[Samba] sysvol replication and posix uid / gid mapping
L.P.H. van Belle
belle at bazuin.nl
Fri Jun 20 01:58:36 MDT 2014
Hai,
I suggest try my script or if you not on ubuntu/debian read the script and adapt it to your os.
Maybe this works for you with the winbind setup, i dont know but you can try it.
Im using this now for about 1 month without problems, and i can change GPO settings on any DC now.
https://secure.bazuin.nl/scripts/3-setup-sysvol-bidirectional.sh
Best regards,
Louis
>-----Oorspronkelijk bericht-----
>Van: hlangos-samba at innominate.com
>[mailto:samba-bounces at lists.samba.org] Namens Henrik Langos
>Verzonden: vrijdag 20 juni 2014 9:52
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] sysvol replication and posix uid / gid mapping
>
>Hi,
>
>I just found out the hard way that sysvol replication with
>rsync stoped
>working when I activated winbind (libnss-winbind actually) on
>my primary
>AD DC.
>
>Originally I hadn't planed to activate winbind on the primary AD DC
>since that machine was not meant to provide any shares.
>What I hadn't thought of was the fact that GPOs reside as files on the
>sysvol share and thus are subject to the same rules as any
>other files.
>Now I activated winbind and those files now belong to a non-numeric
>group and rsync complains.
>
>Maybe a hint in that regard on
>https://wiki.samba.org/index.php/SysVol_Replication would be nice.
>
>What is the best practice in regard to all those groups like "Domain
>Admins" "Printer Operators" and so on?
>Should those get posix uid/gid numbers? Could somebody point me in the
>right direction?
>
>Thanks
>-henrik
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list