ArtIT Wiki

User Tools

Site Tools

Trace:
sysvol_sync_domain

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
sysvol_sync_domain [2022/10/12 17:24] – created adminsysvol_sync_domain [2022/10/12 18:43] (current) admin
Line 4: Line 4:
  
 On your Domain Controller On your Domain Controller
 +
 +Install the Rsync application
 +
 +  apt install rsync 
 +  apt install xinetd
 +
 +Make sure that your RSYN_ENABLE is set to RSYNC_ENABLE=inetd in /etc/default/rsync
 +
 +If you start your rsync-server through xinetd, you can use the following configuration file (/etc/xinetd.d/rsync):
  
    service rsync    service rsync
Line 16: Line 25:
       log_on_failure += USERID        log_on_failure += USERID 
    }    }
 +
 +Create the file /etc/rsyncd.conf (adapt the path variable to your PDC Emulators SysVol path):
 +
 +   [SysVol]
 +   path = /var/lib/samba/sysvol/
 +   comment = Samba Sysvol Share
 +   uid = root
 +   gid = root
 +   read only = yes
 +   auth users = sysvol-replication
 +   secrets file = /root/.rsyncd.secret
 +
 +Create a file /root/.rsyncd.secret (permissions must not be world-readable!) with the following content (adapt the password!):
 +
 +   sysvol-replication:pa$$w0rd
 +
 +Restart xinetd.
 +
 +   service xinetd restart
 +
 +**Now setup this on your backup domain controllers:**
 +
 +Make sure, that you have identical IDs of built-in groups on all DCs. Install rsync by using your package manager or compile from source. Make sure, that you use a version that supports extended ACLs!
 +Create a password file /root/.rsync-sysvol.secret and fill it with the password you set on the PDC Emulator for the sysvol-replication rsync account (permissions of that file must not be world-readable!):
 +
 +   pa$$w0rd
 +
 +Make the file chmod 700 readable! 
 +
 +For replicating the SysVol folder, run the following command (--dry-run means that no modifications are actually made):
 +
 +   rsync --dry-run -XAavz --delete-after --password-file=/root/.rsync-sysvol.secret rsync://sysvol-replication@$yourdomaincontrollerip$/sysvol/ /var/lib/samba/sysvol/
 +
 +If everything goes well you can schedule a cron job on your BDC:
 +
 +   crontab -e
 +
 +and put the following in the file without the quotes:
 +
 +  "*/5 * * * *          rsync -XAavz --delete-after --password-file=/root/.rsync-sysvol.secret rsync://sysvol-replication@$yourdomaincontrollerip$/sysvol/ /var/lib/samba/sysvol/"
  
  
 +Repeat these steps on every BDC (except your PDC Emulator!).
  
  
sysvol_sync_domain.1665588286.txt.gz · Last modified: 2022/10/12 17:24 by admin