[Samba] Notes on Samba at FL 2012 and FL 2016 (was: Re: Fwd: Re: Can't join AD (Fabio Fantoni))

Andrew Bartlett abartlet at samba.org
Thu May 23 20:50:51 UTC 2024 

Samba 4.20 now implements FL 2012 except for Group Managed Service
Accounts. 
With the limitation that some features around PKINIT "Key trust" (see
Windows Hello for Buisness, which would require something like ADFS
anyway), PKINIT key expiry, Samba 4.20 also has a credible
implementation of the FL 2016. 
The last two of these will be in Samba 4.21.
So mostly even for the more recent FLs, it is matter of some features
will be entirely absent, but as long as you know that we do the higher
FLs now.
(But that is also why I have not bumped the default FL). 
Andrew Bartlett
On Thu, 2024-05-23 at 16:25 +0000, Darin via samba wrote:
> Hello Fabio,
> The problem is that Samba does not support the joining of a
> newerWindows server. It has a functional level of 2008_R2 which in
> myexperience is to low for Windows Server 2022 to support as a
> domaincontroller. Furthermore, I would advise against having a mix of
> WindowsServers DC's and Samba DC's as you might encounter issues.
> What is youruse case and is this production critical?
> I was able to join a Windows server 2022 to a Samba domain by bumping
> upthe functional level. Samba has support for higher functional
> levels asof 4.19 but they are very much a work in progress and should
> not be usedin a production environment. I have a guide here:
> https://lemmy.sdf.org/post/16554156 [1]
> Keep in mind that there will be dragons. Samba should only be used at
> a2008_R2 functional level in production.
> Good luck,
> Darin
> > I can't find the mistake causing the problem ... maybe you do.A
> > Windows 2022 Server can't join the AD.
-- 
Andrew Bartlett (he/him)       https://samba.org/~abartlet/Samba Team Member (since 2001) https://samba.orgSamba Team Lead                https://catalyst.net.nz/services/sambaCatalyst.Net Ltd
Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group
company
Samba Development and Support: https://catalyst.net.nz/services/samba
Catalyst IT - Expert Open Source Solutions

More information about the samba mailing list