On 26/08/2019 06:06, Andrew Bartlett via samba wrote:> On Mon, 2019-08-26 at 06:54 +0200, gizmo via samba wrote: >> And (re)joining is not recommended ? > We do recommend it: > https://wiki.samba.org/index.php/Upgrading_a_Samba_AD_DC > >> There are so many services and computers connected to the samba server, which are not in my hand. >> Means after I upgraded all our 5 ADs I would have to inform many people about the new name and IP. > The identifier that Rowland is worried about in terms of replication > behaviour is actually the invocationID, and we do not re-use that. > This is actually a problem if this kind of re-join is done > often/automated, as objects in AD keep a list of every DC that every > existed on them! > > But for practical, humans scale operations it is fine. We delete all > the other objects involved (server objects, DC objects etc). If > something isn't being cleaned up then that's a bug, a rejoin with the > same name is normal in Samba. > > I trust this clarifies things, > > Andrew Bartlett >The problem is, if you try to join a DC with the same name as before, it doesn't work. You need to demote the existing DC and then remove ALL mention of it from AD, this isn't a Samba thing, it is an AD thing. From the numerous problems that have been posted on this list about trying to rejoin a D with an existing name, the fix is obvious, always use a new name. Rowland
It is interesting to see two members of the Samba Team disagree. Though I really appreciate the support provided by Rowland a lot, I definitely favor Andrew?s "If something isn't being cleaned up then that's a bug". Best Regards, Joachim -----Urspr?ngliche Nachricht----- Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Rowland penny via samba Gesendet: Monday, 26 August 2019 14:19 An: Andrew Bartlett <abartlet at samba.org> Cc: samba at lists.samba.org Betreff: Re: [Samba] Upgrading samba and OS - can I rejoin ? On 26/08/2019 06:06, Andrew Bartlett via samba wrote:> On Mon, 2019-08-26 at 06:54 +0200, gizmo via samba wrote: >> And (re)joining is not recommended ? > We do recommend it: > https://wiki.samba.org/index.php/Upgrading_a_Samba_AD_DC > >> There are so many services and computers connected to the samba server, which are not in my hand. >> Means after I upgraded all our 5 ADs I would have to inform many people about the new name and IP. > The identifier that Rowland is worried about in terms of replication > behaviour is actually the invocationID, and we do not re-use that. > This is actually a problem if this kind of re-join is done > often/automated, as objects in AD keep a list of every DC that every > existed on them! > > But for practical, humans scale operations it is fine. We delete all > the other objects involved (server objects, DC objects etc). If > something isn't being cleaned up then that's a bug, a rejoin with the > same name is normal in Samba. > > I trust this clarifies things, > > Andrew Bartlett >The problem is, if you try to join a DC with the same name as before, it doesn't work. You need to demote the existing DC and then remove ALL mention of it from AD, this isn't a Samba thing, it is an AD thing. From the numerous problems that have been posted on this list about trying to rejoin a D with an existing name, the fix is obvious, always use a new name. Rowland -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
On 26/08/2019 13:44, Joachim Lindenberg wrote:> It is interesting to see two members of the Samba Team disagree.Just because we are on the same team, this doesn't mean we will agree 100% of the time ;-)> Though I really appreciate the support provided by Rowland a lot, I definitely favor Andrew?s "If something isn't being cleaned up then that's a bug".I never said it wasn't a bug, yes, you should be able to rejoin a DC with the same name, but the standard advice on Windows seems to be 'use a new name'. If you are going to re-use a DC name, then you need to demote the old DC entirely. The only problem is that the old DCs info will still be in deleted objects. Rowland