[Samba] Syncing Sysvol

Jonathon Reinhart jonathon.reinhart at gmail.com
Tue Jul 16 13:02:15 UTC 2019 

Rowland,

You could go another step further and run that with "notify" to
monitor for changes, instead of having to run it in a cron job. In my
experience, "notify" works using smbclient, but not so with
libsmbclient.

Another nice benefit of using smbclient + 'samba-tool ntacl
sysvolreset' over rsync is that you don't need worry about the
built-in user/group ID mappings, as documented here:
https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Built-in_User_.26_Group_ID_Mappings

Jonathon



On Tue, Jul 16, 2019 at 8:11 AM Rowland penny via samba
<samba at lists.samba.org> wrote:
>
> Hi, in this thread:
> https://lists.samba.org/archive/samba/2019-July/224365.html
>
> Joachim Lindenberg reminded me that he was using smbclient to sync Sysvol.
>
> He posted (in the link above) a link to his original post:
>
> https://lists.samba.org/archive/samba/2019-July/224346.html
>
> Here he posted a copy of his script. I personally would never have
> thought about using smbclient, but it just goes to show how inventive
> Samba users are.
>
> I have tested the script (and altered it slightly), it seems to work, so
> here is my version:
>
> #------- script start ---------------------
> #!/bin/bash
> # prerequisite: apt-get install smbclient
>
> # you need to be root or use sudo to run this script.
> if [ "$EUID" -ne 0 ]; then
>      echo "Please run as root, or use sudo. Exiting now..."
>      exit 1
> fi
>
> sysvol="$(samba -b | grep "STATEDIR" | awk '{print $NF}')/sysvol"
> [[ -d $sysvol ]] || exit
>
> pdc=$(host -t SRV _ldap._tcp.pdc._msdcs."$(hostname -d)" | awk '{print
> $NF}' | awk -F '.' '{print $1}')
> thisdc=$(hostname -s)
> if [ "$thisdc" = "$pdc" ]; then
>      echo "This is the DC holding the PDC Emulator role"
>      echo "Cannot continue...Exiting."
>      exit
> fi
>
> if [ ! -d /tmp/samba ]; then
>      mkdir /tmp/samba
>      if [ "$?" != 0 ]; then
>          exit
>      fi
> fi
>
> if [ ! -f /tmp/samba/olddir ]; then
>      echo '0' > /tmp/samba/olddir
> fi
>
> smbclient --machine-pass -e --max-protocol SMB3 \\\\"$pdc"\\sysvol -c
> "prompt; recurse; dir *" >/tmp/samba/newdir
>
> cmp /tmp/samba/newdir /tmp/samba/olddir > /dev/null 2>&1
> if [ $? -ne 0 ]; then
>      mkdir /tmp/samba/sysvol
>      cd /tmp/samba/sysvol || exit
>      smbclient --machine-pass -e --max-protocol SMB3 \\\\"$pdc"\\sysvol
> -c "prompt; recurse; mget *"
>      mv "$sysvol" "$sysvol.old"
>      mv /tmp/samba/sysvol "$sysvol.old/.."
>      samba-tool ntacl sysvolreset
>      rm -r "$sysvol.old"
>      rm -f /tmp/samba/olddir
>      mv /tmp/samba/newdir /tmp/samba/olddir
> fi
>
> exit 0
> #----------- script end ----------------
>
> My version is a bit simpler and doesn't use ldb-tools.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list