[Samba] Domain function levels and extending ad scheme
Marc Muehlfeld
mmuehlfeld at samba.org
Tue Feb 3 10:32:45 MST 2015
Hello Tim,
Am 03.02.2015 um 16:25 schrieb Tim:
> for now I am using Win2003 functional level of my domain.
>
> I just wanted to ask if I raise the level to 2008_R2 will the scheme be extended
> like this article says?
> https://technet.microsoft.com/en-us/library/dd446680%28v=ws.10%29.aspx
Samba is shipped with schema version 47 (Server 2008 R2):
# ldbsearch -H /usr/local/samba/private/sam.ldb -b
CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=com -s base objectVersion
# record 1
dn: CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=com
objectVersion: 47
# returned 1 records
# 1 entries
# 0 referrals
Even if you are at a lower forest level, the schema can already be
newer. In a Windows AD, you can also do an 'adprep' on Windows and lift
your schema to a newer version, but don't raise the forest level.
Just one more note: Samba currently only support schema version 47.
Newer AD schemas are not supported (yet) and if tried to install anyway,
it will break your AD.
Regards,
Marc
More information about the samba
mailing list