On Mon, 27 Nov 2023 15:24:06 +1300 Andrew Bartlett via samba <samba at lists.samba.org> wrote:> On Sun, 2023-11-26 at 21:03 -0500, James Johnson via samba wrote: > > Hello! > > I've encountered a CentOS 6.10 server running Samba 4.1.0 compiled > > fromsource running as a Domain Controller in a small office. It's > > being usedfor some basic AD functionality and sharing folders to a > > half dozen Windowsdesktops on the local network and everything seems > > to be running fine. I'dlike to modernize that setup with Ubuntu > > 22.04 LTS running the latest andgreatest Samba 4.19.X from repo but > > I'm not sure what the least terribleoption is in my case. > > - Backup and Upgrade Samba 4.1.0 to whatever the latest is that I > > can on CentOS 6.10, join the Ubuntu server as a DC with that Samba > > same version, demote/retire the CentOS server then upgrade Samba > > on Ubuntu to the latest and greatest? > > This might work. It would at least get you an in-place upgrade for > some of the distance, but will be a pile of work and the server won't > operate in the meantime, and you might just end up with no running > server. > > > - Backup CentOS Samba 4.1.0 files, setup Ubuntu server with Samba > > 4.1 from repo, restore CentOS Samba 4.1.0 files to new Ubuntu > > Samba 4.1.0 server and then upgrade to latest Samba? Basically > > would be recovering it there like a DR exercise with the Ubuntu > > server having the same name, same IP, etc? > > This is difficult to get correct. I wouldn't recommend it. > > > - Create everything new on the Ubuntu server w/ a new Domain and > > join all the workstations there? > > If this isn't a horrible process there are advantages to this, as all > the changes Samba has made to the default domain will apply. > > > - Other less terrible options that could work? > > Just install your new server, join and transfer roles. There is a > very good chance this will still 'just work'. > But regardless, for all options other than a rebuild, you will want to > upgrade schema and functional level prep. Lots of things to do once > you upgrade, but upgrading is the best first step. > Andrew Bartlett-- > Andrew Bartlett (he/him) https://samba.org/~abartlet/ > Samba Team Member (since 2001) https://samba.org > Samba Team Lead https://catalyst.net.nz/services/samba > Catalyst.Net Ltd > > > Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group > company > > Samba Development and Support: https://catalyst.net.nz/services/samba > > Catalyst IT - Expert Open Source Solutions > > >From what I can see, there is one DC running on Centos 6 with Samba 4.1.0, there are only 6 clients. This is what I would do and it will probably be the quickest way: Set up a new DC on Debian 12, using Samba from backports, this will get you a very recent version of Samba. Create your users and groups in the new AD Domain. On the clients, leave the domain and then join the new domain. Demote the old DC and then turn into a Unix domain member, sort out the permissions on the data you have stored on it (I get the feeling that you are using the old DC as a fileserver as well). Create yet another Samba machine and join this as another DC (one DC is a bad idea, two or more is good). Any questions ? Rowland
Thanks to you both for your ideas and input. I get the feeling that doing a new domain with the latest and greatest may be the overall best way forward even if there's some short term inconvenience with users' machines and settings. I'm going to spin up a Debian 12 instance and play around with this in my lab and see what I can figure out. Hopefully, I'll be able to report some (relatively painless?) good news in the next few weeks. Thank you! Jim On Mon, Nov 27, 2023 at 5:39?AM Rowland Penny via samba < samba at lists.samba.org> wrote:> On Mon, 27 Nov 2023 15:24:06 +1300 > Andrew Bartlett via samba <samba at lists.samba.org> wrote: > > > On Sun, 2023-11-26 at 21:03 -0500, James Johnson via samba wrote: > > > Hello! > > > I've encountered a CentOS 6.10 server running Samba 4.1.0 compiled > > > fromsource running as a Domain Controller in a small office. It's > > > being usedfor some basic AD functionality and sharing folders to a > > > half dozen Windowsdesktops on the local network and everything seems > > > to be running fine. I'dlike to modernize that setup with Ubuntu > > > 22.04 LTS running the latest andgreatest Samba 4.19.X from repo but > > > I'm not sure what the least terribleoption is in my case. > > > - Backup and Upgrade Samba 4.1.0 to whatever the latest is that I > > > can on CentOS 6.10, join the Ubuntu server as a DC with that Samba > > > same version, demote/retire the CentOS server then upgrade Samba > > > on Ubuntu to the latest and greatest? > > > > This might work. It would at least get you an in-place upgrade for > > some of the distance, but will be a pile of work and the server won't > > operate in the meantime, and you might just end up with no running > > server. > > > > > - Backup CentOS Samba 4.1.0 files, setup Ubuntu server with Samba > > > 4.1 from repo, restore CentOS Samba 4.1.0 files to new Ubuntu > > > Samba 4.1.0 server and then upgrade to latest Samba? Basically > > > would be recovering it there like a DR exercise with the Ubuntu > > > server having the same name, same IP, etc? > > > > This is difficult to get correct. I wouldn't recommend it. > > > > > - Create everything new on the Ubuntu server w/ a new Domain and > > > join all the workstations there? > > > > If this isn't a horrible process there are advantages to this, as all > > the changes Samba has made to the default domain will apply. > > > > > - Other less terrible options that could work? > > > > Just install your new server, join and transfer roles. There is a > > very good chance this will still 'just work'. > > But regardless, for all options other than a rebuild, you will want to > > upgrade schema and functional level prep. Lots of things to do once > > you upgrade, but upgrading is the best first step. > > Andrew Bartlett-- > > Andrew Bartlett (he/him) https://samba.org/~abartlet/ > > Samba Team Member (since 2001) https://samba.org > > Samba Team Lead https://catalyst.net.nz/services/samba > > Catalyst.Net Ltd > > > > > > Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group > > company > > > > Samba Development and Support: https://catalyst.net.nz/services/samba > > > > Catalyst IT - Expert Open Source Solutions > > > > > > > > From what I can see, there is one DC running on Centos 6 with Samba > 4.1.0, there are only 6 clients. > > This is what I would do and it will probably be the quickest way: > > Set up a new DC on Debian 12, using Samba from backports, this will get > you a very recent version of Samba. > > Create your users and groups in the new AD Domain. > > On the clients, leave the domain and then join the new domain. > > Demote the old DC and then turn into a Unix domain member, sort out the > permissions on the data you have stored on it (I get the feeling that > you are using the old DC as a fileserver as well). > > Create yet another Samba machine and join this as another DC (one DC is > a bad idea, two or more is good). > > Any questions ? > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On Mon, 2023-11-27 at 10:38 +0000, Rowland Penny via samba wrote:> From what I can see, there is one DC running on Centos 6 with > Samba4.1.0, there are only 6 clients. > This is what I would do and it will probably be the quickest way: > Set up a new DC on Debian 12, using Samba from backports, this will > getyou a very recent version of Samba. > Create your users and groups in the new AD Domain. > On the clients, leave the domain and then join the new domain. > Demote the old DC and then turn into a Unix domain member, sort out > thepermissions on the data you have stored on it (I get the feeling > thatyou are using the old DC as a fileserver as well). > Create yet another Samba machine and join this as another DC (one DC > isa bad idea, two or more is good). > Any questions ?Thanks Rowland, I strongly agree this is the best approach at such a small scale. -- Andrew Bartlett (he/him) https://samba.org/~abartlet/ Samba Team Member (since 2001) https://samba.org Samba Team Lead https://catalyst.net.nz/services/samba Catalyst.Net Ltd Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group company Samba Development and Support: https://catalyst.net.nz/services/samba Catalyst IT - Expert Open Source Solutions