Hi I wonder if anyone can help. I am trying to upgrade the schema version. Current environment: Two domain controllers both running samba 4.7.6 - Ubuntu package Version: objectVersion: 44 (server 2008) According to samba docs, 'samba-tool domain schemaupgrade' only works from 2008 R2 version 47. For earlier it says: 'the ldf files must be manually sourced from the Windows adprep tool and run with the --ldf-file= option' Any recommendations / suggestions on how to do that? Right now there's no windows DC on the network. Thank you
> Em 9 de set de 2019, ?(s) 11:39, Max Serafini via samba <samba at lists.samba.org> escreveu: > > Hi > > I wonder if anyone can help. > > I am trying to upgrade the schema version. Current environment: > > Two domain controllers both running samba 4.7.6 - Ubuntu package > > Version: objectVersion: 44 (server 2008) > > According to samba docs, 'samba-tool domain schemaupgrade' only works from > 2008 R2 version 47. For earlier it says: 'the ldf files must be manually > sourced from the Windows adprep tool and run with the --ldf-file= option' > > Any recommendations / suggestions on how to do that? Right now there's no > windows DC on the network.Hi Max! Not a schema expert by any definition and not sure what you?re trying to add/modify, but I do it using .ldif files with ldb-tools ('apt install ldb-tools' if you don?t have it): ldbadd -H /var/lib/samba/private/sam.ldb [filename].ldif --option="dsdb:schema update allowed"=true ldbmodify -H /var/lib/samba/private/sam.ldb mod [filename].ldif --option="dsdb:schema update allowed?=true I strongly recommend you test this on a same spec fresh/test DC before applying on production and mandatory ?you should upgrade your samba? since 4.7 is EOL. :) Hope it helps. Andr??.
Not sure if this reply got anywhere.
Hi Andre
Thanks for your suggestion.
I thought the only way to upgrade was to use adpred form a Windows box.
I'll definitely give it a go.
It would be nice to upgrade but that's the version that ships with 18.04
lts. The convenience of using a package manager.
-----Original Message-----
From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of Andre
Kirchhoff via samba
Sent: Tuesday, September 10, 2019 10:35 AM
To: samba at lists.samba.org
Subject: Re: [Samba] AD Schema Upgrade
Hi Max!
Not a schema expert by any definition and not sure what you?re trying to
add/modify, but I do it using .ldif files with ldb-tools ('apt install
ldb-tools' if you don?t have it):
ldbadd -H /var/lib/samba/private/sam.ldb
[filename].ldif --option="dsdb:schema update allowed"=true ldbmodify
-H
/var/lib/samba/private/sam.ldb mod [filename].ldif --option="dsdb:schema
update allowed?=true
I strongly recommend you test this on a same spec fresh/test DC before
applying on production and mandatory ?you should upgrade your samba? since
4.7 is EOL. :)
Hope it helps.
Andr??.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Possibly Parallel Threads
- Was not found in the schema 'msDS-SupportedEncryptionTypes'
- Was not found in the schema 'msDS-SupportedEncryptionTypes'
- Was not found in the schema 'msDS-SupportedEncryptionTypes'
- Was not found in the schema 'msDS-SupportedEncryptionTypes'
- AD Schema Upgrade