Sysvol replication

Kev Latimer klatimer at tolent.co.uk
Tue Apr 24 01:53:48 MDT 2012 

Thanks for the script (and apologies for the delay in the thanks!), your 
bash is definitely better than mine but I'll put it to use and see if 
there's anything I can do to improve or expand on it.  I like your 
approach and it might be a good fit for me (I don't have a huge domain 
and a limited number of admins).  Thinking aloud, I may do a 
mix-and-match, perhaps using NFS on intra-site DC's and rsync 
"beachhead" DC's into the remote staging directory to keep the number of 
potentially unique sysvol entries to a minimum.

Thaks for your reply Matthieu, much appreciated.

On 19/04/2012 18:22, Matthieu Patou wrote:
> Hello Kev,
>
> On 04/19/2012 04:07 AM, Kev Latimer wrote:
>> Just wondering what the current best practice is for sysvol 
>> replication across Samba4 DC's?
>>
> So my recommendation is to use rsync and csync, with a staging directory.
>
> What I do is that on a given DC I rsync all other DC sysvol in the 
> staging directory, and then from the staging to the real sysvol 
> directory with csync.
>
> The reason for using rsync is that it copies the file and the exended 
> attributes and that very important as Samba DC stores NTACLs in 
> extended attribute (mostly), but in my tries it was not doing a great 
> job doing the 2 way sync and keeping the "latest version" of the file.
> I found csync being quite good at this, that why the sync between the 
> staging and the live directory is done with csync.
>
>> If there is no best practice, what do other people do to ensure 
>> sysvol is replicated properly across their samba DC's?
>>
>> My first thought was a cron'ed rsync, but I'm not sure how that would 
>> deal with the xattr's when it made it to the other DC's and there is 
>> always the potential for it to be out of date should it be updated on 
>> multiple GPO's.
>>
>> From the other end of the spectrum, I thought about designating one 
>> DC (the first DC in the domain) to have the "master" sysvol and 
>> exporting it via. NFS but again, not sure how this would get along 
>> with xattr.
>>
>> What does everyone else do?  I've done a little googling but the 
>> limited useful results I've found have generally been from a number 
>> of years ago and figure with the fast-moving target that is Samba4, 
>> it might be good to get an up-to-date set of ideas on this.
>>
> I have a script but it definitely need rewrite to make it really 
> useful, I don't have time to work on this right now I just attached a 
> cleaned version that should work if you adapt the paths.
>
> This script has still a massive issue that it expect UID and GID to be 
> the same which is not always the case, I think it's possible to 
> overcome the issue but it hasn't been done so far.
>
> Matthieu.
>


-- 
Kev

More information about the samba-technical mailing list