[Samba] bind crashes after samba upgrade
Rowland Penny
rpenny at samba.org
Wed Dec 27 16:38:28 UTC 2023
On Wed, 27 Dec 2023 11:26:03 -0500
Sonic <sonicsmith at gmail.com> wrote:
> I did a test with a new Bookworm container and Debian's packaged Samba
> - v4.17 (I believe Debian's packages are now considered OK for
> production - please correct me if I'm wrong).
Perfectly okay, but even better would be to use Samba from
bookworm-backports.
> The DC join of the new 4.17 to the old 4.10 did appear successful -
> the typical "Joined domain <snip> as a DC" was produced. However I did
> revert back as I ran out of time (and energy) to do all the remaining
> housekeeping tasks. Plus I didn't specify the dns-backend or
> use-rfc2307.
You cannot specify '--use-rfc2307' on a DC join, only when you
provision a new domain.
>
> Some things that are not clear to me regarding the DC join of a much
> newer version to an older one:
> If dns-backend is not specified does it default to SAMBA_INTERNAL?
Yes
> Can the new DC use SAMBA_INTERNAL while the old uses BIND9_DLZ?
Yes
> Does the new joined DC use its native updated schema or is the schema
> identical to the old DC?
The schema is replicated from the existing DC.
> Is the "hot-backup of the /usr/local/samba/private/idmap.ldb"
> necessary if one is planning on removing the old DC as soon as the
> roles are transferred and it is demoted?
Yes, if you look in sysvol on a newly joined DC, it is virtually empty,
you must fully populate it by syncing from an existing DC, so you would
need the correct IDs on your new DC.
Rowland
More information about the samba
mailing list