[Samba] Must Samba4 AD be provisionned with rfc2307 to use winbind ?
steve
steve at steve-ss.com
Fri Jul 18 04:13:17 MDT 2014
On Fri, 2014-07-18 at 01:38 +0100, Stuart Naylor wrote:
> Oh I think I must of misread what you and steve where discussing.
>
> What is confusing me is the output of samba-tool domain level show
>
> Forest function level: (Windows) 2003
> Domain function level: (Windows) 2003
> Lowest function level of a DC: (Windows) 2008 R2
>
> I thought it might of been because rfc2307 schema included was of 2008r2 ilk.
>
> Why does it always say the lowest function level is (Windows) 2008 R2
>
> I just tried samba-tool domain provision --domain=SAMBA4 --adminpass=Mysamba4 --dns-backend=SAMBA_INTERNAL --server-role=dc --function-level=2003 --use-xattr=yes --realm=SAMBA4.LAN
>
> The output is the same as above.
>
> Always Lowest function level of a DC: (Windows) 2008 R2
>
> Stuart
Hi Stuart
The answer to your thread question is, 'no'.
This is because the schema which is supplied for use with samba4 is the
same schema that the smaba team battled with microsoft to release back a
few years back. It was the 2008R2 schema which has full support for
rfc2307. The domain level have always puzzled me too, but we've alsways
been satisfied with. The rfc2307 provision simply adds the schema
extension for sfu which was mysteriously missing. All this does is to
activate the unix tab on ADUC. On Linux with samba-tool and ldbmodify,
you don't need it. But as it seems to do no harm, you may as well have
it anyway. I don't know how it slipped through in the first place
although I guess that m$ may have had something to do with it.
Cheers,
Steve
More information about the samba
mailing list