02.12.2017 22:13, mj via samba пишет:

why not simply add new DCs to current production domain?
Because we were facing corruption issues on the 4.5 DCs, upgrading those to 4.7 didn't work out.

corruption/replication issues on 4.5 production servers between each 4.5 before try to upgrade?
I have an old 4.1 DCs with "internal dns inconsistent" status now.

 We tried, but faced replication issues, and
commands like samba-tool drs showrepl no longer showed any output, or python errrors and timeouts. Also fsmo transfer failed with timeout issues.

Ok, I understand, thanks for the clarification.

I'm thinking about way to upgrade too, but using "separated environment"
Just a different VLAN with only the DCs.

different VLAN, but with same addresses/network mask? without gateway with main network, ok.

After some practising and taking notes, I could do it in just a few hours for our three DCs. :-)

i.e. you can try free in diffrenet vlan for some time (restore, try, delete and next attempt), and, when ready, start replacing new copy of production domain? ok...


