19.4 Sysvol

The System Volume (Sysvol) is a shared directory that stores the server copy of the domain's public files that must be shared for common access and replication throughout a domain. The Sysvol corresponds to the /var/opt/novell/xad/sysvol/sysvol directory on the domain controller. The Group Policy Template of the default domain policy GPO is stored in the /var/opt/novell/xad/sysvol/sysvol/<domain name>/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}directory.

A Group Policy Template contains the following information:

  • Template-based administrative policies

  • Security settings

  • Script files

  • Information for the applications that are available for Group Policy software installation.

The SYSVOL volume of a domain is now stored on each domain controller of the domain. This enhancement resolves the performance and scalability limitations arising from the initial design of having the SYSVOL volume only on the first domain controller.

Following are the benefits of having the SYSVOL volume on every domain controller:

  • Reduces the load on each domain controller as now during user login or workstation bootup, policies can be read from any domain controller as each domain controller holds a copy of SYSVOL.

  • Provides fault tolerance in form of backup domain controllers providing seamless transition from the first domain controller, in event of failure.

The synchronization of data between the domain controllers is handled by sysvolsync utility. During the DSfW installation a crontab entry is added for sysvolsync that synchronizes the changes on the domain controller playing the role of a PDC emulator with the other domain controllers in the domain. The synchronization by default happens every half an hour.For more details on the sysvolsync utility see, Section 19.4.1, sysvolsync Utility

19.4.1 sysvolsync Utility

The sysvolsync utility is introduced to provide synchronization of sysvol and the underlying policies between the domain controllers of a domain. This utility when invoked finds the domain controllers for the domain and initiates the synchronization process with them, contacting one domain controller at a time. During the synchronization only the changes are transferred and not the entire data. This helps in faster synchronization between the domain controllers. All the POSIX file permissions and ACLs are retained during transfer.

For intermediate synchronization, you can invoke the utility using the following command:

/opt/novell/xad/sbin/sysvolsync

During the synchronization the changes are transferred from the first domain controller(holding the PDC Emulator role) to the other domain controllers.

The details of synchronization events are captured in /var/opt/novell/xad/log/sysvolsync.log file.