1) Samba as ADC to existing Windows 2012R2 Domain with functional level 2012R2
2) Windows 2012R2 server as ADC to existing Samba Domain with functional level 2012R2
It would be nice to have this before Windows 2008R2 reaches EOL (January 14, 2020)
Another option would be to stop using Windows Server altogether... But I'm wondering how this would impact other Microsoft products that use AD (example: SCCM).
Hello, would it be possible to get an update on the status of this bug please?
The status update is that this is a substantial feature that would need commercial funding via a Samba commercial support provider to progress with any pace.
The first blocking step is the upgrade to Heimdal, which is in turn blocked by the need for better tests, so we don't regress as we change the underlying library for our KDC.
The current testsuite is too intimate with the Heimdal code and so fails horribly when we upgrade, we need to have a testsuite written independently.
This testing is being started, we know how important it is, thanks to some great effort by metze to build the underlying infrastructure (a python based testsuite built on pyasn1 and raw cryptograph). It has thankfully also been pushed on a little further thanks to some commercial funding provided to my team at Catalyst by a client.
But that would only be a start, even after upgrading Heimdal we would need to implement the "claims" feature to our KDC, and do some other small things to honestly claim to be a 2012 DC.
Thankfully Windows 2012 can join a down-level domain, just not at FL 2012, provided the schema is updated, which we can do.
*** Bug 13618 has been marked as a duplicate of this bug. ***