On 15/03/2021 16:07, Oleg Blyahher via samba wrote:> Hi again everyone, starting a new thread as I was able to find some
> things... I had sent an email earlier on about domain members not
> synchronizing time, and instead using the CMOS time.
>
> I tried to understand why machines in my domain don't react to the
> group policy I've set up that tells them to get the time from some
> nice NTP server somewhere. So I've realized that newly joined
> computers don't get any GPO rules from the DC at all.
>
> The DC is fairly new, and took over the PDC role in the domain instead
> of an old broken one running Samba 4 with Zentyal, that in its own
> turn replaced a Samba 3 server that was not a DC.
There is no such thing as the 'PDC' role in AD, there is the
PDC_Emulator FSMO role though. Except for the FSMO roles, all DC's are
equal.
>
> I downloaded the script recommended in the wiki, and got results
> exactly like in this thread:
>
http://samba.2283325.n4.nabble.com/BUILTIN-Administrators-failed-to-call-wbcSidToUid-WBC-ERR-DOMAIN-NOT-FOUND-td4723614.html
What version of Samba are you using ?
Does 'wbinfo -s S-1-5-32-544' produce output when run in a terminal on
the DC ?
Rowland