samba - Apr 2016 - SYSVOL Replication in a Windows-driven AD environment

Hi everyone,

So, I am working with an AD environment where there is one 2008R2 DC (which
holds the PDC emulator FSMO role) and one Samba DC running on Ubuntu 14.04
(Samba Version 4.1.6-Ubuntu). I have been trying to set up the rsync
workaround for SYSVOL replication, but I've been unable to get it working
properly due to the inability to compile rsync with xattr support under
Windows. My question is, are there any other workarounds available? Or does
anyone know of an rsync binary for Windows that has proper ACL and xattr
support?

As an aside, if I can't get this to work properly, what is my best course
of action? Is there a good way to ensure that my Samba DC isn't serving
outdated versions of the SYSVOL share?

Thanks,
Isaiah

On Mon, 11 Apr 2016, Isaiah Olson wrote:
> So, I am working with an AD environment where there is one 2008R2 DC (which
> holds the PDC emulator FSMO role) and one Samba DC running on Ubuntu 14.04
> (Samba Version 4.1.6-Ubuntu). I have been trying to set up the rsync
> workaround for SYSVOL replication, but I've been unable to get it
working
> properly due to the inability to compile rsync with xattr support under
> Windows. My question is, are there any other workarounds available? Or does
> anyone know of an rsync binary for Windows that has proper ACL and xattr
> support?
I haven't tried this, as I don't have a windows DC, but I suspect you 
could use rsync from windows (without xattrs), then do a samba-tool ntacl 
sysvolreset on the linux DC(s) to reset the file permissions (might want 
to initiate the rsync from linux so you can do the sysvolreset immediately 
after).

What you can try. 

Map the sysvol share from the samba to a driveletter on the DC. 

Add :  acl_xattr:ignore system acls = yes
Too the sysvol share on samba. 

Use deltacopy to copy the sysvol 

I havent tried it, but above seams logical and can work, you just have to try it
yourself.

If deltacopy does not work, try cwRsync or robocopy. 

Deltacopy
http://www.aboutmyip.com/AboutMyXApp/DeltaCopy.jsp 

cwrsync
https://www.itefix.net/cwrsync 

Greetz, 

Louis

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Sketch
> Verzonden: maandag 11 april 2016 15:42
> Aan: Isaiah Olson
> CC: samba at lists.samba.org
> Onderwerp: Re: [Samba] SYSVOL Replication in a Windows-driven AD
> environment
> 
> On Mon, 11 Apr 2016, Isaiah Olson wrote:
> 
> > So, I am working with an AD environment where there is one 2008R2 DC
> (which
> > holds the PDC emulator FSMO role) and one Samba DC running on Ubuntu
> 14.04
> > (Samba Version 4.1.6-Ubuntu). I have been trying to set up the rsync
> > workaround for SYSVOL replication, but I've been unable to get it
> working
> > properly due to the inability to compile rsync with xattr support
under
> > Windows. My question is, are there any other workarounds available? Or
> does
> > anyone know of an rsync binary for Windows that has proper ACL and
xattr
> > support?
> 
> I haven't tried this, as I don't have a windows DC, but I suspect
you
> could use rsync from windows (without xattrs), then do a samba-tool ntacl
> sysvolreset on the linux DC(s) to reset the file permissions (might want
> to initiate the rsync from linux so you can do the sysvolreset immediately
> after).
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

On Mon, 11 Apr 2016, L.P.H. van Belle wrote:
> Map the sysvol share from the samba to a driveletter on the DC.
>
> Use deltacopy to copy the sysvol
>
> If deltacopy does not work, try cwRsync or robocopy.
That's a good idea as well.  BTW, you can skip the drive mapping if you 
use robocopy, as it can copy files to a UNC path.  I think this is 
generally simpler for stuff you want to run from task scheduler without a 
logged in user.

Hello Isaiah,

Am 11.04.2016 um 12:34 schrieb Isaiah Olson:
> So, I am working with an AD environment where there is one 2008R2 DC (which
> holds the PDC emulator FSMO role) and one Samba DC running on Ubuntu 14.04
> (Samba Version 4.1.6-Ubuntu). I have been trying to set up the rsync
> workaround for SYSVOL replication, but I've been unable to get it
working
> properly due to the inability to compile rsync with xattr support under
> Windows. My question is, are there any other workarounds available? Or does
> anyone know of an rsync binary for Windows that has proper ACL and xattr
> support?
You can use robocopy from MS for that. In my test environment I had a
working setup with unidirectional replication from the Samba SysVol
share. The documentation about that is almost half finished, but then I
had no time and forgot it.

Maybe I find some time to finish and verify. Then you will find it in
the Wiki soon.


Regards,
Marc