[Samba] Samba upgrade...v4.7.6->4.16.x

Thu Apr 21 23:57:11 UTC 2022

Quick follow-up.

I decided I'd rather keep the DCs and upgrade them in place. 
(Then I don't have to do a bunch of DNS clean-up, change names etc.)

As far as I can tell, upgrading to 20.04, installing Louis' repos and installing the latest Samba (4.15.6, not 4.16.x) worked fine.
samba-tool dbcheck --cross-ncs
and
samba-tool drs showrepl
both show that replication and the databases are good.

---
So, for anyone else in this position - here's how I did it.
(Again, these are VM's, so it's extra easy/quick grabbing backups/snapshots. Bare metal HW will be more difficult.)

Stop Samba
Get a baseline backup/snapshot. (This will save us if we need to go backward. I grabbed snaps at several points, just in case.)

Since Samba is handling all DNS, and I'm not using systemd's resolve - I add in a good DNS resolver in /etc.resolv.conf - so I can resolve DNS while doing updates while Samba's not handling DNS queries. (Don't forget to reverse this once you're done and are ready to restart Samba, at the far end.)

sudo systemctl stop samba-ad-dc
sudo systemctl disable samba-ad-dc

apt-get update
apt-get upgrade and restart - repeat as needed to get fully current.

do-release-upgrade

I kept all my config files - ntp.conf, smb.conf etc. (If you don't, you'll need to redo those configurations - so be careful to keep things straight here.)

(Oh, and in my case, I found I had apparmor installed after the distro upgrade. I didn't want AA, so I removed it. You might check that.)

Once the distro upgrade is done, I believe you'll have 4.13.x of Samba installed.
I don't want to use this, so I remove it.

apt-get remove samba samba-common samba-libs samba-dsdb-modules samba-vfs-modules (I don't have all those installed, but it gets rid of everything regardless.)

Install Louis VanBelle's repo. 
(I'll let you follow his instructions for that.)

apt-get install -t o=AptVanBelle 

apt-get update

Before I install, I make sure I'm getting the right Samba version from the repo...

apt-cache showpkg samba
(Make sure it's what you expect. If not, you may not have added the repo properly, or done an apt-get update.)

apt install samba winbind libnss-winbind libpam-winbind ntp krb5-user binutils ldb-tools smbclient libpam-krb5

testparm 
is good here - check that the smb.conf is what you expect, with no typos etc.

Fix/revert your resolve.conf - to remove non DC's from the list.

Then... (Again, this assumes you're running a DC only, not a member server.)
systemctl disable nmbd smbd winbind 
systemctl stop nmbd smbd winbind 
systemctl unmask samba-ad-dc
systemctl enable samba-ad-dc
systemctl start samba-ad-dc
systemctl status samba-ad-dc

Samba should be started.

samba-tool dbcheck --cross-ncs
samba-tool drs showrepl --summary

The DB check shouldn't find problems, and showrepl should show that replication is good too.
If either of those aren't right, you have some work to do to get everything in good working order.

[It's entirely possible I've got something wrong up there - but I'm pretty sure that's the steps I took and all seemed good.]