[Samba] sysvol replication via clustered/distributed file system

Michael Brown michael at netdirect.ca
Tue Feb 4 20:29:01 MST 2014 

‎Seconded. What I've done on the admittedly small setups so far (not the 1400 RODC deployment) is configure the active DFS owner as read-write and rsync over to the other DCs. And the other DCs have the sysvol share configured read-only.

DFS takes care of directing clients to the RW server should they need to write.

It's worked well so far, there's obviously not a lot of change in the share so a bit of manual intervention when ‎you need to write is acceptable.

M.

Sent from my BlackBerry 10 smartphone.
  Original Message  
From: Andrew Bartlett
Sent: Tuesday, February 4, 2014 21:29
To: Thoralf Schulze‎
Reply To: Andrew Bartlett
Cc: samba at lists.samba.org
Subject: Re: [Samba] sysvol replication via clustered/distributed file system

On Tue, 2014-02-04 at 12:38 +0100, Thoralf Schulze wrote:
> hi there,
> 
> the samba wiki currently recommends using rsync to achieve sysvol
> replication in an ad dc setup with more than one dc.
> 
> this seems a bit kludgy to me … using some sort of a distributed file
> system would probably be a more elegant solution. while researching
> this, i came across a few threads on this list, but unfortunately none
> of them provides a definite answer to which setup works to what extend
> and what is to be avoided.
> 
> i guess that the following preconditions have to be met (please correct
> me if i'm wrong):
> * posix acls have to be supported on the fs level
> * during writes, files must be transparently locked on the fs layer
> * read- and write-operations on the shared file system should be
> non-blocking, even if a node/brick is temporarily not available or goes
> down during reads/writes
> 
> glusterfs, lustre and even drbd with something appropriate on top might
> be feasible options … it would be really great if we could share some
> experiences here.

The issue is that using a cluster file system with Samba requires CTDB
to be able to do it safely, and CTDB and the AD DC are incompatible, so
this isn't a useful way forward.

What we need is for someone with a lot of time and talent to step up and
take on the DFS-R work. We have some progress here, but much more needs
to be done. 

Sorry,

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba




-- 
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba

More information about the samba mailing list