[Samba] Sysvol Replication workaround seems not work
Thomas Kempf
listen at hueper.de
Mon Aug 2 06:13:49 UTC 2021
Am 30.07.2021 um 11:45 schrieb Rowland Penny via samba:
> On Fri, 2021-07-30 at 11:26 +0200, Thomas Kempf via samba wrote:
>>
>> But if i change only Delegation on one Policy - which leads AFAIK to
>> changed ACL on FSMO-DCs sysvol, shouldn't these ACL-Changes be synced
>> to
>> the other DC automatically by Unison ?
>
> If the ACL on disk is changed, then it should be synced, but if the
> changes are only in sam.ldb, then replication should sync the changes.
>
> I do not use the unison method, so cannot really comment on it, have
> you tried one of the other methods ?I switched from rsync replication to unison, because of it is
bidirectional capabilities. Since i only recently started deploying more
GPOs, there were no big problems with unison/rsync.
But before changing sysvol sync back to rsync, i'll have a look into
switching samba version to something more recent, as you suggested.
Thank you for your help up to this point and for clarification of some
facts which where not really clear to me. One thing is still on my list
of big question marks.
Is there anywhere a list of well-known sids, which should have no
gidNumber set, or is DA the only one ?
kind regards
Tom
More information about the samba
mailing list