[Samba] Is it possible to lower the domain and forest functional level

Christophe Borivant cborivant at devinlec.com
Tue Feb 13 11:45:15 UTC 2018 

I've found a solution. The samba ldap was missing 2 information to allow a windows 2008 R2 to join the domain as a secondary controller.
Those informations were :
CN=ActiveDirectoryUpdate,CN=ForestUpdates,cn=configuration,dc=yourdomain,dc=local with the attribute revision set to 5
and
CN=ActiveDirectoryUpdate,CN=DomainUpdates,CN=System,dc=yourdomain,dc=local with the attribute revision set to 5

But now dcpromo fails replicating CN=Configuration,DC=mydomain,DC=com.
dcpromo.log shows "-1507 JET_errColumnNotFound, No such column"

---------------------------------------------
Christophe Borivant
Responsable d'exploitation informatique
+33 5 62 20 71 71 (Poste 503)

Devinlec - Groupe Leclerc
--------------------------------------------

----- Mail original -----
De: "Christophe BORIVANT" <cborivant at devinlec.com>
À: "Christophe BORIVANT" <cborivant at devinlec.com>
Envoyé: Mardi 13 Février 2018 10:51:50
Objet: Re: [Samba] Is it possible to lower the domain and forest functional level

Sorry I mean adprep instead of dcpromo. 2008 keeps asking for adprep when trying to promote it.

---------------------------------------------
Christophe Borivant
Responsable d'exploitation informatique
+33 5 62 20 71 71 (Poste 503)

Devinlec - Groupe Leclerc
--------------------------------------------

----- Mail original -----
De: "samba" <samba at lists.samba.org>
À: "samba" <samba at lists.samba.org>
Envoyé: Mardi 13 Février 2018 10:38:16
Objet: [Samba] Is it possible to lower the domain and forest functional level

Hello all,

We have a samba 4 domain controller.
The domain controller was at first a secondary domain controller.
We joined it to a domain were the first controller was a windows 2003 server.
Then we have transfer the fsmo roles to the linux controller and demote the 2003 server.
I then ran all the ldf files from the 2008 R2 dcpromo and raised the functional levels.
Now we need to go back to windows domain controller because we need to use sharepoint.
Joining a Windows 2008 R2 controller does not work ( it keeps asking for dcpromo ).
So I would like to try to join a Windows 2003 but I can't because of the functionnal levels.
So is there a way to lower the domain and forest functional level ?

---------------------------------------------
Christophe Borivant
Responsable d'exploitation informatique
+33 5 62 20 71 71 (Poste 503)

Devinlec - Groupe Leclerc
--------------------------------------------

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list