[Samba] Migrate and Update (Samba 4.1 ADDC to Samba Latest Version on different Server).

Rowland Penny rpenny at samba.org
Thu Aug 19 16:38:22 UTC 2021 

On Thu, 2021-08-19 at 12:14 -0300, Juan Ignacio wrote:
> Hello friends, I have not asked anything around here for a long time.
> But the time has come ... I must update the samba 4.1 server that I
> have in production for 8 years.

Samba is such fast moving, that I wouldn't recommend leaving it so long
between updates 
> 
> Sorry Rowland for send the email to you i dont know if the samba list
> is getting my emails.

Seemingly it is.

> 
>  Unfortunately I can't turn off the server or shut it down for a
> while because I have several things that depend on it so I built a VM
> with the latest version of Debian that is already ready to compile
> and install the latest version of Samba.

I think you may have to find time.

> 
> I started by reading the following info. 
> https://wiki.samba.org/index.php/Updating_Samba#The_Update_Process
>  
> https://wiki.samba.org/index.php/Back_up_and_Restoring_a_Samba_AD_DC#So_which_backup_should_I_use.3F
> 
> But I realized that the backups of my server are made with the
> information from the following script. 
> https://wiki.samba.org/index.php/Using_the_samba_backup_script

That is the old bash script and I wouldn't depend on it, there was
never a restore script for one thing.

> 
> When I started to move the backups to the new server in the VM I read
> the following and did not know how to continue. "Very important
> notes: Never do a restore and a version change at the same time!
> Always restore on a system using the same Samba version as the one
> you created the backup on! Always Restore on a system with the same
> IP and Hostname. Otherwise you will run into Kerberos and DNS issues.
> Recommended: Restore on the same OS as you created the backup on. The
> most important thing in a restore situation is to bring your system
> back to a running state. Once everything is up and tested, you can
> then do any required changes.”
> 
> “Never try to make changes together with a restore! “
> 
> Then I realized that I couldn't do what I was doing.
> 
> I would like to know what is the best way to do what I want without
> messing it up too much or without affecting my current configuration.
> 
> Some important information. 
> Old Server: Machine Server. 
> OS: Debian 3.2.63-2 + deb7u1 

That doesn't look right, 3.6.23 looks like a version of Samba, but
deb7u1 means 'Wheezy' to me.

> Samba V: Version 4.1.0 
> Samba Provision: Samba AD DC. 
> State: Production 
> Backups: samba-backup script. 
> Members DC: 3 
> Using Samba Ldap for Web Apps authentications. 
> Using Wbind
> Users: Around 1000 
> 
> 
> New Server: VM Server. 
> OS: Debian 10.10
> 
> Samba V: Version 4.16 Latest Version Samba

Do you mean 4.14.6 , 4.16 isn't even a twinkle in the Samba developers
eyes yet :-D

> 
> Provision needed: Samba AD DC. 
> State: Inactive, Testing Phase, RDY Backups. 
> Backups: VM backups if required. 
> Member DC: 3 
> Using Samba Ldap for Web Apps authentications. 
> Using Wbind 
> 
> Users: Around 1000 
> 
> Any help on how to start the process I appreciate. 

To be honest, I would add a new DC based on Debian wheezy, Once this is
running correctly, distro upgrade to stretch, then distro upgrade to
buster (provided you can get the iso's and it works). If you get this
far and everything is working correctly, transfer the FSMO roles to the
new DC. Then repeat for the other DC's.

You can then use Louis's repo: https://apt.van-belle.nl/

This will get you to the latest Samba version.

Once you have upgraded, I suggest you do it more often, the difference
between 4.1.x and 4.14.x is huge.

Rowland

More information about the samba mailing list