AD Schema Version Support

From SambaWiki
Revision as of 18:04, 17 January 2016 by Mmuehlfeld (talk | contribs) (Add 2016 TP to schema version list)

Official AD schema versions

These are the official AD schema versions:

82 = Windows Server 2016 Technical Preview
69 = Windows Server 2012R2
56 = Windows Server 2012
47 = Windows Server 2008R2
44 = Windows Server 2008
31 = Windows Server 2003R2
30 = Windows Server 2003
13 = Windows 2000

Seeing one of those schema version in your directory, only means that your AD forest is currently based on this schema version. It doesn't indicate if manual schema extension have been made.

Samba currently doesn't support all classes/attributes, MS introduced in schemas later than 47 (Windows Server 2008R2). If you're planning to have a Windows DC (not Member Server!) in your AD forest, this means, they can't be newer than Windows Server 2008R2! A newer server version requires to upgrade the schema, what makes the AD incompatible with Samba DCs!



Run the following command on your Samba DC, to determine the AD schema version:

# ldbsearch -H /usr/local/samba/private/sam.ldb -b 'cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com' -s base objectVersion
# record 1
dn: CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=com
objectVersion: 47

# returned 1 records
# 1 entries
# 0 referrals



Run the following command on a Windows command line, to determine the AD schema version:

> dsquery * "cn=Schema,cn=Configuration,dc=samdom,dc=example,dc=com" -scope base -attr objectversion


Run the following command on inside the Windows PowerShell, to determine the AD schema version:

> Get-ADObject (Get-ADRootDSE).schemaNamingContext -properties objectVersion
DistinguishedName : CN=Schema,CN=Configuration,DC=contoso,DC=com
Name              : Schema
ObjectClass       : dMD
ObjectGUID        : 92801cf6-f22d-4b7f-ba70-00af98790881
objectversion     : 47