[Samba] Joining a new Samba AD DC
Mark Foley
mfoley at novatec-inc.com
Tue Jul 25 18:38:47 UTC 2023
> On Jul 24 13:30:11 2023 Rowland Penny via samba <samba at lists.samba.org> wrote:
> > > Next 'samba-tool ntacl sysvolreset', but I had a problem with that:
> > >
> > > # samba-tool ntacl sysvolreset
> > > set_nt_acl_conn: init_files_struct failed: NT_STATUS_OBJECT_NAME_NOT_FOUND
>
> > > What did I do wrong? Note that samba is not yet running.
> >
> > Did you also sync Sysvol ?
> > On a newly joined DC, there is very little in sysvol, it needs to be
> > synced from a DC that holds all the GPO's.
>
> The wiki says, "You will now need to sync Sysvol to the new DC." I thought then
> sysvolreset was that. Is there a wiki/howto on how to sync Sysvol?
To "sync Sysvol to the new DC", can I just rsync from the current DC to the new DC?
rsync -tvr /var/lib/samba/sysvol/ DC1:/var/lib/samba/sysvol
or tar the old sysvol and untar on the new DC?
sysvol has ACLs and ATTRs that I don't think tar or rsync preserves, but I do
have all the ACLs and ATTRs backed up and I could restore those with setattr,
setfacl ... OR is that what 'samba-tool ntacl sysvolreset' is supposed to do?
OR - is there some offical samba tool to sync sysvol?
Thanks --Mark
More information about the samba
mailing list