Re: [Samba] AD DCs Upgrade

On Mon, 5 Mar 2018 10:39:53 +0000
Paul Littlefield via samba <samba@xxxxxxxxxxxxxxx> wrote:

> I am planning to upgrade the DCs using the join and promote method.
> List of DCs
> -----------
> 1) SAMBA1
> 2) SAMBA2
> 3) DC1
> 4) DC2
> Currently SAMBA1 is the PDC and SAMBA2 is the "SDC" and are in sync

No, SAMBA1 is a DC and SAMBA2 is another DC.

> with replication and rsync sysvol. DCs SAMBA1 and SAMBA2 are 4.1 git
> releases with AD Schema version 47.
> My plan to get to AD Schema version 69 was...
> 0. Add entries to the DHCP Server for the 2 new DCs for DNS.

Er no, your DCs shouldn't be getting their IP via DHCP, they should
have a fixed IP.

> 1. Demote SAMBA2 and shut down computer.

Why ? You could do this once the new DCs are up and running.

> 2. Join DC1 (Samba 4.7) to the domain and check replication.

This should work.

> 3. Promote and Seize FSMO roles on DC1 to be PDC.

You should try to transfer the FSMO roles first and this will not make
it the PDC, it will just make it the DC with all the FSMO roles, a PDC
is something else entirely.

> 4. Demote SAMBA1 (already done?) and shut down computer.

If you want to remove SAMBA1, you will need to demote it, it will not
be done automatically.

> 5. Join DC2 (Samba 4.7) to the domain and check replication.
> 6. Check all computers for correct DNS etc etc etc.

I would only demote and remove the two old DCs once the two new ones
are working correctly. You will also need to sync sysvol between the
old and new DCs

Finally, you will still be using schema version 47


