[Samba] upgrading DC 4.5.x to 4.7.x

[mj]

Hi,

On 12/02/2017 09:46 PM, Kacper Wirski via samba wrote:
> Do I understand correctly, You created new machine (or 
> removed/reinstalled samba completely), used IP/hostname of the previous 
> DC and just re-added as DC?
Yep, but some samba-tool database cleaning was required on the temp DC:
   dbcheck --crossncs --fix
  --remove-other-dead-server=dcX
  samba-tool domain tombstones expunge --tombstone-lifetime=1
and some more
   dbcheck --crossncs --fix
until everything is healthy.

> Also, did You have any issues after removing temporary DC? Some time ago 
> i had to remove one DC and I had some erros in --dbcheck --crossncs 
> later on?
No, removing the DC went fine.

> I might consider trying upgrade in separated environment, since my DC's 
> are also VM's, so no problem for me to clone and separate them.
Yep, just try it and let us know how it works out for you. I also liked 
the idea to having new lean freshly installed stretch DCs, instead of 
older upgraded wheezy installs. We also moved from internal dns to 
BIND9_DLZ in the process, btw.

> Some of You said about replication issues after straight upgrade. When 
> they occured, i.e. was it obvious error after drs -showrepl command, or 
> something that "sneaked up" upon You later on?
We experienced no 'hidden' replication issues, only the obvious ones 
(showrepl) where some DCs would not replicate with others, because of a 
variety or errors.

We also used samba-tool ldapcmp ldap://dcX ldap://dcX to make sure all 
data was in fact in sync on various DCs.

And since you're also on VMs, just give it a try and see where it gets 
you? Perhaps you can upgrade straight to 4.7, and you don't need the 
route we took? Easy enough to try out.

We had some misbehaviours in our AD to start with, and therefore did all 
the extra stuff. (with the temp DC etc)

MJ