I have a particular AD domain which, due to hardware- and OS-related issues, is still at version 4.8.12. It is finally possible to upgrade the system. If I add a new version 4.19 DC to the domain, will it replicate correctly from version 4.8.12, or will I need to upgrade in phases, from major version to major version? The current DCs would then be removed from the domain and scrapped. Any tips, in particular those coming from direct experience with a similar situation, would be much appreciated.
11.10.2023 12:04, miguel medalha via samba :> I have a particular AD domain which, due to hardware- and OS-related issues, > is still at version 4.8.12. > > It is finally possible to upgrade the system. If I add a new version 4.19 DC > to the domain, will it replicate correctly from version 4.8.12, or will I > need to upgrade in phases, from major version to major version?It should just work. I can't say it will, for this particular combination, but generally it works fine. You can try to join and see. There should be nothing bad happening to the existing DCs. Personally I'm a bit cautious to use a .0 version (4.19.0 is a first release of 4.19 ever, and 4.19.1 does not count as it is an un-planned security-only bugfix release), but this might be just me. In the past first releases in the next series did have issues. /mjt> The current DCs would then be removed from the domain and scrapped. > > Any tips, in particular those coming from direct experience with a similar > situation, would be much appreciated. > > >
On Wed, 2023-10-11 at 10:04 +0100, miguel medalha via samba wrote:> I have a particular AD domain which, due to hardware- and OS-related issues, > is still at version 4.8.12. > > It is finally possible to upgrade the system. If I add a new version 4.19 DC > to the domain, will it replicate correctly from version 4.8.12, or will I > need to upgrade in phases, from major version to major version? > > The current DCs would then be removed from the domain and scrapped. > > Any tips, in particular those coming from direct experience with a similar > situation, would be much appreciated.It should be OK. ?Use samba-tool ldapcmp to check you got everything correctly replicated, but it should work fine. We have logic to detect and work around some of the problem combinations and even did work to upgrade Samba 4.4 domains recently.? Andrew Bartlett -- Andrew Bartlett (he/him) https://samba.org/~abartlet/ Samba Team Member (since 2001) https://samba.org Samba Developer, Catalyst IT https://catalyst.net.nz/services/samba