Daniel Müller
2014-Feb-19 07:19 UTC
[Samba] Samba4: Strange Behaveiour On Home share with 2 DC replicating /vfs glusterfs
There is a strange behaviour having two DCs joined in one Domain concerning the [home] share. The [home] is fixed on a replicating gluster volume on both DC. Now creating the users directory with ADUC ex.: \\s4master\home\%username% would do the necessary and the directory is created on both dcs. On the first DC all working fine without any issue but on the second the user cannot login their home shares pointing to ex: \\s4slave\home\testneu The reason is a different UID!? EX.: on the first DC 3000030 on the second 3000023!? How can I fix this? Greetings Daniel On DC1: [home] comment=home s4master verzeichnis auf gluster node1 vfs objects= recycle, glusterfs recycle:repository= /%P/%U/.Papierkorb glusterfs:volume= sambacluster glusterfs:volfile_server = 172.17.1.1 recycle:exclude = *.tmp,*.temp,*.log,*.ldb,*.TMP,?~$*,~$* recycle:keeptree = Yes recycle:exclude_dir = .Papierkorb,tmp,temp,profile,.profile recycle:touch_mtime = yes recycle:versions = Yes msdfs root=yes path=/ads/home read only=no posix locking =NO kernel share modes = No [root at s4master home]# getfacl testneu # file: testneu # owner: root # group: users user::rwx user:root:rwx user:3000000:rwx user:TPLK\134testneu:rwx group::--- group:users:--- group:3000000:rwx group:3000030:rwx mask::rwx other::--- default:user::rwx default:user:root:rwx default:user:3000000:rwx default:user:TPLK\134testneu:rwx default:group::--- default:group:users:--- default:group:3000000:rwx default:group:3000030:rwx default:mask::rwx default:other::--- [root at s4master home]# id testneu uid=3000030(TPLK\testneu) gid=100(users) Gruppen=100(users) On DC2: [home] comment=home s4slave verzeichnis auf gluster node2 vfs objects= recycle, glusterfs recycle:repository= /%P/%U/.Papierkorb glusterfs:volume= sambacluster glusterfs:volfile_server = 172.17.1.2 recycle:exclude = *.tmp,*.temp,*.log,*.ldb,*.TMP,?~$*,~$* recycle:keeptree = Yes recycle:exclude_dir = .Papierkorb,tmp,temp,profile,.profile recycle:touch_mtime = yes recycle:versions = Yes msdfs root=yes path=/ads/home read only=no posix locking =NO kernel share modes = No [root at s4slave home]# getfacl testneu # file: testneu # owner: root # group: users user::rwx user:root:rwx user:3000000:rwx user:3000030:rwx group::--- group:users:--- group:3000000:rwx group:3000030:rwx mask::rwx other::--- default:user::rwx default:user:root:rwx default:user:3000000:rwx default:user:3000030:rwx default:group::--- default:group:users:--- default:group:3000000:rwx default:group:3000030:rwx default:mask::rwx default:other::--- [root at s4slave home]# id testneu uid=3000023(TPLK\testneu) gid=100(users) Gruppen=100(users) <---should be the same as DC1!? EDV Daniel M?ller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 T?bingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: mueller at tropenklinik.de Internet: www.tropenklinik.de "Der Mensch ist die Medizin des Menschen"
Rowland Penny
2014-Feb-19 09:39 UTC
[Samba] Samba4: Strange Behaveiour On Home share with 2 DC replicating /vfs glusterfs
On 19/02/14 07:19, Daniel M?ller wrote:> There is a strange behaviour having two DCs joined in one Domain concerning > the [home] share. > The [home] is fixed on a replicating gluster volume on both DC. > Now creating the users directory with ADUC ex.: \\s4master\home\%username% > would do the necessary and the directory is created on both dcs. On the > first DC all working fine > without any issue but on the second the user cannot login their home shares > pointing to ex: \\s4slave\home\testneu > The reason is a different UID!? EX.: on the first DC 3000030 on the second > 3000023!? > How can I fix this? > > Greetings Daniel > > > > > > > > > On DC1: > > > [home] > comment=home s4master verzeichnis auf gluster node1 > vfs objects= recycle, glusterfs > recycle:repository= /%P/%U/.Papierkorb > glusterfs:volume= sambacluster > glusterfs:volfile_server = 172.17.1.1 > recycle:exclude = *.tmp,*.temp,*.log,*.ldb,*.TMP,?~$*,~$* > recycle:keeptree = Yes > recycle:exclude_dir = .Papierkorb,tmp,temp,profile,.profile > recycle:touch_mtime = yes > recycle:versions = Yes > msdfs root=yes > path=/ads/home > read only=no > posix locking =NO > kernel share modes = No > > > > > [root at s4master home]# getfacl testneu > # file: testneu > # owner: root > # group: users > user::rwx > user:root:rwx > user:3000000:rwx > user:TPLK\134testneu:rwx > group::--- > group:users:--- > group:3000000:rwx > group:3000030:rwx > mask::rwx > other::--- > default:user::rwx > default:user:root:rwx > default:user:3000000:rwx > default:user:TPLK\134testneu:rwx > default:group::--- > default:group:users:--- > default:group:3000000:rwx > default:group:3000030:rwx > default:mask::rwx > default:other::--- > > [root at s4master home]# id testneu > uid=3000030(TPLK\testneu) gid=100(users) Gruppen=100(users) > > On DC2: > [home] > comment=home s4slave verzeichnis auf gluster node2 > vfs objects= recycle, glusterfs > recycle:repository= /%P/%U/.Papierkorb > glusterfs:volume= sambacluster > glusterfs:volfile_server = 172.17.1.2 > recycle:exclude = *.tmp,*.temp,*.log,*.ldb,*.TMP,?~$*,~$* > recycle:keeptree = Yes > recycle:exclude_dir = .Papierkorb,tmp,temp,profile,.profile > recycle:touch_mtime = yes > recycle:versions = Yes > msdfs root=yes > path=/ads/home > read only=no > posix locking =NO > kernel share modes = No > > [root at s4slave home]# getfacl testneu > # file: testneu > # owner: root > # group: users > user::rwx > user:root:rwx > user:3000000:rwx > user:3000030:rwx > group::--- > group:users:--- > group:3000000:rwx > group:3000030:rwx > mask::rwx > other::--- > default:user::rwx > default:user:root:rwx > default:user:3000000:rwx > default:user:3000030:rwx > default:group::--- > default:group:users:--- > default:group:3000000:rwx > default:group:3000030:rwx > default:mask::rwx > default:other::--- > > [root at s4slave home]# id testneu > uid=3000023(TPLK\testneu) gid=100(users) Gruppen=100(users) <---should be > the same as DC1!? > > > > EDV Daniel M?ller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 T?bingen > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: mueller at tropenklinik.de > Internet: www.tropenklinik.de > "Der Mensch ist die Medizin des Menschen" > > > > >Fairly easily, give your users uidNumber's & gidNumber's Rowland
Andrew Bartlett
2014-Feb-21 07:54 UTC
[Samba] Samba4: Strange Behaveiour On Home share with 2 DC replicating /vfs glusterfs
On Wed, 2014-02-19 at 08:19 +0100, Daniel M?ller wrote:> There is a strange behaviour having two DCs joined in one Domain concerning > the [home] share. > The [home] is fixed on a replicating gluster volume on both DC.Don't do this. If you want to do something like this, set up a member server and run Samba with CTDB. CTDB is not compatible with being an AD DC, and so must be run on a member server node. Samba running on multiple nodes of a cluster or remote file system (including NFS) without CTDB will corrupt files, as otherwise there is no shared locking. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba