[Samba] Must Samba4 AD be provisionned with rfc2307 to use winbind ?

Rowland Penny rowlandpenny at googlemail.com
Tue Oct 1 05:44:38 MDT 2013

On 01/10/13 12:34, Jonathan Buzzard wrote:
> On Tue, 2013-10-01 at 11:27 +0100, Rowland Penny wrote:
> [SNIP]
>> Wrong, the first windows server that had 'uidNumber' as standard was
>> 2003R2 .
> That is what I said. However there where lots of 2003 and even 2000
> servers that had uidNumbers in their schema. What you cannot do is
> conclude because your AD has a uidNumber field that it is operating at
> 2003R2 or later. That is fundamentally flawed logic.
>> So, if it was first installed 'de-facto' in 2003R2 and Samba 4 has it as
>> standard, then samba4 should be 'level 2003R2', but then again it seems
>> to be using the 2008 schema (at least that is the earliest I can find in
>> /usr/local/samba/share/setup/
> Like I said flawed logic, because plenty of 2003 and 2000 servers had
> uidNumbers in their schema. What is important is not what the schema is,
> but what on the wire protocol version that your AD controller is
> compatible with.
> I presume that if Samba4 is reporting it is a 2003 server it is because
> there was some extension of the AD controller protocol by Microsoft in
> 2003R2 that Samba4 does not support.
> JAB.
Here we go again, your logic is flawed, just because you personally know 
of lots of windows 2003 & 2000 servers that have 'uidNumbers' does not 
mean Samba 4 is level 2003.

The 'uidNumber' did not become a fixed part of the windows schema until 
2003R2, before that it had to be added, but 'uidNumber' is a fixture of 
Samba 4 therefore Samba4 cannot be level 2003

Also, if Samba 4 is level 2003, why does it ship with the 2008 & 2008R2 
schemas and no sign of the 2003 schema?


More information about the samba mailing list