[Samba] Upgrade

L.P.H. van Belle belle at bazuin.nl
Tue Sep 28 10:16:40 UTC 2021 

 

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Gregory Sloop via samba
> Verzonden: dinsdag 28 september 2021 0:22
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] Upgrade
> 
> 
> Ok, to start - I PROMISE not to even *THINK* of sssd. 
> (Oh, dang...I already did. Oops.)
> <I kid, I kid...>
>  
> Ok, more seriously. 
> Louis, Rowland, et al.
>  
> I've got a couple of AD controllers which have hummed along 
> just fine, not doing a lot of anything the last year or two.
> We're probably going to use them more, going forward, and I 
> should probably move off of Ubuntu 18LTS to 20.
>  
> Upgrading the AD itself (apt-get disto-upgrade or whatever it 
> is) to 20 seems to have caused quite a few people issues, so 
> I think the consensus was that simply building a new AD 
> controller/member and adding it was the "safest" & "best" 
> route. And, since these are all VM machines anyway, that 
> route works fine for me.

Good possible and always good to do a clean install so now and then
but, upgrading should not be a problem, my servers are now buster and bullseye,
I upgraded them since wheezy.

>  
> However, the only messy thing is that these AD's were named, 
> AD1 and AD2. Now if I build another pair, we'll have AD3 and AD4.
> In another few years, we'll be AD37 and AD38 or something. :) 
> Ok, I exaggerate a bit.

That is fine, Greory, let look at this.. 
AD1.some.domain.tld, now, this is the "real" computer name. But your 
Ad-dc also runs DNS, NTP maybe dhcp. 
So CNAME NTP1 => AD1 
	   DNS1 => AD1
Etc etc.
Setup everything you with hostnames so you use these aliases. 
CNAMES is key plus A and PTR records for these servers. 

>  
> But is there a nice way to keep the naming more simple? Or do 
> I just learn to name them by year or something - so these 
> will be AD2021-1 and AD2021-2? (That's so ugly.)
> Suggestions?

Have a read here. And yes, i really really advice everyone to read this one. 
https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/naming-conventions-for-computer-domain-site-ou 


Best tip i can give is use Aliasses where you can, everything i publish to the pc's are ALIASSES (CNAMES)
By doing that, i can very simple move my data from server to server ( while everyone is working ).. 
And when im done moving stuff, i just change the alias and point to the new server when people arent working.

My hostnames are bases on few simply things.. For example. 
AD-DC's  Location-hostnameNR   NY-AD1.ADDOM.DOMAIN.TLD 	
Members  Location-MEM-FUNCTION-NR   NY-MEM-PROXY1.ADDOM.DOMAIN.TLD also alias for GW1.  (gateway1) 

A bit like that. 
Only thing you have to look out for is make user the correct UPN/SPN's are set where needed. 
Most stuff WILL correctly work with only the default keytab file after a domain join. 

I hope it helped you a bit. 


Greetz, 

Louis

More information about the samba mailing list