Additional Domain and Directory Replication

Thu Feb 11 03:37:34 MST 2010

Please ignore the previous mail there was some confusion about the 
"sysvol replication"

Sorry for the inconvenience

On 2/11/2010 3:36 PM, Rohit Rajan wrote:
> More words on this the sysvol GPO are replicating without rsync, i 
> just mimic the permissions from the win2k3 server on to the samba4 AD 
> sysvol and they are working fine, but again the challange is that this 
> only works when both the domain controllers are running in a single 
> command and not in daemon mode.
>
>
> On 2/11/2010 3:13 PM, Rohit Rajan wrote:
>> Hi,
>>
>> More update on this, i started monitoring logs and see some strange 
>> thing, i can see all the replication is working fine but the moment i 
>> make any changes to any of the server Eg: password change or moving 
>> user to different ou or making changes to GPO the replication failed 
>> with the error
>>
>> dreplsrv_notify: Failed to send DsReplicaSync to 
>> d31f3b1a-adac-4c12-b9ef-342add7a5d65._msdcs.xxx.com for DC=xxx,DC=com 
>> - NT_STATUS_NET_WRITE_FAULT
>>
>> but when i kill samba and run it in "samba -i -M single -d4" i can 
>> see every thing goes fine all the changes replicated and now i can 
>> start samba with samba -D options and every thing is fine.
>>
>>
>>
>> On 2/10/2010 4:51 PM, Andrew Bartlett wrote:
>>> On Wed, 2010-02-10 at 16:41 +0530, Rohit Rajan wrote:
>>>> Hi All,
>>>>
>>>> Today i have configured 2 servers  Samba("4.0.0alpha12-GIT-580f955")
>>>> first i tried to configure the replication and it didn't work with the
>>>> normal configure script, later on i decided to do a 
>>>> configure.developer
>>>> and then configured the Directory replication, as off now no 
>>>> errors, and
>>>> everything is going fine except the Group policies do not 
>>>> replicatea and
>>>> the shares i have created in smb.conf.
>>> It's very odd that 'configure.developer' makes it work.  We need to 
>>> look
>>> into this.
>>>
>>>> both the above mentioned changes i have made after the domains are
>>>> vampired successfully
>>>>
>>>> Means i have configured samba domain, vmapired them, checked the
>>>> replication and then i went and created the new GPO on a new OU, i can
>>>> see lots of activity going in the logs, once i started making 
>>>> changes to
>>>> the GPO or created, but in the end the directory "Policies" is not
>>>> replicated to the 2nd domain.
>>> Correct.  Samba4 does not address the issue of filesystem replication
>>> for the netlogon share.  This can be done manually with rsync for now,
>>> until we implement the required protocolss.
>>>
>>>> Also if i click on the check box of Global Catalog of the 2nd DC, from
>>>> the "Active Directory Sites and Services" would it become GC, 
>>>> because by
>>>> default its not check for the 2nd DC
>>> It may well - at startup, we check the directory to see if we should
>>> listen on the GC port.  We serve the same content on both ports (it's a
>>> kludge...)
>>>
>>>> Also if someone can through a light on DNS configuration for the
>>>> additional domain controller. so that the winxp machines on then 
>>>> network
>>>> can find it in the absence of the 1st DC would be great
>>> See scripting/devel for some scripts to assist with this, until we get
>>> more of the DNS stuff working and automated.
>>>
>>> Andrew Bartlett
>>>
>>
>> This message may contain confidential, proprietary or legally 
>> privileged information. In case you are not the original intended 
>> recipient of the message, you must not, directly or indirectly, use, 
>> disclose, distribute, print, or copy any part of this message and you 
>> are requested to delete it and inform the sender.
>> Any views expressed in this message are those of the individual 
>> sender unless otherwise stated. Nothing contained in this message 
>> shall be construed as an offer or acceptance of any offer by 
>> "Catalyst Business Partners" or any of its subsidiaries unless sent 
>> with that express intent and with due authority of Catalyst Business 
>> Partners.
>> Catalyst Business Partners has taken sufficient measures and 
>> precautions to prevent the spread of viruses. However the company 
>> accepts no liability for any damage caused by any virus transmitted 
>> by this email.
>>
>
> This message may contain confidential, proprietary or legally 
> privileged information. In case you are not the original intended 
> recipient of the message, you must not, directly or indirectly, use, 
> disclose, distribute, print, or copy any part of this message and you 
> are requested to delete it and inform the sender.
> Any views expressed in this message are those of the individual sender 
> unless otherwise stated. Nothing contained in this message shall be 
> construed as an offer or acceptance of any offer by "Catalyst Business 
> Partners" or any of its subsidiaries unless sent with that express 
> intent and with due authority of Catalyst Business Partners.
> Catalyst Business Partners has taken sufficient measures and 
> precautions to prevent the spread of viruses. However the company 
> accepts no liability for any damage caused by any virus transmitted by 
> this email.
>

This message may contain confidential, proprietary or legally privileged information. In case you are not the original intended recipient of the message, you must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message and you are requested to delete it and inform the sender. 

Any views expressed in this message are those of the individual sender unless otherwise stated. Nothing contained in this message shall be construed as an offer or acceptance of any offer by "Catalyst Business Partners" or any of its subsidiaries unless sent with that express intent and with due authority of Catalyst Business Partners. 

Catalyst Business Partners has taken sufficient measures and precautions to prevent the spread of viruses. However the company accepts no liability for any damage caused by any virus transmitted by this email.