samba - Jul 2017 - DNS troubles while manual upgrading Samba3 to Samba4?

Hi, guys.

I have DC on Samba 3.6. working for years so far.
Now it`s time to go forward, as it can`t provide enough security and 
flexibility.
But reading Wiki on classicupgrade I see that there could be hell of 
problems, and anyway I`m bit scared of doing that at once. Even though I 
have more than 200 boxes I`d rather prefer to set up
Samba 4 AD DC on separate server, set up new domain and then step by 
step, department by department join boxes to the new domain. (does it 
sound too crazy?)

But there is a major problem with DNS as I can see it: I`ll have to set 
up my new DC as a DNS server
for my new domain. But I have DHCP + dynDNS now, so let`s presume that 
during this period when I have 2 domains
one box in new domain gets an address from DHCP server, which DNS it 
should say "I`m XXX" to? It seems that I`ll have to have boxes with
two different names (pc.domain1 / pc.domain2) but it`s impossible.
Is there a/the step-by-step solution? Or is it the only one - just to 
jump into classicupgrade?

yours truly,

Konstantin.

On Mon, 3 Jul 2017 14:49:09 +0300
Воронин К.В. via samba <samba at lists.samba.org> wrote:
> Hi, guys.
> 
> I have DC on Samba 3.6. working for years so far.
> Now it`s time to go forward, as it can`t provide enough security and 
> flexibility.
> But reading Wiki on classicupgrade I see that there could be hell of 
> problems, and anyway I`m bit scared of doing that at once. Even
> though I have more than 200 boxes I`d rather prefer to set up
> Samba 4 AD DC on separate server, set up new domain and then step by 
> step, department by department join boxes to the new domain. (does it 
> sound too crazy?)
Sounds very sane to me ;-)
It will allow you to fix some of the past errors that Samba allowed,
things like giving 'Domain Users' the group ID of '513' for
instance.
> 
> But there is a major problem with DNS as I can see it: I`ll have to
> set up my new DC as a DNS server
> for my new domain. But I have DHCP + dynDNS now, so let`s presume
> that during this period when I have 2 domains
> one box in new domain gets an address from DHCP server, which DNS it 
> should say "I`m XXX" to? It seems that I`ll have to have boxes
with
> two different names (pc.domain1 / pc.domain2) but it`s impossible.
> Is there a/the step-by-step solution? Or is it the only one - just to 
> jump into classicupgrade?
You should be able to work around this, but first you should understand
that if you have a registered domain, you should use a subdomain of
this for your AD domain e.g. if your registered domain is
'example.com', you should use something like 'samba.example.com'
I would use two different different IP ranges to try and get around
your dhcp problems, one thing you should be aware of, once your clients
connect to the AD DC, they will never go back to a PDC.

Rowland