?icro MEGAS
2014-Nov-01 20:06 UTC
[Samba] DC2 denies access when saving through the Group Policy M
> OK, make sure that the two idmap.ldb files match and then run > 'samba-tool ntacl sysvolreset' on both machines and see if this cured > this problem.I did: root at dc1:~$ service sernet-samba-ad stop root at dc2:~$ service sernet-samba-ad stop root at dc2:~$ mv /var/lib/samba/private/idmap.ldb /root/idmap.ldb.bak root at dc1:~$ scp /var/lib/samba/private/idmap.ldb dc2:/var/lib/samba/private/ then I ensured that /var/lib/samba/private/idmap.ldb is exactly the same on dc1 and dc2. then... root at dc1:~$ samba-tool ntacl sysvolreset root at dc2:~$ samba-tool ntacl sysvolreset root at dc1:~$ service sernet-samba-ad start root at dc2:~$ service sernet-samba-ad start to be sure again I execute the sysvolreset command... root at dc1:~$ samba-tool ntacl sysvolreset root at dc2:~$ samba-tool ntacl sysvolreset but when I execute "samba-tool ntacl sysvolcheck" I still get the uncaught exception error on dc1 and dc2 :(
steve
2014-Nov-01 21:41 UTC
[Samba] DC2 denies access when saving through the Group Policy M
On 01/11/14 21:06, ?icro MEGAS wrote:> > but when I execute "samba-tool ntacl sysvolcheck" I still get the uncaught exception error on dc1 and dc2 :( >The idmap db must be in place _before_ you call samba on the newly installed DC. Roll back to your backup _before_ you joined the second DC, remove all traces of samba on DC2 and install anew. Then: 1. Join DC2 2. copy idmap database 3. sysvolreset 4. samba 5. Wait for the replication to stop before fiddling. HTH, Jos?
Reasonably Related Threads
- DC2 denies access when saving through the Gro
- DC2 denies access when saving through the Group Policy Management Console
- Re: Re: Re: DC2 denies access whe
- [PATCH net-next] virtio_net: add gro capability
- GDM problems whe using LDAP for user id information