Re: [Samba] Sysvol Replication in Samba4

Sun, 26 Aug 2012 14:27:25 -0700 

Hello alain,
Please find attached a script that used to have and that used to work quite decently. It might need rework still it's based on rsync + csync so that posix rights and NTACLs are preserved during the copy. 


I haven't touched them since at least 6 to 9 months so maintenance might 
be needed.


Matthieu.

On 08/25/2012 10:24 PM, Alain Foucher wrote:

Hello Matthieu,

Thanks for your answer

we'll write the scripts

regards

Alain


----- Original Message ----- From: "Matthieu Patou" <m...@samba.org>
To: <samba@lists.samba.org>
Sent: Sunday, August 26, 2012 4:11 PM
Subject: Re: [Samba] Sysvol Replication in Samba4



On 08/24/2012 07:21 PM, Fouchers's Family wrote:

Hi,


We installed a samba4 AD controller using Gpo for a small group of 
users (5 users), everything is OK.

(Samba4 beta 7 on Ubuntu 12.04)


We installed another Samba4 AD controller as a BDC of the first one 
with the command "samba-tool domain join" with succes.



After checking this new installation, we saw that the sysvol share 
was not replicated from the PDC and all the Policies are not present 
in the BDC.



At this stage of Samba4, is this feature  implemented ? Do we do it 
manually by shelle scripts ?



No replication is not working yet you have to use scripts to do the 
sync.


Matthieu.


--
Matthieu Patou
Samba Team
http://samba.org

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba



__________ Information provenant d'ESET NOD32 Antivirus, version de 
la base des signatures de virus 7417 (20120825) __________


Le message a été vérifié par ESET NOD32 Antivirus.

http://www.eset.com








--
Matthieu Patou
Samba Team
http://samba.org


#!/bin/bash
#
# Copyright (C) Matthieu Patou <m...@matws.net> 2011-2012
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

export KRB5CCNAME=/tmp/sync.$$
. /usr/local/etc/ecv/list_dcs

contacteddc=0
me=`hostname -s`
domain=`hostname -d`
PROVISIONDIR=/usr/local/domain/$domain/
STAGING=$PROVISIONDIR/staging
SYSVOL=$PROVISIONDIR/sysvol

# Add some randomness 
sleep $(( $RANDOM % 50 ))
rm -rf $STAGING/*
kinit -k -t /etc/krb5.keytab  `hostname -s | tr "[:lower:]" "[:upper:]"`\$
date +%s >$SYSVOL/.flag
for dc in $LIST_DC; do
        if [ $dc == $me ]; then
                continue
        fi

        # can we ping this dc ?
        ping -c 2 $dc >/dev/null 2>&1
        if [ $? -ne 0 ]; then
                continue
        fi

        [ ! -f $STAGING/.lastts.$dc ]&& touch $STAGING/.lastts.$dc
                dc_account_name=`echo $me | tr "[:lower:]" "[:upper:]"`
                rsync  -X -u -a  $dc_account_name\$@${dc}.${domain}:$SYSVOL 
$STAGING

        [ $? -ne 0 ]&& continue
        contacteddc=$(($contacteddc + 1))

        if [ -f $STAGING/sysvol/.flag ]; then
                # A sync is running on another dc ...
                now=`date +%s`
                ts=`cat $SYSVOL/.flag`
                delta=$(( $now - $ts ))
                if [ $delta -gt 300 ]; then
                        echo -ne "A sync is already running on $dc for more 
than 5 minutes, you should "
                        echo "check and if needed remove the following file: 
$SYSVOL/.flag"
                else
                        sleep $(( $RANDOM % 50 + 20))
                        rm -rf $STAGING/*
                        rsync  -X -u -a  
$dc_account_name\$@${dc}.${domain}:$SYSVOL $STAGING
                        if [ -f $STAGING/sysvol/.flag ]; then
                                #echo "Sync is running"
                                rm -f $KRB5CCNAME
                                [ -f $SYSVOL/.flag ]&& rm $SYSVOL/.flag
                                exit 0
                        fi
                fi
        fi
done

if [ $contacteddc -eq 0 ]; then
        if [ -f $STAGING/sysvol/.flag ]; then
                rm $STATING/sysvol/.flag
                exit 0
        fi
fi
csync $STAGING $SYSVOL
cd $STAGING
find . >/tmp/listfiles.$$
cd /

while read l; do
        nb=`getfattr -d -m "" "$SYSVOL/$l" 2>/dev/null |wc -l`
        nb2=`getfattr -d -m "" "$STAGING/sysvol/$l" 2>/dev/null |wc -l`
        if [ ! -L "$STAGING/sysvol/$l" -a $nb -eq 0 -a $nb2 -ne 0 ]; then
                echo "setting acls on $l"
                getfattr -d -m "" "$STAGING/sysvol/$l" 2>/dev/null | sed 
's@staging/@@' |setfattr --restore=- 2>/dev/null
        fi
done </tmp/listfiles.$$

rm /tmp/listfiles.$$

rm -f $KRB5CCNAME
[ -f $SYSVOL/.flag ]&& rm $SYSVOL/.flag

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba





















					Reply via email to