[Samba] Cannot raise the domain functional level to 2012_R2
Andrew Bartlett
abartlet at samba.org
Mon Nov 8 17:47:03 UTC 2021
On Mon, 2021-11-08 at 10:42 +0100, shacky via samba wrote:
>
> root at server-z1:~# samba-tool domain level raise --domain-
> level=2012_R2
>
> ldb_wrap open of secrets.ldb
>
> ERROR: Domain function level can't be higher than the lowest function
> level
>
> of a DC!
>
> ========================================================
>
>
>
> The same trying to do it using Active Directory Domains and Trusts.
>
>
>
> Could you help me to understand where I'm wrong, please?
>
>
>
> Thank you very much!
>
> Bye
I'm sorry, Samba still misses a number of features to be able to
legitimately claim functional level 2012 so while the options are
parsed, it will (correctly) be denied.
We continue to work on this. A task to implement 'FAST', an
improvement to Kerberos, by upgrading the embedded Heimdal has been
started will help, but is not the whole solution.
Sorry!
Andrew Bartlett
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba
Samba Development and Support, Catalyst IT - Expert Open Source
Solutions
More information about the samba
mailing list