Difference between revisions of "AD Schema Version Support"

(New documentation about how to determine the AD schema version)
 
(Add 2016 TP to schema version list)
Line 3: Line 3:
 
These are the official AD schema versions:
 
These are the official AD schema versions:
  
 +
82 = Windows Server 2016 Technical Preview
 
  69 = Windows Server 2012R2
 
  69 = Windows Server 2012R2
 
  56 = Windows Server 2012
 
  56 = Windows Server 2012

Revision as of 18:04, 17 January 2016

Official AD schema versions

These are the official AD schema versions:

82 = Windows Server 2016 Technical Preview
69 = Windows Server 2012R2
56 = Windows Server 2012
47 = Windows Server 2008R2
44 = Windows Server 2008
31 = Windows Server 2003R2
30 = Windows Server 2003
13 = Windows 2000

Seeing one of those schema version in your directory, only means that your AD forest is currently based on this schema version. It doesn't indicate if manual schema extension have been made.

Samba currently doesn't support all classes/attributes, MS introduced in schemas later than 47 (Windows Server 2008R2). If you're planning to have a Windows DC (not Member Server!) in your AD forest, this means, they can't be newer than Windows Server 2008R2! A newer server version requires to upgrade the schema, what makes the AD incompatible with Samba DCs!



Samba

samba-tool

Run the following command on your Samba DC, to determine the AD schema version:

# ldbsearch -H /usr/local/samba/private/sam.ldb -b 'cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com' -s base objectVersion
# record 1
dn: CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=com
objectVersion: 47

# returned 1 records
# 1 entries
# 0 referrals



Windows

dsquery

Run the following command on a Windows command line, to determine the AD schema version:

> dsquery * "cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com" -scope base -attr objectversion
objectversion
47


PowerShell

Run the following command on inside the Windows PowerShell, to determine the AD schema version:

> Get-ADObject (Get-ADRootDSE).schemaNamingContext -properties objectVersion
DistinguishedName : CN=Schema,CN=Configuration,DC=contoso,DC=com
Name              : Schema
ObjectClass       : dMD
ObjectGUID        : 92801cf6-f22d-4b7f-ba70-00af98790881
objectversion     : 47