[Samba] Must Samba4 AD be provisionned with rfc2307 to use winbind ?

Rowland Penny rowlandpenny at googlemail.com
Tue Oct 1 06:29:32 MDT 2013

On 01/10/13 12:57, Jonathan Buzzard wrote:
> On Tue, 2013-10-01 at 12:44 +0100, Rowland Penny wrote:
> [SNIP]
>> Here we go again, your logic is flawed, just because you personally know
>> of lots of windows 2003 & 2000 servers that have 'uidNumbers' does not
>> mean Samba 4 is level 2003.
> No my logic is not flawed. You can *NEVER* determine the AD server level
> by looking at the schema.
The logic as you wrote it, was flawed, you basically said that even if 
the server had 'uidnumber' it wouldn't be 2003R2, at no point in your 
initial post did you mention rpc calls.

I am trying to find out just what level samba 4 is, I think that it is 
not really 2003. It is not really helpful if you jump in with 'wrong' 
and then do not explain correctly. So, as you seem to know a bit about 
this, how do you find out what level a windows server is?

>> The 'uidNumber' did not become a fixed part of the windows schema until
>> 2003R2, before that it had to be added, but 'uidNumber' is a fixture of
>> Samba 4 therefore Samba4 cannot be level 2003
> By that logic a Windows 2000 server with a uidNumber must really be
> 2003R2 server. Clearly that is not the case.
>> Also, if Samba 4 is level 2003, why does it ship with the 2008 & 2008R2
>> schemas and no sign of the 2003 schema?
> Because it depends on the version of the wire level protocol that Samba4
> supports and has nothing to do with the schema. That is, there is a set
> of MS-RPC calls that you need to support to be at level 2003R2 and
> presumably Samba4 does not support them all so it reports itself as a
> 2003 server.
> You could probably import a 2008 schema into a 2003 server, but it would
> not make it a 2008 server. Lets face it you can have an AD domain with a
> mixture of 2003 and 2003R2 servers in it, and clearly the 2003 servers
> are not 2003R2.
> JAB.

More information about the samba mailing list