Isn't there really any way to synchronize ACL ID's on these machines?
By my understanding these id's are pulled from internal LDAP database,
if this is correct why sysvolreset creates different id's on two
different machines that replicate the same database?
Thanks in advance!
-------- Original Message --------
Subject: Sysvol replication problem
Date: Thu, 29 Aug 2013 15:33:12 +0200
From: Antun Horvat <antun.horvat at radio101.hr>
To: samba at lists.samba.org
Hello fellow Samba users,
I have a question that is related to sysvol replication. I have for now
two Samba DC's that are functioning as DNS and Active Directory roles in
my network.
As samba for now does not support sysvol replication, I am replicating
sysvol shares via rsync with -XAavz attributes as suggested in samba wiki.
The issue is that getfacl on these two servers return different user ids
and when I replicate these folders
with rsync, the secondary DC is using wrong IDs, and at the end, I can't
access sysvol folder on second dc (via share).
On FSMO master "getfacl radio101.local" returns:
# file: radio101.local
# owner: root
# group: 3000000
# flags: -s-
user::rwx
user:root:rwx
group::rwx
group:3000000:rwx
group:3000009:r-x
group:3000033:r-x
group:3000034:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:group::---
default:group:3000000:rwx
default:group:3000009:r-x
default:group:3000033:r-x
default:group:3000034:rwx
default:mask::rwx
default:other::---
while on secondary we have (after "ntacl sysvolreset"):
# file: radio101.local/
# owner: root
# group: 3000000
# flags: -s-
user::rwx
user:root:rwx
group::rwx
group:3000000:rwx
group:3000012:r-x
group:3000032:r-x
group:3000033:rwx
mask::rwx
other::---
default:user::rwx
default:user:root:rwx
default:group::---
default:group:3000000:rwx
default:group:3000012:r-x
default:group:3000032:r-x
default:group:3000033:rwx
default:mask::rwx
default:other::---
What should I do next,
Thanks for your help.