Rowland Penny
2019-Mar-26 12:50 UTC
[Samba] Problem achieving manual synchronisation of idmap.ldb and the associated User and Group ID mappings between two Samba 4 AD DCs
On Tue, 26 Mar 2019 12:33:33 +0000 Stephen via samba <samba at lists.samba.org> wrote:> Roland, Jonathon, what permissions set would you recommend for use > when syncing SysVol? > > I have only found a single tutorial > (https://www.tecmint.com/samba4-ad-dc-sysvol-replication/) that even > mentions what permissions should be used when replicating SysVol. , > and that suggests using 775 permission set during replication ie:Go on, I give in, what is wrong with the official Samba documentation ?> > rsync --dry-run -XAavz --chmod=775 --delete-after --progress > --stats /var/lib/samba/sysvol/ root at ad2:/var/lib/samba/sysvol/ > > Perhaps its just me but that seems an excessively promiscuous?And it doesn't really matter, the important permissions are dealt with by the '-XAavz' part, so to answer your question, tecmint got it wrong (not for the first time either), you do not need to add the '--chmod=775' part. Rowland
Stephen
2019-Mar-26 13:08 UTC
[Samba] Problem achieving manual synchronisation of idmap.ldb and the associated User and Group ID mappings between two Samba 4 AD DCs
Go on, I give in, what is wrong with the official Samba documentation? Off the top of my head: 1) Your (ie Samba project) docs are structured a little poorly and actually pretty hard to follow - eg a single article describes setting up Samba both with SAMBA_INTERNAL and BIND which is confusing. Two separate articles, one on each topic would be better! 2) Despite being the official documentation its not free of errors, as I have just demonstrated. There were two missing essential steps in the tutorial to add a backup DC to a domain and this is a very fundamental Samba task. Its like the seconds step in setting up a basic Samba setup. 3) They lacks the clear straightforward step by step approach of TechMint with screenshots and similar? 4) In practice this means that non-experts cannot / wont be able to use Samba, even for basic tasks as I am trying to do here. People less determined than me will give up, and I am basically dependent upon this (awesome, thanks everyone) mailing list and its support. 5) You need to get one person to write the docs. Another person should then separately *verify* the instructions that are given to avoid simple mistakes. To be absolutely clear - I am trying to be constructive here and genunely offer suggestions for improvement. The last thing I want to do is insult you and the other Samba devotees and your heroic efforts here on this list Rowland. At the same time quite a few of the the questions that are asked relate to pretty basic stuff that wouldn't arise were the official docs clearer IMHO. I know you are all volunteers, time is precious, but I think a little bit more up front work on the docs would payoff in the long run and help reduce mailing list traffic significantly. Thanks Stephen Ellwood
Rowland Penny
2019-Mar-26 13:39 UTC
[Samba] Problem achieving manual synchronisation of idmap.ldb and the associated User and Group ID mappings between two Samba 4 AD DCs
On Tue, 26 Mar 2019 13:08:25 +0000 Stephen via samba <samba at lists.samba.org> wrote:> Go on, I give in, what is wrong with the official Samba documentation? > > Off the top of my head: > 1) Your (ie Samba project) docs are structured a little poorly and > actually pretty hard to follow - eg a single article describes > setting up Samba both with SAMBA_INTERNAL and BIND which is > confusing. Two separate articles, one on each topic would be better!The problem is that the Samba wiki is written from the perspective of using a self-compiled version of Samba, not from the perspective of this is how you use Samba on distro X. Could you supply a link to the Samba dns page you refer to ?> > 2) Despite being the official documentation its not free of errors, > as I have just demonstrated. There were two missing essential steps > in the tutorial to add a backup DC to a domain and this is a very > fundamental Samba task. Its like the seconds step in setting up a > basic Samba setup.Whilst I cannot deny there are errors, I try to fix these errors asap, but this relies on people give us feedback, something that we do not really get.> > 3) They lacks the clear straightforward step by step approach of > TechMint with screenshots and similar?Not really a fan of screenshots, unless there is no other way of displaying information.> > 4) In practice this means that non-experts cannot / wont be able to > use Samba, even for basic tasks as I am trying to do here. People > less determined than me will give up, > and I am basically dependent upon this (awesome, thanks everyone) > mailing list and its support.Again, the wiki was written from the point of view of experts and not necessarily understandable by 'non-experts'. This needs to be fixed, but to do this, we need to know what is actually wrong.> > 5) You need to get one person to write the docs. Another person > should then separately *verify* the instructions that are given to > avoid simple mistakes.This not entirely true, one person could do this, make notes as they do something and then do it again, just following their notes.> > To be absolutely clear - I am trying to be constructive here and > genunely offer suggestions for improvement. The last thing I want to > do is insult you and the other Samba devotees and your heroic efforts > here on this list Rowland. > At the same time quite a few of the the questions that are asked > relate to pretty basic stuff that wouldn't arise were the official > docs clearer IMHO.I perfectly understand where you are coming from, I once described the wiki as 'technically brilliant, but not very useful'. One problem I see is, if the wiki is altered in the way that you sort of suggest, which distro do you use ?> > I know you are all volunteers, time is precious, but I think a little > bit more up front work on the docs would payoff in the long run and > help reduce mailing list traffic significantly. >Whilst I agree that altering the wiki will help, again it comes down to how? Rowland
Possibly Parallel Threads
- Problem achieving manual synchronisation of idmap.ldb and the associated User and Group ID mappings between two Samba 4 AD DCs
- Problem achieving manual synchronisation of idmap.ldb and the associated User and Group ID mappings between two Samba 4 AD DCs
- Problem achieving manual synchronisation of idmap.ldb and the associated User and Group ID mappings between two Samba 4 AD DCs
- Problem achieving manual synchronisation of idmap.ldb and the associated User and Group ID mappings between two Samba 4 AD DCs
- Problem achieving manual synchronisation of idmap.ldb and the associated User and Group ID mappings between two Samba 4 AD DCs