Windows 2012 Server compatibility: Difference between revisions
Line 36: | Line 36: | ||
== Domain controller == |
== Domain controller == |
||
=== Overview === |
|||
When considering the compatibility of domain controllers, there are least three different aspects that must be considered: |
When considering the compatibility of domain controllers, there are least three different aspects that must be considered: |
||
Line 44: | Line 46: | ||
* The domain (or forest) preparation level |
* The domain (or forest) preparation level |
||
On the Windows platform, all three of these are resolved by a tool called adprep.exe. In previous versions, this was run manually by administrators, but in newer versions, this is automatically run by domain controller promotion on Windows. Unfortunately, adprep itself and the newer methods they are invoking it are both incompatible with Samba. |
|||
=== Joining Windows as a domain controller in a Samba domain === |
=== Joining Windows as a domain controller in a Samba domain === |
Revision as of 03:46, 16 July 2019
Introduction
There are a number of different ways that Samba can be considered compatible with Windows and so this page attempts to try to explain some of them (and which ones might be regarded as important). A number of these details will obviously apply more generally to other Windows versions.
SMB protocol features
As Windows 2012 (and 2012 R2) ships with a particular version of SMB, clients which expect to negotiate a certain version may see differences between Windows and Samba. SMB allows for many optional features which are negotiated and servers generally support multiple versions of SMB for interoperability with different clients. This means that servers and clients will speak a wide variety of flavours of SMB, meaning interoperability issues with Samba are generally limited to individual applications and use-cases which have stricter requirements on their SMB connections (encryption and supported ciphers, resilient handles).
RPC server features
This is similar to SMB, many calls or structures have been deprecated over time. In many cases Samba does not implement every call, or has calls which do nothing. There may even be entire RPC pipes which are unimplemented, although their functionality is reproduced in some other way e.g. eventlog6 logging.
Active Directory
Domain member
Joining Windows as a domain member to a Samba domain
The process for this is described in the following page:
https://wiki.samba.org/index.php/Joining_a_Windows_Client_or_Server_to_a_Domain
This is generally expected to work without any special effort (compared to a Windows domain), with the supported versions listed here:
Joining Samba as a domain member to a Windows domain
The instructions for joining any Active Directory domain remain the same between a Windows AD and a Samba AD.
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
Domain controller
Overview
When considering the compatibility of domain controllers, there are least three different aspects that must be considered:
- The functional level
- The schema level
- The domain (or forest) preparation level
On the Windows platform, all three of these are resolved by a tool called adprep.exe. In previous versions, this was run manually by administrators, but in newer versions, this is automatically run by domain controller promotion on Windows. Unfortunately, adprep itself and the newer methods they are invoking it are both incompatible with Samba.