之前 WIN DC 與 Zentyal 4.0 DC 最大的問題是 replication 問題
找了 Samba 文章說 .... 用 robocopy ....
看了 robocopy 覺得不好用 ...
找複製功能 ...都說能雙向同步的 FreeFileSync 這軟體最好用
就記錄一下 ...
去 google 找到這 檔案下載到 windows ...安裝成綠色軟體 安裝目錄 C:\FreeFileSync
編寫 C:\FreeFileSync\SyncSettings.ffs_bash
<?xml version="1.0" encoding="UTF-8"?>
<FreeFileSync XmlFormat="6" XmlType="BATCH">
<MainConfig>
<Comparison>
<Variant>TimeAndSize</Variant>
<Symlinks>Exclude</Symlinks>
<IgnoreTimeShift/>
</Comparison>
<SyncConfig>
<Variant>TwoWay</Variant>
<CustomDirections>
<LeftOnly>right</LeftOnly>
<RightOnly>left</RightOnly>
<LeftNewer>right</LeftNewer>
<RightNewer>left</RightNewer>
<Different>none</Different>
<Conflict>none</Conflict>
</CustomDirections>
<DetectMovedFiles>false</DetectMovedFiles>
<DeletionPolicy>RecycleBin</DeletionPolicy>
<VersioningFolder Style="Replace"/>
</SyncConfig>
<GlobalFilter>
<Include>
<Item>*</Item>
</Include>
<Exclude>
<Item>\System Volume Information\</Item>
<Item>\$Recycle.Bin\</Item>
<Item>\RECYCLER\</Item>
<Item>\RECYCLED\</Item>
<Item>*\desktop.ini</Item>
<Item>*\thumbs.db</Item>
</Exclude>
<TimeSpan Type="None">0</TimeSpan>
<SizeMin Unit="None">0</SizeMin>
<SizeMax Unit="None">0</SizeMax>
</GlobalFilter>
<FolderPairs>
<Pair>
<Left>\\192.168.0.62\sysvol\TW2.AD</Left>
<Right>\\192.168.0.63\sysvol\TW2.AD</Right>
</Pair>
</FolderPairs>
<OnCompletion/>
</MainConfig>
<BatchConfig>
<HandleError>Ignore</HandleError>
<RunMinimized>true</RunMinimized>
<LogfileFolder Limit="0"/>
</BatchConfig>
</FreeFileSync>
直接編寫排程 .......
執行 C:\FreeFileSync\FreeFileSync.exe
引數 C:\FreeFileSync\SyncSettings.ffs_bash
開始位置 C:\FreeFileSync
我習慣寫 vbs 加入 log
編寫 C:\FreeFileSync\sync.bat
"C:\FreeFileSync\FreeFileSync.exe" "C:\FreeFileSync\SyncSettings.ffs_bash"
編寫 C:\FreeFileSync\sync.vbs
Const ForAppending = 2
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTextFile = objFSO.OpenTextFile("C:\FreeFileSync\sync.log", ForAppending, True)
objTextFile.WriteLine (Now)
objTextFile.Close
Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.currentdirectory="C:\FreeFileSync"
WshShell.Run "C:\FreeFileSync\sync.bat", 0
Set WshShell = Nothing
編寫 排程 SysVol Replication
五分鐘觸發 ....最少可設定到 1 分鐘
背景執行 ....按確認會請你輸入密碼 ....
至 Zentyal 停用 SysvolSync
mv /usr/share/perl5/EBox/Samba/SysvolSync.pm /usr/share/perl5/EBox/Samba/SysvolSync.pm.org
touch /usr/share/perl5/EBox/Samba/SysvolSync.pm
修改 ad 轉移程式 將 SysvolSync 註解掉
cp ad-migrate ad-migrate.org
vi /usr/share/zentyal-samba/ad-migrate
#use EBox::Samba::SysvolSync;
......
......
##
## Transfer sysvol share
##
#print "\nSynchronizing sysvol share...\n";
#my $synchronizer = new EBox::Samba::SysvolSync();
#my $syncRet = $synchronizer->sync();
#if ($syncRet) {
# print "ERROR: The sysvol share could not be synchronized. Check Zentyal log for details.\n";
# exit 1;
#}
-------------------------------------------------------
測試一下 ...在 \\192.168.0.62\sysvol\TW2.AD\scripts\ 下面放個檔案 (192.168.0.62 是 windows )
晃一下 ..... 等個五分鐘以上 ...去 linux 看 (192.168.0.63)
看一下複寫狀態
root@linux-ad1:~# samba-tool drs showrepl
params.c:pm_process() - Processing configuration file "/etc/samba/shares.conf"
ldb_wrap open of secrets.ldb
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'schannel' registered
GENSEC backend 'spnego' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncacn_ip_tcp:linux-ad1.tw2.ad[,seal]
Default-First-Site-Name\LINUX-AD1
DSA Options: 0x00000001
DSA object GUID: cd1614ea-c5e0-4f27-a8de-394c382f67af
DSA invocationId: 39b316c2-52b2-42f7-bfa5-8d62d870fa6c
==== INBOUND NEIGHBORS ====
DC=ForestDnsZones,DC=TW2,DC=AD
Default-First-Site-Name\WIN-AD1 via RPC
DSA object GUID: df75e060-82dc-4ef7-bd95-cbed73d7ef84
Last attempt @ Fri Nov 18 09:44:38 2016 CST was successful
0 consecutive failure(s).
Last success @ Fri Nov 18 09:44:38 2016 CST
DC=DomainDnsZones,DC=TW2,DC=AD
Default-First-Site-Name\WIN-AD1 via RPC
DSA object GUID: df75e060-82dc-4ef7-bd95-cbed73d7ef84
Last attempt @ Fri Nov 18 09:45:32 2016 CST was successful
0 consecutive failure(s).
Last success @ Fri Nov 18 09:45:32 2016 CST
CN=Configuration,DC=TW2,DC=AD
Default-First-Site-Name\WIN-AD1 via RPC
DSA object GUID: df75e060-82dc-4ef7-bd95-cbed73d7ef84
Last attempt @ Fri Nov 18 09:44:38 2016 CST was successful
0 consecutive failure(s).
Last success @ Fri Nov 18 09:44:38 2016 CST
DC=TW2,DC=AD
Default-First-Site-Name\WIN-AD1 via RPC
DSA object GUID: df75e060-82dc-4ef7-bd95-cbed73d7ef84
Last attempt @ Fri Nov 18 09:49:01 2016 CST was successful
0 consecutive failure(s).
Last success @ Fri Nov 18 09:49:01 2016 CST
CN=Schema,CN=Configuration,DC=TW2,DC=AD
Default-First-Site-Name\WIN-AD1 via RPC
DSA object GUID: df75e060-82dc-4ef7-bd95-cbed73d7ef84
Last attempt @ Fri Nov 18 09:44:38 2016 CST was successful
0 consecutive failure(s).
Last success @ Fri Nov 18 09:44:38 2016 CST
==== OUTBOUND NEIGHBORS ====
DC=ForestDnsZones,DC=TW2,DC=AD
Default-First-Site-Name\WIN-AD1 via RPC
DSA object GUID: df75e060-82dc-4ef7-bd95-cbed73d7ef84
Last attempt @ Fri Nov 18 08:54:28 2016 CST was successful
0 consecutive failure(s).
Last success @ Fri Nov 18 08:54:28 2016 CST
DC=DomainDnsZones,DC=TW2,DC=AD
Default-First-Site-Name\WIN-AD1 via RPC
DSA object GUID: df75e060-82dc-4ef7-bd95-cbed73d7ef84
Last attempt @ Fri Nov 18 09:45:22 2016 CST was successful
0 consecutive failure(s).
Last success @ Fri Nov 18 09:45:22 2016 CST
CN=Configuration,DC=TW2,DC=AD
Default-First-Site-Name\WIN-AD1 via RPC
DSA object GUID: df75e060-82dc-4ef7-bd95-cbed73d7ef84
Last attempt @ Fri Nov 18 08:49:33 2016 CST was successful
0 consecutive failure(s).
Last success @ Fri Nov 18 08:49:33 2016 CST
DC=TW2,DC=AD
Default-First-Site-Name\WIN-AD1 via RPC
DSA object GUID: df75e060-82dc-4ef7-bd95-cbed73d7ef84
Last attempt @ Fri Nov 18 08:49:33 2016 CST was successful
0 consecutive failure(s).
Last success @ Fri Nov 18 08:49:33 2016 CST
CN=Schema,CN=Configuration,DC=TW2,DC=AD
Default-First-Site-Name\WIN-AD1 via RPC
DSA object GUID: df75e060-82dc-4ef7-bd95-cbed73d7ef84
Last attempt @ Fri Nov 18 08:49:33 2016 CST was successful
0 consecutive failure(s).
Last success @ Fri Nov 18 08:49:33 2016 CST
==== KCC CONNECTION OBJECTS ====
Connection --
Connection name: f1ef6c91-2f2d-4901-b2a2-9387bc5bbe4c
Enabled : TRUE
Server DNS name : WIN-AD1.TW2.AD
Server DN name : CN=NTDS Settings,CN=WIN-AD1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TW2,DC=AD
TransportType: RPC
options: 0x00000001
Warning: No NC replicated for Connection!
觀察 log .... tail -f /var/log/zentyal/zentyal.log
應該沒有同步資訊
.......................................................
正好要轉移 AD 五大角色 .....可測試一下 ad-migrate
root@linux-ad1:/usr/share/zentyal-samba# ./ad-migrate
WARNING: This script will transfer all FSMO roles from the current owners to
the local server.
After all roles has been successfully transferred, you can shutdown
the other domain controllers.
Do you want to continue [Y/n]? Y
Checking server mode...
Checking if server is provisioned...
Transferring FSMO roles...
Transferring Schema Master role from owner: CN=NTDS Settings,CN=WIN-AD1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TW2,DC=AD
Transferring Domain Naming Master role from owner: CN=NTDS Settings,CN=WIN-AD1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TW2,DC=AD
Transferring PDC Emulation Master role from owner: CN=NTDS Settings,CN=WIN-AD1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TW2,DC=AD
Transferring RID Allocation Master role from owner: CN=NTDS Settings,CN=WIN-AD1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TW2,DC=AD
Transferring Infrastructure Master role from owner: CN=NTDS Settings,CN=WIN-AD1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TW2,DC=AD
Migrated successfully!
看轉移結果 ....
root@linux-ad1:/usr/share/zentyal-samba#samba-tool fsmo show
params.c:pm_process() - Processing configuration file "/etc/samba/shares.conf"
ldb_wrap open of secrets.ldb
InfrastructureMasterRole owner: CN=NTDS Settings,CN=LINUX-AD1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TW2,DC=AD
RidAllocationMasterRole owner: CN=NTDS Settings,CN=LINUX-AD1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TW2,DC=AD
PdcEmulationMasterRole owner: CN=NTDS Settings,CN=LINUX-AD1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TW2,DC=AD
DomainNamingMasterRole owner: CN=NTDS Settings,CN=LINUX-AD1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TW2,DC=AD
SchemaMasterRole owner: CN=NTDS Settings,CN=LINUX-AD1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TW2,DC=AD
root@linux-ad1:/usr/share/zentyal-samba#
留言列表
雜七雜八 (1)
