AD Schema Version Support: Difference between revisions
From SambaWiki
Mmuehlfeld (talk | contribs) m (Mmuehlfeld moved page Determine the AD Schema Version to AD Schema Version Support) |
Mmuehlfeld (talk | contribs) (Rewrote documentation. Page clean up) |
||
| Line 1: | Line 1: | ||
= |
= AD Schema Versions = |
||
The official Active Directory (AD) schema versions: |
|||
{| class="wikitable" |
|||
82 = Windows Server 2016 Technical Preview |
|||
!Windows Server Version |
|||
!Directory Schema Version |
|||
| ⚫ | |||
|- |
|||
| ⚫ | |||
|Windows Server 2016 Technical Preview |
|||
|82 |
|||
| ⚫ | |||
|- |
|||
| ⚫ | |||
|Windows Server 2012R2 |
|||
| ⚫ | |||
|69 |
|||
|- |
|||
| ⚫ | |||
|56 |
|||
|- |
|||
| ⚫ | |||
|47 |
|||
|- |
|||
|Windows Server 2008 |
|||
|44 |
|||
|- |
|||
| ⚫ | |||
|31 |
|||
|- |
|||
| ⚫ | |||
|30 |
|||
|- |
|||
| ⚫ | |||
|13 |
|||
|} |
|||
Seeing one of those schema version in your directory, only means that your AD forest is currently based on this schema version. It doesn't indicate if manual [[Samba_AD_schema_extensions|schema extension]] have been made. |
|||
Samba currently doesn't support all classes/attributes, MS introduced in schemas later than 47 (Windows Server 2008R2). If you're planning to have a Windows DC (not Member Server!) in your AD forest, this means, they can't be newer than Windows Server 2008R2! A newer server version requires to upgrade the schema, what makes the AD incompatible with Samba DCs! |
|||
= Samba AD Schema Version Support = |
|||
Samba supports the following Active Directory schema versions: |
|||
{| class="wikitable" |
|||
= Samba = |
|||
!Samba Version |
|||
!Highest Supported Schema Version |
|||
|- |
|||
|4.0 - 4.4 |
|||
|47 |
|||
|} |
|||
== samba-tool == |
|||
Run the following command on your Samba DC, to determine the AD schema version: |
|||
= Determine the AD Schema Version on a Samba DC = |
|||
To determine the Active Directory (AD) schema version on a Samba domain controller (DC): |
|||
# ldbsearch -H /usr/local/samba/private/sam.ldb -b 'cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com' -s base objectVersion |
# ldbsearch -H /usr/local/samba/private/sam.ldb -b 'cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com' -s base objectVersion |
||
| Line 39: | Line 70: | ||
= Determine the AD Schema Version on a Windows Client or Server = |
|||
= Windows = |
|||
== dsquery == |
== dsquery == |
||
To determine the Active Directory (AD) schema version from the Windows command line: |
|||
Run the following command on a Windows command line, to determine the AD schema version: |
|||
> dsquery * "cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com" -scope base -attr objectversion |
> dsquery * "cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com" -scope base -attr objectversion |
||
| Line 53: | Line 84: | ||
== PowerShell == |
== PowerShell == |
||
To determine the Active Directory (AD) schema version from the Windows PowerShell: |
|||
> Get-ADObject (Get-ADRootDSE).schemaNamingContext -properties objectVersion |
> Get-ADObject (Get-ADRootDSE).schemaNamingContext -properties objectVersion |
||
Revision as of 19:10, 1 September 2016
AD Schema Versions
The official Active Directory (AD) schema versions:
| Windows Server Version | Directory Schema Version |
|---|---|
| Windows Server 2016 Technical Preview | 82 |
| Windows Server 2012R2 | 69 |
| Windows Server 2012 | 56 |
| Windows Server 2008R2 | 47 |
| Windows Server 2008 | 44 |
| Windows Server 2003R2 | 31 |
| Windows Server 2003 | 30 |
| Windows 2000 | 13 |
Samba AD Schema Version Support
Samba supports the following Active Directory schema versions:
| Samba Version | Highest Supported Schema Version |
|---|---|
| 4.0 - 4.4 | 47 |
Determine the AD Schema Version on a Samba DC
To determine the Active Directory (AD) schema version on a Samba domain controller (DC):
# ldbsearch -H /usr/local/samba/private/sam.ldb -b 'cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com' -s base objectVersion # record 1 dn: CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=com objectVersion: 47 # returned 1 records # 1 entries # 0 referrals
Determine the AD Schema Version on a Windows Client or Server
dsquery
To determine the Active Directory (AD) schema version from the Windows command line:
> dsquery * "cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com" -scope base -attr objectversion objectversion 47
PowerShell
To determine the Active Directory (AD) schema version from the Windows PowerShell:
> Get-ADObject (Get-ADRootDSE).schemaNamingContext -properties objectVersion DistinguishedName : CN=Schema,CN=Configuration,DC=contoso,DC=com Name : Schema ObjectClass : dMD ObjectGUID : 92801cf6-f22d-4b7f-ba70-00af98790881 objectversion : 47