[Samba] sysvol replication and posix uid / gid mapping

L.P.H. van Belle belle at bazuin.nl
Fri Jun 20 01:58:36 MDT 2014


I suggest try my script or if you not on ubuntu/debian read the script and adapt it to your os.
Maybe this works for you with the winbind setup, i dont know but you can try it. 
Im using this now for about 1 month without problems, and i can change GPO settings on any DC now. 


Best regards, 


>-----Oorspronkelijk bericht-----
>Van: hlangos-samba at innominate.com 
>[mailto:samba-bounces at lists.samba.org] Namens Henrik Langos
>Verzonden: vrijdag 20 juni 2014 9:52
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] sysvol replication and posix uid / gid mapping
>I just found out the hard way that sysvol replication with 
>rsync stoped 
>working when I activated winbind (libnss-winbind actually) on 
>my primary 
>Originally I hadn't planed to activate winbind on the primary AD DC 
>since that machine was not meant to provide any shares.
>What I hadn't thought of was the fact that GPOs reside as files on the 
>sysvol share and thus are subject to the same rules as any 
>other files. 
>Now I activated winbind and those files now belong to a non-numeric 
>group and rsync complains.
>Maybe a hint in that regard on 
>https://wiki.samba.org/index.php/SysVol_Replication would be nice.
>What is the best practice in regard to all those groups like "Domain 
>Admins" "Printer Operators" and so on?
>Should those get posix uid/gid numbers? Could somebody point me in the 
>right direction?
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list