[Samba] Upgrade old infrastructure running 4.3 (and 4.13)

L.P.H. van Belle belle at bazuin.nl
Wed Sep 1 12:50:50 UTC 2021 

Hai, 

What you can try is, 
Login on 4.13 server and Seize the roles

samba-tool fsmo seize -h
Usage: samba-tool fsmo seize [options]

Options:
  -h, --help            show this help message and exit
  -H URL, --URL=URL     LDB URL for database or target server
  --force               Force seizing of role without attempting to transfer.
  --role=ROLE           The FSMO role to seize or transfer.
                        rid=RidAllocationMasterRole  schema=SchemaMasterRole
                        pdc=PdcEmulationMasterRole
                        naming=DomainNamingMasterRole
                        infrastructure=InfrastructureMasterRole
                        domaindns=DomainDnsZonesMasterRole
                        forestdns=ForestDnsZonesMasterRole  all=all of the
                        above  You must provide an Admin user and password.

But beware, there is one big pitfall you MUST take account off. 
Some older samba version gave wrong timestamps in the DNS entries. 
Check this first. 

Because if you enable scaveging, you might loose important DNS entries. 
Which is why i cant use scaveging, untill i've manually fixed all records.

See : https://bugzilla.samba.org/show_bug.cgi?id=12451 

Its pretty easy to see if you have this problem. 
Lookup all you server DNS entries, do they show a timestamps or "static" 
Or, like i use lots of CNAME entries.. You can see it on these also.
My latest CNAME entries are showing static now, but the old once are with timestaps. 

So, small warning here on that point. 
Simple to avoid, just dont enable scaveging.. 

The source of this problem is fixed, just, not the old record in the DNS, 
i use bind9_dlz with it, i dont know if its also in samba internal DNS. 
But i thought it was seen there also.

> I'm going to: 
> * upgrade the OS, which will take Samba to 4.7
I assum your now on bionic. 

These repo's can be used to upgrade more up. 
bionic-samba49
bionic-samba410 ( after this one, stop ) 

Here you have 2 choices again. 
1) upgrade the OS to Ubuntu Focal Fossa and use its samba 4.11.6
2) upgrade to bionic-samba411 ( this was the last bionic version on my repo.  4.11.12  ) 

I upgraded myself to  Ubuntu Focal Fossa then installed focal-samba412 and upgraded untill where we are now. 

Once your on Fossa, you can upgrade again. My Repo has for fossa: 

focal-samba412
focal-samba413
focal-samba414

> * run db check
I recommend it after every upgrade. 

> * install 4.14
> * run db check

I hope this helps you out. 

Greetz, 

Louis



> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Lorenzo Milesi via samba
> Verzonden: woensdag 1 september 2021 13:19
> Aan: samba
> Onderwerp: [Samba] Upgrade old infrastructure running 4.3 (and 4.13)
> 
> Hi. 
> I've a hybrid installation with a master DC running Ubuntu 
> 16.04's "stock" 4.3 Samba, and a second DC running 4.13. 
> Currently FSMO roles are on the 4.3 as it was the first 
> server, and I cannot transfer them to the 4.13 as there are 
> schema differences [1].
> We're finally going to upgrade unmantained Ubuntu and Samba.
> From what I could understand by reading the upgrade guides 
> I'm going to: 
> * upgrade the OS, which will take Samba to 4.7
> * run db check
> * install 4.14
> * run db check
> 
> Is this correct or should I take other steps?
> 
> Thanks
> 
> 
> [1] ERROR: Failed to add role 'domaindns': LDAP error 16 
> LDAP_NO_SUCH_ATTRIBUTE -  <attribute 'fSMORoleOwner': no 
> matching attribute value while deleting attribute on 
> 'CN=Infrastructure,DC=DomainDnsZones,DC=contoso,DC=lan'> <>
> -- 
> Lorenzo Milesi - lorenzo.milesi at yetopen.com 
> CTO @ YetOpen Srl
> 
> YetOpen - https://www.yetopen.com/
> 
> Via Salerno 18 - 23900 Lecco - ITALY -      | 4801 Glenwood 
> Avenue - Suite 200 - Raleigh, NC 27612 - USA -
> Tel +39 0341 220 205 - info.it at yetopen.com  | Phone +1 
> 919-817-8106 - info.us at yetopen.com
> 
> Think green - Non stampare questa e-mail se non necessario / 
> Don't print this email unless necessary
> 
> -------- D.Lgs. 196/2003 e GDPR 679/2016 --------
> Tutte le informazioni contenute in questo messaggio sono 
> riservate ed a uso esclusivo del destinatario.
> Tutte le informazioni ivi contenute, compresi eventuali 
> allegati, sono da ritenere confidenziali e riservate secondo i termini
> del vigente D.Lgs. 196/2003 in materia di privacy e del 
> Regolamento europeo 679/2016 - GDPR - e quindi ne e' proibita 
> l'utilizzazione ulteriore non autorizzata.
> Nel caso in cui questo messaggio Le fosse pervenuto per 
> errore, La invitiamo ad eliminarlo senza copiarlo, stamparlo, 
> a non inoltrarlo a terzi e ad avvertirci non appena possibile.
> Grazie.
> 
> Confidentiality notice: this email message including any 
> attachment is for the sole use of the intended recipient and 
> may contain confidential and privileged information;
> pursuant to Legislative Decree 196/2003 and the European 
> General Data Protection Regulation 679/2016 - GDPR - any 
> unauthorized review, use, disclosure or distribution
> is prohibited. If you are not the intended recepient please 
> delete this message without copying, printing or forwarding 
> it to others, and alert us as soon as possible.
> Thank you.
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
>

More information about the samba mailing list