Hello alain,
Please find attached a script that used to have and that used to work
quite decently.
It might need rework still it's based on rsync + csync so that posix
rights and NTACLs are preserved during the copy.
I haven't touched them since at least 6 to 9 months so maintenance might
be needed.
Matthieu.
On 08/25/2012 10:24 PM, Alain Foucher wrote:
Hello Matthieu,
Thanks for your answer
we'll write the scripts
regards
Alain
- Original Message - From: Matthieu Patou m...@samba.org
To: samba@lists.samba.org
Sent: Sunday, August 26, 2012 4:11 PM
Subject: Re: [Samba] Sysvol Replication in Samba4
On 08/24/2012 07:21 PM, Fouchers's Family wrote:
Hi,
We installed a samba4 AD controller using Gpo for a small group of
users (5 users), everything is OK.
(Samba4 beta 7 on Ubuntu 12.04)
We installed another Samba4 AD controller as a BDC of the first one
with the command samba-tool domain join with succes.
After checking this new installation, we saw that the sysvol share
was not replicated from the PDC and all the Policies are not present
in the BDC.
At this stage of Samba4, is this feature implemented ? Do we do it
manually by shelle scripts ?
No replication is not working yet you have to use scripts to do the
sync.
Matthieu.
--
Matthieu Patou
Samba Team
http://samba.org
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
__ Information provenant d'ESET NOD32 Antivirus, version de
la base des signatures de virus 7417 (20120825) __
Le message a été vérifié par ESET NOD32 Antivirus.
http://www.eset.com
--
Matthieu Patou
Samba Team
http://samba.org
#!/bin/bash
#
# Copyright (C) Matthieu Patou m...@matws.net 2011-2012
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
export KRB5CCNAME=/tmp/sync.$$
. /usr/local/etc/ecv/list_dcs
contacteddc=0
me=`hostname -s`
domain=`hostname -d`
PROVISIONDIR=/usr/local/domain/$domain/
STAGING=$PROVISIONDIR/staging
SYSVOL=$PROVISIONDIR/sysvol
# Add some randomness
sleep $(( $RANDOM % 50 ))
rm -rf $STAGING/*
kinit -k -t /etc/krb5.keytab `hostname -s | tr [:lower:] [:upper:]`\$
date +%s $SYSVOL/.flag
for dc in $LIST_DC; do
if [ $dc == $me ]; then
continue
fi
# can we ping this dc ?
ping -c 2 $dc /dev/null 21
if [ $? -ne 0 ]; then
continue
fi
[ ! -f $STAGING/.lastts.$dc ] touch $STAGING/.lastts.$dc
dc_account_name=`echo $me | tr [:lower:] [:upper:]`
rsync -X -u -a $dc_account_name\$@${dc}.${domain}:$SYSVOL
$STAGING
[ $? -ne 0 ] continue
contacteddc=$(($contacteddc + 1))
if [ -f $STAGING/sysvol/.flag ]; then
# A sync is running on another dc ...
now=`date +%s`
ts=`cat $SYSVOL/.flag`
delta=$(( $now - $ts ))
if [ $delta -gt 300 ]; then
echo -ne A sync is already running on $dc for more
than 5 minutes, you should
echo check and if needed remove the following file:
$SYSVOL/.flag
else
sleep $(( $RANDOM % 50 + 20))
rm -rf $STAGING/*
rsync -X -u -a
$dc_account_name\$@${dc}.${domain}:$SYSVOL $STAGING
if [ -f $STAGING/sysvol/.flag ]; then
#echo Sync is running
rm -f $KRB5CCNAME
[ -f $SYSVOL/.flag ] rm $SYSVOL/.flag
exit 0
fi
fi
fi
done
if [ $contacteddc -eq 0 ]; then
if [ -f $STAGING/sysvol/.flag ]; then
rm $STATING/sysvol/.flag
exit 0
fi
fi
csync $STAGING $SYSVOL
cd $STAGING
find . /tmp/listfiles.$$
cd /
while read l; do
nb=`getfattr -d -m $SYSVOL/$l 2/dev/null |wc -l`
nb2=`getfattr -d -m $STAGING/sysvol/$l 2/dev/null |wc -l`
if [ ! -L $STAGING/sysvol/$l -a $nb -eq 0 -a $nb2 -ne 0 ]; then
echo setting acls on $l
getfattr -d -m $STAGING/sysvol/$l 2/dev/null | sed
's@staging/@@' |setfattr --restore=- 2/dev/null
fi
done /tmp/listfiles.$$
rm /tmp/listfiles.$$
rm -f $KRB5CCNAME
[ -f