[Samba] Must Samba4 AD be provisionned with rfc2307 to use winbind ?

Stuart Naylor stuartiannaylor at thursbygarden.org
Wed Jul 16 17:26:03 MDT 2014


I have been reading through an old thread and to be honest confused.com


root at zent1:~# samba-tool domain level show
params.c:pm_process() - Processing configuration file "/etc/samba/shares.conf"
ldb_wrap open of secrets.ldb
Domain and forest function level for domain 'DC=office,DC=zentyal,DC=lan'

Forest function level: (Windows) 2003
Domain function level: (Windows) 2003
Lowest function level of a DC: (Windows) 2008 R2

That for a start has me totally stumped as where is the 2008 R2 coming from?

Does this mean that I can only use this DC with a minimum of 2008 R2 servers?

If you include rfc2307 in Samba4 then the schema provided is from 2008 R2.

That is definitely twisting my melon.

Just to demonstrate my confusion

root at zent1:~# samba-tool domain level raise --domain-level=2003_R2
Usage: samba-tool domain level (show|raise <options>) [options]

samba-tool domain level: error: option --domain-level: invalid choice: '2003_R2' (choose from '2003', '2008', '2008_R2')

Maybe I am being dumb:-

A 2003 server is a 2003 server; rfc2307 is the schema in SFU (Services for Linux) http://www.microsoft.com/en-gb/download/details.aspx?id=274
A 2003R2 server is not a 2003 server as it has a modified SFU already installed.
Same goes for a 2008 and 2008R2.

When you include the directive --use-rfc2307 on provision the schema used should match the one of the lowest function level.
Just banging on the 2008R2 schema means that the documentation should say if you want to use --use-rfc2307 then the server will be 2008R2.

Also with the domain provision and domain level raise tools what does 2003 mean?
Is that 2003 or 2003R2 and why is one missing?

Its probably me being cataclysmically dumb as it does happen often but could someone explain this slowly to me?

Please as I am struggling a bit to get my head round this as Samba4 might as well be 2008R2 only in the documentation?

 
 
-----Original message-----
> From:samba-request at lists.samba.org <samba-request at lists.samba.org>
> Sent: Wednesday 16th July 2014 19:00
> To: samba at lists.samba.org
> Subject: samba Digest, Vol 139, Issue 20
> 
> Send samba mailing list submissions to
> 	samba at lists.samba.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://lists.samba.org/mailman/listinfo/samba
> or, via email, send a message with subject or body 'help' to
> 	samba-request at lists.samba.org
> 
> You can reach the person managing the list at
> 	samba-owner at lists.samba.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of samba digest..."
> Today's Topics:
> 
>    1. Re: samba4 replication issues | sam.ldb inconsistency
>       (Marc Muehlfeld)
>    2. Re: samba4 replication issues | sam.ldb inconsistency
>       (heupink, mourik jan c)
>    3. Re: samba4 replication issues | sam.ldb inconsistency
>       (Marc Muehlfeld)
>    4. Replication and DNS issue (Donaldson Jeff)
>    5. Win7 pro trust relationship failed (Dave Beach)
>    6. Changing ownership of files on Windows (net rpc rights?)
>       (John Hixson)
>    7. smbd's using up 100% of all cpu's and load avg slowly going
>       up (Sabuj Pattanayek)
>    8. Re: smbd's using up 100% of all cpu's and load avg slowly
>       going	up (Ray Van Dolson)
>    9. samba4 replication issue : outbound neighbour (zhia chandra)
>   10. Re: samba4 replication issues | sam.ldb inconsistency
>       (mourik jan heupink - merit)
>   11. Re: samba4 replication issues | sam.ldb inconsistency
>       (mourik jan heupink - merit)
>   12. Re: samba4 replication issues | sam.ldb inconsistency
>       (mourik jan heupink - merit)
>   13. Re: samba4 replication issues | sam.ldb inconsistency
>       (Marc Muehlfeld)
>   14. Samba4 as DC, idmapping with different backend? (George)
>   15. FW: Samba4 and A-record file shares (Josh Bishir)
>   16. DFS queries via rpcclient to Windows 2012 Server fails
>       (Sangster, Mark)
>   17. W7 and Roaming Profiles on two different PDC
>       (Rechtsanwalt A. Winzer)
>   18. Linux Client authentication (Mike Hamam)
>   19. Fwd: samba4 joining issue to windows 2012 domain (????? ???????)
>   20. DFS queries via rpcclient to Windows 2012 Server fails
>       (Sangster, Mark)
>   21. Samba4 and Linux Client (Mike Hamam)
>   22. Re: chown destroys ACLs (Harry Jede)
>   23. Re: FW: Samba4 and A-record file shares (Daniel M?ller)
>   24. net ads join fails in Ubuntu 14.04 in AWS (Alex Slynko)
>   25. Re: Linux Client authentication (Rowland Penny)
>   26. Re: Replication and DNS issue (steve)
>   27. Re: Changing ownership of files on Windows (net rpc rights?)
>       (steve)
>   28. Re: Samba4 as DC, idmapping with different backend? (steve)
>   29. Re: Linux Client authentication (steve)
>   30. Re: Samba4 and Linux Client (steve)
>   31. Re: Possible winbind bugs. (steve)
>   32. Re: Win7 pro trust relationship failed (Dave Beach)
>   33. Re: smbd's using up 100% of all cpu's and load avg slowly
>       going up (Sabuj Pattanayek)
>   34. Re: net ads join fails in Ubuntu 14.04 in AWS (Stefan Kania)
>   35. Re: smbd's using up 100% of all cpu's and load avg slowly
>       going up (Sabuj Pattanayek)
>   36. Re: smbd's using up 100% of all cpu's and load avg slowly
>       going up (Sabuj Pattanayek)
>   37. preauthentication failure (Vaughn Clinton)
>   38. Re: smbd's using up 100% of all cpu's and load avg slowly
>       going up (Ray Van Dolson)
>   39. how to reset home directory ACLs? (Lorenzo Faleschini)
>   40. Re: smbd's using up 100% of all cpu's and load avg slowly
>       going up (Sabuj Pattanayek)
> _______________________________________________
> samba mailing list
> samba at lists.samba.org
> https://lists.samba.org/mailman/listinfo/samba
> 


More information about the samba mailing list