[Samba] Various Samba AD questions

Rowland penny rpenny at samba.org
Tue Feb 9 20:02:38 UTC 2021 

On 09/02/2021 19:26, Anders Östling wrote:
>
> Thanks, I will study those scripts and config files. Do you have any 
> adivice for running a redundant DHCP server? Maybe it’s enough to have 
> the second server dormant and start it if needed, and just ensure that 
> the config is replicated. What about the leases? I can’t see any 
> obvious reason to sync them, can you?


Failover (lower part of the page)


>     Yes and you cannot remove the netbios name.
>
>
> As I thought then. What is the reason for displaying it differently on 
> a DC vs a regular domain member?


I have no idea, seems it was thought to be a good idea when the DC code 
was first written, you also cannot get rfc2307 unixhomedirectory and 
loginshell attributes on a DC, but you can on a Unix domain member.


>     The only really recent documentation is what is written in the Samba
>
>     wiki (and if anyone notices an error or omission, please report it).
>
>     Your best option, as you seem to have found out, is to ask
>     questions here.
>
>
>
> ..and the wiki is very useful indeed! The only thing I have had some 
> issues with (and I understand the rationale behind) is that most file 
> paths and other details assumes  “build your  Samba from source”. 
> Again, having distro-specific info would be certainly too much work to 
> maintain.


You hit the nail on the head there.


>
>
> FINAL question for today; if I upgrade Samba AD DC from 4.9.5 with 
> Louis repo to 4.12 (for example), can I do that in one step or is it 
> advisable to upgrade incrementally? Also, will that mean that Samba 
> FS/domain members also need to be upgraded to the same version?


The latest Samba is always the best and I can see no reason why you 
cannot upgrade your Unix domain members in one jump. Your DC's might be 
a bit different, there are two schools of thought here, Just upgrade in 
place (but this has risks, it could destroy your domain, thought it 
unlikely) or set up another DC with the latest Samba and join this to 
the domain, the demote the old DC, this will be safer, but requires more 
resources.

>
> Thanks Rowland (and community) for excellent support and 
> communication! Something to be proud of!
>

Rowland

More information about the samba mailing list