[Freeipa-users] Cannot create users on platform migration: sambaSID failure

Hi, I'm trying to upgrade an ancient master replica (the CA master) running FreeIPA 4.5 on CentOS 7.4. Upgrading the freeipa packages in-place (in a cloned VM) caused numerous problems so I'm trying to create a new master replica on a fresh Fedora 39, using the "Migrating to different platform or OS" procedure described on https://www.freeipa.org/page/Howto/Migration At first sight the new replica appears to work, but user creation fails, both on the web and command-line, with: ipa user-add --first=Testy --last=McTestface teste123 ipa: ERROR: missing attribute "sambaSID" required by object class "sambaSamAccount" Web searches seem to suggest this is due to a missing DNA plugin that should autogenerate the sambaSIDs, but I failed to find a guide on how to enable that plugin with current IPA (4.11). Should it be enabled automatically? Unless it's used for something internal to IPA I don't think we actually are even using AD integration or SMB shares, so removing Samba support altogether would also be an option, but I don't know what's the safe way of doing that to the schema either. Thanks for your help!