[Samba] Sysvol replication with Unison for more than 2 server.
Min Wai Chan
dcmwai at gmail.com
Tue Oct 7 06:21:36 MDT 2014
Dear Louis,
Need to double check with you on something.
Why we need to ignore system acl?
acl_xattr:ignore system acl = yes
Wouldn't the ACL on sysvol help us in most of the case?
When ACL removed the files and folder are with the basic Unix ACL which
don't have the extended ACL...
The linux right in the backgound meant?
Thank You.
On Fri, Oct 3, 2014 at 2:45 PM, L.P.H. van Belle <belle at bazuin.nl> wrote:
> Hello Min Wai,
>
> I havent tested it with more than 2 server but in my opionion it should
> work if you make sure you set gpo and work on 1 machine.
> for example.
>
> You work on the sysvol of DC1 only. then you can sync to unlimited DC's.
> you let DC1 do al the syncing. ( the cron job on this machine. )
>
> With only 2 DC's you can work on both DC's, in this case sync both ways
> works ok, this i have tested.
>
> to overcome some of the rights issues..
> The DC's only work as DC, just sysvol as shares ( and netlogon )
> The 2 DC's i've running, will be accessed only from windows computers. and
> i have set the following.
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
> acl_xattr:ignore system acl = yes <==
>
> http://www.samba.org/samba/docs/man/manpages/vfs_acl_xattr.8.html
> If you only access the data via Samba you might set this to yes to achieve
> better NT ACL compatibility.
>
> and in this case i set my rights from windows on the share, and i dont
> have any rights problems as far as i have seen.
>
> The acl_xattr is not really needed, but i noticed it made it more easy to
> setup, since you dont have to look at the linux rights in the background.
>
> Hope this helps you out a but.
>
> Best regards,
>
> Louis
>
>
>
>
>
> Van: Min Wai Chan [mailto:dcmwai at gmail.com]
> Verzonden: donderdag 2 oktober 2014 17:26
> Aan: Rowland Penny; L.P.H. van Belle; samba at lists.samba.org; steve
> Onderwerp: Sysvol replication with Unison for more than 2 server.
>
>
>
> Dear Louis,
>
> Just to check...
> Would it be possible to have more than 2 DC using Unison to sync?
>
>
> I was trying to make this to the samba wiki.
>
>
> But when reading the list I see Rowland talking about the SID and RID issue
> Because of built-in group SID is not sync across domain.
>
>
> Which I think samba should have their own way of dealing this or it will
> just be a mess in a long run.
>
>
> Did we have any trick to deal with this built-in group UID/RID temporary?
>
>
> I remember saw something like io notice/fam to monitor the sysvol and
> trigger unison when change happen.
>
>
> but I'm not sure how it would help when you have more than 3 server...
>
>
> Regards,
> Min Wai
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list