I don't think so, but you really should be doing your own functional
>testing, on a test network.
> 
>  
>
>>How long before SAMBA can work at the highest level with 2003? 
>>    
>>
>
>I don't know of any outstanding issues, but I'll need much more detail
>on individual problems.
>
>  
>
>>I'm feeling that MS have provided some functional incentives to go with the 
>>highest mode. Can someone suggest some ways to take the hype out this higher 
>>level? I know from my reading, that once we make that jump, there is no 
>>turning back 
>>    
>>
>
>By slowly moving away from the NT domain modal, MS allows themselves to
>do some interesting and better things.  
>
>Andrew Bartlett
>
>  
>

More information about the samba mailing list