Samba AD schema extensions

Schema extension in Samba 4

Samba 4 supports same kind of schema extensions as Microsoft Active Directory. Generally speaking schema update in AD is a sensitive action and you must be prepared to restore the DC holding the role of schema master if something goes wrong.

This is even more true in Samba 4 not always generate some critical attributes, that are generated on Microsoft AD, this lack of attribute could lead to a unstartable samba provision. That's why currently schema updates in Samba 4 are disabled by default.

In order to allow them, the option dsdb:schema update allowed has to be set to true in the smb.conf or passed on the command line.

cat automount_template.ldif | sed 's/DOMAIN_TOP_DN/DC=s4,DC=samba,DC=home,DC=matws,DC=net/'