Hello alain,
Please find attached a script that used to have and that used to work
quite decently.
It might need rework still it's based on rsync + csync so that posix
rights and NTACLs are preserved during the copy.
I haven't touched them since at least 6 to 9 months so maintenance might
be needed.
Matthieu.
On 08/25/2012 10:24 PM, Alain Foucher wrote:> Hello Matthieu,
>
> Thanks for your answer
>
> we'll write the scripts
>
> regards
>
> Alain
>
>
> ----- Original Message ----- From: "Matthieu Patou" <mat at
samba.org>
> To: <samba at lists.samba.org>
> Sent: Sunday, August 26, 2012 4:11 PM
> Subject: Re: [Samba] Sysvol Replication in Samba4
>
>
>> On 08/24/2012 07:21 PM, Fouchers's Family wrote:
>>> Hi,
>>>
>>> We installed a samba4 AD controller using Gpo for a small group of
>>> users (5 users), everything is OK.
>>> (Samba4 beta 7 on Ubuntu 12.04)
>>>
>>> We installed another Samba4 AD controller as a BDC of the first one
>>> with the command "samba-tool domain join" with succes.
>>>
>>> After checking this new installation, we saw that the sysvol share
>>> was not replicated from the PDC and all the Policies are not
present
>>> in the BDC.
>>>
>>> At this stage of Samba4, is this feature implemented ? Do we do it
>>> manually by shelle scripts ?
>>>
>> No replication is not working yet you have to use scripts to do the
>> sync.
>>
>> Matthieu.
>>
>>
>> --
>> Matthieu Patou
>> Samba Team
>> http://samba.org
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>> __________ Information provenant d'ESET NOD32 Antivirus, version de
>> la base des signatures de virus 7417 (20120825) __________
>>
>> Le message a ?t? v?rifi? par ESET NOD32 Antivirus.
>>
>> http://www.eset.com
>>
>>
>>
>
--
Matthieu Patou
Samba Team
http://samba.org
-------------- next part --------------
#!/bin/bash
#
# Copyright (C) Matthieu Patou <mat at matws.net> 2011-2012
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
export KRB5CCNAME=/tmp/sync.$$
. /usr/local/etc/ecv/list_dcs
contacteddc=0
me=`hostname -s`
domain=`hostname -d`
PROVISIONDIR=/usr/local/domain/$domain/
STAGING=$PROVISIONDIR/staging
SYSVOL=$PROVISIONDIR/sysvol
# Add some randomness
sleep $(( $RANDOM % 50 ))
rm -rf $STAGING/*
kinit -k -t /etc/krb5.keytab `hostname -s | tr "[:lower:]"
"[:upper:]"`\$
date +%s >$SYSVOL/.flag
for dc in $LIST_DC; do
if [ $dc == $me ]; then
continue
fi
# can we ping this dc ?
ping -c 2 $dc >/dev/null 2>&1
if [ $? -ne 0 ]; then
continue
fi
[ ! -f $STAGING/.lastts.$dc ]&& touch $STAGING/.lastts.$dc
dc_account_name=`echo $me | tr "[:lower:]" "[:upper:]"`
rsync -X -u -a $dc_account_name\$@${dc}.${domain}:$SYSVOL $STAGING
[ $? -ne 0 ]&& continue
contacteddc=$(($contacteddc + 1))
if [ -f $STAGING/sysvol/.flag ]; then
# A sync is running on another dc ...
now=`date +%s`
ts=`cat $SYSVOL/.flag`
delta=$(( $now - $ts ))
if [ $delta -gt 300 ]; then
echo -ne "A sync is already running on $dc for more than 5 minutes, you
should "
echo "check and if needed remove the following file: $SYSVOL/.flag"
else
sleep $(( $RANDOM % 50 + 20))
rm -rf $STAGING/*
rsync -X -u -a $dc_account_name\$@${dc}.${domain}:$SYSVOL $STAGING
if [ -f $STAGING/sysvol/.flag ]; then
#echo "Sync is running"
rm -f $KRB5CCNAME
[ -f $SYSVOL/.flag ]&& rm $SYSVOL/.flag
exit 0
fi
fi
fi
done
if [ $contacteddc -eq 0 ]; then
if [ -f $STAGING/sysvol/.flag ]; then
rm $STATING/sysvol/.flag
exit 0
fi
fi
csync $STAGING $SYSVOL
cd $STAGING
find . >/tmp/listfiles.$$
cd /
while read l; do
nb=`getfattr -d -m "" "$SYSVOL/$l" 2>/dev/null |wc -l`
nb2=`getfattr -d -m "" "$STAGING/sysvol/$l" 2>/dev/null
|wc -l`
if [ ! -L "$STAGING/sysvol/$l" -a $nb -eq 0 -a $nb2 -ne 0 ]; then
echo "setting acls on $l"
getfattr -d -m "" "$STAGING/sysvol/$l" 2>/dev/null |
sed 's at staging/@@' |setfattr --restore=- 2>/dev/null
fi
done </tmp/listfiles.$$
rm /tmp/listfiles.$$
rm -f $KRB5CCNAME
[ -f $SYSVOL/.flag ]&& rm $SYSVOL/.flag