[Samba] Sysvol replication with Unison for more than 2 server.

L.P.H. van Belle belle at bazuin.nl
Tue Oct 7 07:48:54 MDT 2014

Putting you home folder on sysvol wil mess up the needed acl's and you wil have lots or problems. 

and it is very adviced to not useing a DC as file server. 
install a member server and put your files on that server. 

only 1 server ( aka hardware ), get XEN server ( its free and easy ) google for it.
and install 2 DC's and 1 file server.  
only thing you need is about 16Gb Ram. about 2-4Gb XenServer, 2 x 4 GB for the DC's. 
last 4GB for you member server. and since ram is cheap.. 

I've done some testing on a Dell Vostro 230 ( Pentium G cpu, 2x2.8Gz.)
on 1 sata disk and even that is ok in performance. 
Just dont use a setup like this in a production environment. 


>-----Oorspronkelijk bericht-----
>Van: dcmwai at gmail.com [mailto:samba-bounces at lists.samba.org] 
>Namens Min Wai Chan
>Verzonden: dinsdag 7 oktober 2014 14:24
>Aan: James
>CC: samba at lists.samba.org
>Onderwerp: Re: [Samba] Sysvol replication with Unison for more 
>than 2 server.
>Dear James,
>I think we need to understand more about your setup...
>1. Sysvol shouldn't be the holder for your home directory or 
>My Documents.
>- It should be the files for Domain Control and all the Group 
>Policy Object
>2. Sysvol should only hold GPO stuff and not other...
>On Tue, Oct 7, 2014 at 8:06 PM, James <lingpanda101 at gmail.com> wrote:
>> Hi Steve,
>>     Unfortunately no. I have to manually go into each folder 
>that has been
>> affected to remove and reapply the users ACL's. The same 
>with user groups.
>> I don't believe built in users or groups has been affected. I've also
>> noticed one of my shares no longer displays in the Windows computer
>> management screen under shares. I'll have to sort that out. 
>This all stems
>> from redirecting users My Documents and Favorites to a 
>share. Let it be
>> known I'm not using Unison but just Rsync to keep the sysvol 
>> On 10/7/2014 2:21 AM, steve wrote:
>>> On 06/10/14 19:11, James wrote:
>>>> I did no run sysvolreset. Thanks for the heads up.
>>> Hi James
>>> Could you feed us back and tell us if this solved it?
>>> Cheers,
>>> Steve
>>>> On 10/6/2014 12:27 PM, steve wrote:
>>>>> On 06/10/14 16:48, James wrote:
>>>>>> Thanks Steve. I noticed after making the change on 
>existing DC's I have
>>>>>> some file permissions I need to clean up. Users unable to access
>>>>>> documents due to folder redirect to DC. Removing and 
>applying the user
>>>>>> ACL rights resolves it. I figured this would be an issue 
>but anything
>>>>>> else that may creep up I'm not aware of?
>>>>>> On 10/6/2014 1:52 AM, steve wrote:
>>>>>>> On 06/10/14 03:26, James wrote:
>>>>>>>> How often would one need to sync the file across DC's?
>>>>>>> Once.
>>>>>>  Can't think of any. It's usually just a case if copy 
>the idmap db and
>>>>> then a samba-tool ntacl sysvolreset. Maybe you missed the latter?
>>>>> HTH,
>>>>> Steve
>> --
>> -James
>To unsubscribe from this list go to the following URL and read the
>instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list