On 07/05/2020 15:57, Marcio Merlone via samba wrote:> Hi,
>
> I am trying to add a Windows server 2008 R2 as a DC on my domain
> running Samba 4.12.1 on Debian Buster. It fails complaining about
> incompatible domain level.
>
> root at sambadc:~/bin# samba-tool domain level show
> Domain and forest function level for domain 'DC=example,DC=tld'
>
> Forest function level: (Windows) 2008 R2
> Domain function level: (Windows) 2008 R2
> Lowest function level of a DC: (Windows) 2008 R2
> root at sambadc:~/bin#
>
> Google and this list archive did not help, any hint?
>
Never tried this (yet), but I think it is all down to the schema version
and function level, see here:
https://wiki.samba.org/index.php/AD_Schema_Version_Support
https://wiki.samba.org/index.php/Joining_a_Windows_Server_2012_/_2012_R2_DC_to_a_Samba_AD
And the two bugs mentioned in the last link:
https://bugzilla.samba.org/show_bug.cgi?id=13618
https://bugzilla.samba.org/show_bug.cgi?id=13619
I think that you will need to ensure you have schema version 69 and
forest and domain function levels 2012R2 before you will have any chance
of it working. Be aware that this is all guess work, so you might want
to clone one of your DC's and test joining to that.
Rowland