[Samba] ERROR: Could not retrieve the actual domain, forest level and/or lowest DC function level!
Thomas Harold
thomas-lists at nybeta.com
Wed Jan 15 09:15:58 MST 2014
On 1/9/2014 10:06 AM, Thomas Harold wrote:
> Doing some basic sanity checks on our Samba4 setup (migrating off of a
> Win2000/Win2003 AD) and the following command is throwing an error. Not
> sure how to troubleshoot this as most other things seem to be working.
>
> # samba-tool domain level show
>
> ERROR: Could not retrieve the actual domain, forest level and/or lowest
> DC function level!
>
In digging around some more:
- This was originally a Windows 2000 Active Directory Domain.
- Looking at the domain properties in AD Users & Groups shows that it is
a 2000 domain on a 2000 forest (functional level).
- Later a Win2003 server was added (not Win2003 R2, but the first
version of 2003) and all roles were seized. The functional level was
never upgraded to 2003.
- Running "addiag.exe" on the 2003 server shows no issues while running
the default tests.
- Samba4 has had no trouble joining the domain as either domain
controllers or as member servers.
- Attempting to do "adprep.exe /forestprep" says that the forest has
already been updated to 2003. The same applies to running "adprep.exe
/domainprep".
So what I have is a bit of a mess where the ADPrep tool thinks the work
has already been done, but the Win2003 AD server thinks that it is still
running at the 2000 functional level.
More information about the samba
mailing list