samba - Jan 2023 - Upgrading from Samba 4.8.2 to 4.15.5

I wrote earlier about setting the domain user password minimum to > 14
characters. It was advised that my first step should be to upgrade from Samba
4.8.2 to the most recent version available which for my Slackware 15.0 distro is
4.15.5. This also involved a distro upgrade from Slackware 14.2 to 15.0. 

After upgrading, just for the heck of it, I tried starting Samba without
changing my 4.8.2 configs.  Of course, that didn't work.  My initial error
(of
several) in syslog was:

Jan 28 00:42:52 mail krb5kdc[2725]: Cannot open DB2 database
'/var/kerberos/krb5kdc/principal': No such file or directory - while
initializing database for realm MYDOM.LOCAL

At that point I decided to read the Wiki:
https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller#Introduction

Under "Only Applicable if Samba was Previously Installed", it is
telling me to
deleted all my carefully crafted config files and looks like it's going to
lead
me through the steps of re-provisioning.

Before taking that step I thought I'd ask if I really need to do that? Can I
not
just install krb5, etc. and get there step-wise without redoing especially my
/var/lib/samba/private/ named.conf and dns/ files, and re-provisioning?

Thanks --Mark

On 28/01/2023 06:44, Mark Foley via samba wrote:
> I wrote earlier about setting the domain user password minimum to > 14
> characters. It was advised that my first step should be to upgrade from
Samba
> 4.8.2 to the most recent version available which for my Slackware 15.0
distro is
> 4.15.5. This also involved a distro upgrade from Slackware 14.2 to 15.0.
> 
> After upgrading, just for the heck of it, I tried starting Samba without
> changing my 4.8.2 configs.  Of course, that didn't work.  My initial
error (of
> several) in syslog was:
> 
> Jan 28 00:42:52 mail krb5kdc[2725]: Cannot open DB2 database
'/var/kerberos/krb5kdc/principal': No such file or directory - while
initializing database for realm MYDOM.LOCAL
That looks like you also installed a MIT kerberos server as well, a 
Samba domain usually uses the Heimdal kerberos server it comes with.
> 
> At that point I decided to read the Wiki:
https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller#Introduction
> 
> Under "Only Applicable if Samba was Previously Installed", it is
telling me to
> deleted all my carefully crafted config files and looks like it's going
to lead
> me through the steps of re-provisioning.
> 
> Before taking that step I thought I'd ask if I really need to do that?
Can I not
> just install krb5, etc. and get there step-wise without redoing especially
my
> /var/lib/samba/private/ named.conf and dns/ files, and re-provisioning?
> 
> Thanks --Mark
> 
That wiki page is indeed for setting up a new domain, to join another 
DC, you need this page:

https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory

But before you do anything, I would check if you are running a separate 
kdc and if you are, stop and remove it.
I do hope you are doing this on a different machine to your existing DC.

Rowland