We have a forest whose schema master is a 2008R2 DC (AD schema version if 47). I'd like to install Identity Management for Unix, but it's unclear to me whether or not this updates the AD schema. The server I plan to run IDMU and its NIS Server on is a 2003 R2 SP2 DC. The somewhat fuzzy impression I got from reading technet, etc was that it still makes some schema updates even if your DC is 2003R2+. Do I need to do this installation on my schema master first? We don't have the need to run this IDMU/NIS Server stuff on any of our other DC's.
-
I know for certain that a schema update had to be done on our 2003 domain. But I am not sure about 2008.
A quick way to test would be to just check your schema to see if any of these classes/attributes are part of your schema. If they are not present then a schema update is in your future.
- posixAccount - http://msdn.microsoft.com/en-us/library/ms683907(VS.85).aspx
- unixUserPassword - http://msdn.microsoft.com/en-us/library/ms680522(VS.85).aspx
- unixHomeDirectory - http://msdn.microsoft.com/en-us/library/ms680522(VS.85).aspx
- loginShell - http://msdn.microsoft.com/en-us/library/ms676844(VS.85).aspx
I have checked on a test VM with a 2008r2 DC. The attributes are present in the schema. So if your schema is up to the 2008r2 level you probably don't need to do anything else.
sysadmin1138 : We're at 2008 and do not have the attributes.From Zoredache
0 comments:
Post a Comment