[Samba] sysvol replication and posix uid / gid mapping

Henrik Langos hlangos-samba at innominate.com
Fri Jun 20 01:51:48 MDT 2014


I just found out the hard way that sysvol replication with rsync stoped 
working when I activated winbind (libnss-winbind actually) on my primary 

Originally I hadn't planed to activate winbind on the primary AD DC 
since that machine was not meant to provide any shares.
What I hadn't thought of was the fact that GPOs reside as files on the 
sysvol share and thus are subject to the same rules as any other files. 
Now I activated winbind and those files now belong to a non-numeric 
group and rsync complains.

Maybe a hint in that regard on 
https://wiki.samba.org/index.php/SysVol_Replication would be nice.

What is the best practice in regard to all those groups like "Domain 
Admins" "Printer Operators" and so on?
Should those get posix uid/gid numbers? Could somebody point me in the 
right direction?


More information about the samba mailing list