[Samba] Must Samba4 AD be provisionned with rfc2307 to use winbind ?

Jonathan Buzzard jonathan at buzzard.me.uk
Tue Oct 1 04:07:24 MDT 2013

     A. On Sat, 2013-09-28 at 15:49 +0100, Rowland Penny wrote:


> If you do a google search for 'uidNumber' for instance, you will find 
> this webpage: 
> http://msdn.microsoft.com/en-us/library/windows/desktop/ms680511%28v=vs.85%29.aspx
> This plainly shows that the earliest windows server that had 'uidNumber' 
> was 2003R2 so as 'uidNumber' is in Samba4, samba4 function level should 
> be 2003R2, but Samba4 seems to be using the 2008 schema (at least that 
> is the only one that comes with samba 4) so should the function level be 
> 2008?

Wrong, the uidNumber etc. where available in Server 2003 (and Server 200
for that matter) however it was an *optional* schema extension. I know I
was working somewhere at the time where the AD admins where like many AD
admins very reluctant to extend the schema.

In the upgrade to 2003R2 the schema extension was made mandatory. That
is you upgraded your domain controllers to 2003R2 and the rfc2307 schema
extension was applied to your AD whether you liked it or not.

Very useful as the biggest hurdle into getting rfc2307 working on an AD
was often getting the AD admins to agree to the schema extension. Once
it's there getting it populated was much easier.


Jonathan A. Buzzard                 Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.

More information about the samba mailing list