Hi,
I don't really know why but after working on a GPO it is necessary to reset
sysvol acls on the DC. I have no idea.
Can you point me to a hint where I could have a look at? I use SerNet packages
if it's important to know. It's v4.1.16.
smb.conf:
# Global parameters
[global]
workgroup = SUBDOM
realm = SUBDOM.DOM.INTERN
netbios name = DC01
server role = active directory domain controller
dns forwarder = 10.0.0.1
idmap_ldb:use rfc2307 = yes
bind interfaces only = yes
interfaces = lo enp2s0f0
#orig server max protocol = NT1
#orig server min protocol = CORE
server max protocol = SMB3
server min protocol = SMB2
client max protocol = SMB3
client min protocol = SMB2
#orig server signing = default
# server signing = mandatory
winbind nss info = rfc2307
[netlogon]
path = /var/lib/samba/sysvol/subdom.dom.intern/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
Thanks in advance
Tim