[Samba] Questions about samba upgrade

Rowland penny rpenny at samba.org
Thu Sep 12 10:38:50 UTC 2019 

On 12/09/2019 10:13, Trenta sis via samba wrote:
> Hi,
>
> I'm making tests to migrate our actual 4.4.5 to a latest versions and
> add a second dc.
>
> I have added a second dc with 4.10.7 and seems to work fine, now I
> have 4.4.5 with fsmo roles and a second dn with 4.10.7, but reading
> wiki https://wiki.samba.org/index.php/Upgrading_a_Samba_AD_DC seems
> that since latest days some changes about steps to upgrade, now seems
> that is recommended to us in-place for 4.4.5
>
> ----
> Update one Samba AD DC that does not hold any flexible single master
> operations (FSMO) role, or else the DC with the least roles.
>
> For upgrading to a new release, most users should simply follow the
> 'in-place upgrade' steps above.
> Advanced users upgrading to a new major release may want to consider
> using the 'DC rejoin' steps below.
>
>
> Joining a DC to domain can be a troublesome process for some users,
> and it can be difficult to recover your DC if something goes wrong.
> Only consider using this approach if you are an advanced Samba user,
> and are running a modern Samba installation (i.e. v4.7 release or
> later, with a minimum 2008R2 base schema). Only use this approach for
> major Samba version upgrades (e.g. v4.10 to v4.11).
> ---
>
> But also appears that is best to use join:
> Rejoining the upgraded DC has some benefits for your AD database over
> in-place upgrades.  --> What are these benefit?
>
> Anybody can give detail about advantages and disadvantages about two methods?
> what is the recommended in my case, 4.4.5, 1 dc and I need to migrate
> to 2 dc, both with 4.10.7
>
>
> Also I like to have an alternatives option/backup in caise of failure,
> can I do a snapshot of 4.4.5 samba server with samba stopped, before
> migrate and join new servers,... and in caise of any error revert to
> this snapshot? All machines and users will work If I have to revert to
> this previious state? I understand that new users/machines added after
> machine will be lost
>
> Thanks!
>
Hi, you seem to have wandered into a discussion that the Samba team 
members have been having about which is the best way to upgrade Samba ;-)

Whilst I understand that re-joining has it benefits, I have never 
updated this way, I just use apt-get and have never had any problems.

 From the problems posted on this list, I think a lot of them have been 
caused by jumping multiple versions at once i.e. trying to go from 4.5.x 
to 4.9.x I think the best way is to 'walk' up the versions, 4.5.x -> 
4.7.x -> 4.8.x -> 4.9.x The only probable way to do this is by the 
re-join method.

The main cause of having to jump multiple versions of Samba is that the 
distro's only seem to change the Samba version when they change the 
distro version and even then, they don't seem to use the latest Samba 
version. I would suggest getting to the latest version of Samba and then 
upgrade on a regular basis. This will probably mean finding and using an 
external repo for Samba e.g. Louis's for Debian/Ubuntu 18.04

Rowland

More information about the samba mailing list