I used the DC rejoin method as described in the WiKi to upgrade one of my DCs to version 4.11.0. Following the steps, when I came to rejoin the domain, it initially failed, complaining that the DC already existed, but to force the rejoin, remove the files: secrets.ldb and secrets.tdb. I assume you don't demote the DC before the upgrade, as there's no mention of this? Anyway, I removed (actually renamed to .bak) those files and also smb.conf and repeated the rejoin command. This time it succeeded and after correcting errors with samba-tool dbcheck for the new join all looks OK. Does the WikI need updating or did I miss something? Thanks, Roy
On 18/09/2019 12:34, Roy Eastwood via samba wrote:> I used the DC rejoin method as described in the WiKi to upgrade one of my DCs to version 4.11.0. Following the steps, when I came > to rejoin the domain, it initially failed, complaining that the DC already existed, but to force the rejoin, remove the files: > secrets.ldb and secrets.tdb. I assume you don't demote the DC before the upgrade, as there's no mention of this? Anyway, I > removed (actually renamed to .bak) those files and also smb.conf and repeated the rejoin command. This time it succeeded and > after correcting errors with samba-tool dbcheck for the new join all looks OK.You cannot join something that AD still thinks is joined, that is why I think that calling it a rejoin is a misnomer. You need to demote the DC, clean up the Samba directories, upgrade Samba and then join it as a DC again. All you would retain is the hostname and IP.> > Does the WikI need updating or did I miss something? >Yes, the wiki needs updating and no, you didn't miss anything. Rowland
On 18/09/2019 13:10, Rowland penny via samba wrote:> On 18/09/2019 12:34, Roy Eastwood via samba wrote: > > I used the DC rejoin method as described in the WiKi to upgrade one of my DCs to version 4.11.0. Following the steps, when Icame> > to rejoin the domain, it initially failed, complaining that the DC already existed, but to force the rejoin, remove the files: > > secrets.ldb and secrets.tdb. I assume you don't demote the DC before the upgrade, as there's no mention of this? Anyway, I > > removed (actually renamed to .bak) those files and also smb.conf and repeated the rejoin command. This time it succeeded and > > after correcting errors with samba-tool dbcheck for the new join all looks OK. > > You cannot join something that AD still thinks is joined, that is why I > think that calling it a rejoin is a misnomer. > > You need to demote the DC, clean up the Samba directories, upgrade Samba > and then join it as a DC again. All you would retain is the hostname and IP. > > > > > Does the WikI need updating or did I miss something? > > > Yes, the wiki needs updating and no, you didn't miss anything. > > RowlandThanks Rowland. Whilst what I did seems to have succeeded, do you think I should repeat the process as you describe - ie demote, clean up and join again? Roy