[Samba] Sysvol replication with Unison for more than 2 server.

L.P.H. van Belle belle at bazuin.nl
Fri Oct 3 00:45:55 MDT 2014 

Hello Min Wai, 
 
I havent tested it with more than 2 server but in my opionion it should work if you make sure you set gpo and work on 1 machine.
for example. 
 
You work on the sysvol of DC1 only. then you can sync to unlimited DC's. 
you let DC1 do al the syncing. ( the cron job on this machine. ) 
 
With only 2 DC's you can work on both DC's, in this case sync both ways works ok, this i have tested. 
 
to overcome some of the rights issues.. 
The DC's only work as DC, just sysvol as shares ( and netlogon ) 
The 2 DC's i've running, will be accessed only from windows computers. and i have set the following.
 
[sysvol]
        path = /var/lib/samba/sysvol
        read only = No
        acl_xattr:ignore system acl = yes           <==  

http://www.samba.org/samba/docs/man/manpages/vfs_acl_xattr.8.html
If you only access the data via Samba you might set this to yes to achieve better NT ACL compatibility. 
 
and in this case i set my rights from windows on the share, and i dont have any rights problems as far as i have seen. 
 
The acl_xattr is not really needed, but i noticed it made it more easy to setup, since you dont have to look at the linux rights in the background. 
 
Hope this helps you out a but. 
 
Best regards, 
 
Louis
 
 
 


Van: Min Wai Chan [mailto:dcmwai at gmail.com] 
Verzonden: donderdag 2 oktober 2014 17:26
Aan: Rowland Penny; L.P.H. van Belle; samba at lists.samba.org; steve
Onderwerp: Sysvol replication with Unison for more than 2 server.



Dear Louis, 

Just to check...
Would it be possible to have more than 2 DC using Unison to sync?


I was trying to make this to the samba wiki.


But when reading the list I see Rowland talking about the SID and RID issue
Because of built-in group SID is not sync across domain.


Which I think samba should have their own way of dealing this or it will just be a mess in a long run.


Did we have any trick to deal with this built-in group UID/RID temporary?


I remember saw something like io notice/fam to monitor the sysvol and trigger unison when change happen.


but I'm not sure how it would help when you have more than 3 server...


Regards,
Min Wai

More information about the samba mailing list