Production environment: 4 DCs (windows server 2003) and near 150 workstations.
Intention: migration to Samba4
First, I've added 5th DC (CentOS 6.5, Samba 4.1.11-9.el6.x86_64 from SerNet repository). It works, albeit with some flaws.
Main concern: sysvol replication.
I've googled already and discovered that this feature is not implemented yet.
What I did:
- Mounted PDC share and manually copied sysvol contents;
- Executed
samba-tool ntacl sysvolreset.
And got:
open: error=2 (No such file or directory)
ERROR(runtime): uncaught exception - (-1073741823, 'Undetermined error')
File "/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line 175, in _run
return self.run(*args, **kwargs)
File "/usr/lib64/python2.6/site-packages/samba/netcmd/ntacl.py", line 218, in run
lp, use_ntvfs=use_ntvfs)
File "/usr/lib64/python2.6/site-packages/samba/provision/__init__.py", line 1612, in setsysvolacl
set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp, use_ntvfs, passdb=s4_passdb)
File "/usr/lib64/python2.6/site-packages/samba/provision/__init__.py", line 1517, in set_gpos_acl
passdb=passdb)
File "/usr/lib64/python2.6/site-packages/samba/provision/__init__.py", line 1480, in set_dir_acl
setntacl(lp, path, acl, domsid, use_ntvfs=use_ntvfs, skip_invalid_chown=True, passdb=passdb, service=service)
File "/usr/lib64/python2.6/site-packages/samba/ntacls.py", line 154, in setntacl
smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd, service=service)
There are few similar situations described and resolved but the cause is surely different.
I'm not a programmer and (with due respect to programmers and their work) I can't grovel successfully through thousands of python lines to find out what's going wrong.
Found at least one solution based on rsync, but I need to replicate native windows AD, so this solution is not suitable for me.
Any suggestions?
