thr3ads.net - samba - [Samba] NT_STATUS_OBJECT_NAME_NOT

If this information is useful, please help other people find it:
Share via:

Carlos

2021-May-25 15:13 UTC

[Samba] NT_STATUS_OBJECT_NAME_NOT_FOUND

I checked the FSMO and tooas are pointing to the correct DC (and only to 
him), but I saw that in the DNS there were two entries for the PDC 
question, I removed the wrong one (leaving only the correct DC), and he 
executed the right command .

I have 18 Dcs , which is causing problems and in the new one (in this 
case, what I called DC2 here)


ldbsearch -H ldap://"$(host -t SRV _ldap._tcp.pdc._msdcs."$(hostname 
-d)" | awk '{print $NF}' | awk -F '.' '{print
$1}')" -P -b
"CN=Policies,CN=System,$(echo "DC=$(hostname -d)" | sed
's/\./,DC=/g')"
-s sub '(objectClass=groupPolicyContainer)' cn | grep 'cn:'
cn: {517AE483-57E6-48B1-A9D8-DD4D7039D469}
cn: {1F1D65A3-2DFD-491D-A844-D4D448520B2E}
cn: {FC942ADA-CF96-4186-8942-322E045EE018}
cn: {16071A9D-29DA-4CC5-90F8-1DC2BEE37DB1}
cn: {6140C55E-E459-4B43-9071-D4244581BB9D}
cn: {D5E1A2D1-070D-4DEB-A84F-32EFB68F8988}
cn: {A98110BB-FF15-485A-86E8-1D18FC529F82}
cn: {F100B212-EFF9-4E70-850A-411CECA54F74}
cn: {7B507AB4-3463-4BFD-A859-3A95B52D48B4}
cn: {16034E74-5F06-45EB-B778-0155BAC76EED}
cn: {31B2F340-016D-11D2-945F-00C04FB984F9}
cn: {B27F4E18-A83A-4B4C-BF95-992D17DE4356}
cn: {B59AD5F3-C408-44A8-B520-E6C2274430A0}
cn: {80C1D392-60EA-4558-BFDB-661E1128013B}
cn: {BC36848B-3A6F-4BFB-B01A-BCE61A363205}
cn: {2E488814-1084-4845-B68E-C38D60B476B8}
cn: {C5B1194F-6DE8-4970-958A-96AEFF3F2F43}
cn: {D448A7E7-22D8-4BEC-82E7-F73748AA7154}
cn: {8842F75C-A136-42F0-BFEC-04B69D638168}
cn: {889231A7-0199-4E7B-BE07-989D6095FD43}
cn: {9E661234-529F-4287-8471-AAE5C68887B4}
cn: {BBAC22FE-0437-49E5-A02A-D7D3C3CEE120}
cn: {023F6920-DB5A-42A1-9FB7-43BDA9F60E59}
cn: {2D2962FF-9D69-45F4-B2AC-7EDC19DD07B5}
cn: {46367B44-346C-422E-AFB7-0A95EF896B78}
cn: {F35825C8-B31A-4587-B3BC-962CAF1EE837}
cn: {3BD1FBA6-32C7-43FA-911B-E383A8893A6C}
cn: {99C7FA72-C4DD-4E08-BD34-82207FD6DB2C}
cn: {474579AB-E1DD-48E9-8AFA-A590FEE2DECE}
cn: {6342D129-B4C9-4155-BB98-B17435E5F396}
cn: {4B9C1BA3-CA31-4F8A-8D27-3F387ECFEB14}
cn: {D79B199C-B2CC-4A0C-A0AB-DBF6C8C9FBAC}
cn: {F2A558C2-BE27-4ED3-B672-BB9724925AF1}
cn: {7113698E-37E8-4032-A872-D837E03DA8F9}
cn: {66EC17D5-97B0-469E-B0F1-DC239240102A}
cn: {1C7ED877-F6DE-4418-B29D-3FC612CF3021}
cn: {A0C2DBB8-64CB-4339-992E-055B7E10BE60}
cn: {F5ED8DAD-6BBB-4B5B-A6F1-BE1FC33F498D}
cn: {E9862430-D0D3-46C0-88DA-DB4915942961}
cn: {BD719720-4036-41A8-9467-CF83611D59B5}
cn: {5CE3F48F-F206-4569-9A79-4EEE6A01D994}
cn: {04288E43-AF21-431C-B469-FCE404B8AACD}
cn: {4C43A8BB-1414-4D9F-9D49-F07B8DCB21B3}
cn: {A41C13B1-F655-421A-9F21-DA48E645A757}
cn: {56ADB9BA-327F-4854-A9BC-249FA777F50A}
cn: {B0D11970-E7A0-4548-B396-DF9F43814A30}
cn: {E016F5CD-C850-4C91-9E40-61F7D1651970}
cn: {8EE8ECFD-AD9F-464F-8317-69FD946D074D}
cn: {3827FE58-5B69-47FB-AC70-4D7628028413}
cn: {5DA55F19-6998-4DC5-A560-C7B9CB0A45FA}
cn: {6C53454A-25C7-4264-8300-31351E682D2E}
cn: {45DDD552-E86A-4AA0-BC02-EC077F1EA952}
cn: {E311C0A2-8F30-436B-94F0-036134C47AB1}
cn: {149AD731-C29D-41E7-B1D4-1DECA7DBED58}
cn: {6AC1786C-016F-11D2-945F-00C04FB984F9}
cn: {9D89DF4E-FFC6-4651-8E1F-97E2D4DCDB0D}
cn: {00E54E3A-386D-4880-A9E7-ED0CE4F4A237}

---

ls -ltr /usr/local/samba/var/locks/sysvol/$(hostname -d)/Policies

....

....

drwxrwx---+ 4 XXX\domain admins COTRIEL\domain admins? 4096 May 3? 2019 
{2E488814-1084-4845-B68E-C38D60B476B8}
drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 Aug 19? 2019 
{9E661234-529F-4287-8471-AAE5C68887B4}
drwxrwxr-x+ 4 XXX\domain admins COTRIEL\domain admins? 4096 Sep 4? 2019 
{F35825C8-B31A-4587-B3BC-962CAF1EE837}
drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 Sep 4? 2019 
{D448A7E7-22D8-4BEC-82E7-F73748AA7154}
drwxrwx---+ 5 root????????????????? BUILTIN\administrators 4096 Sep? 4? 
2019 {E016F5CD-C850-4C91-9E40-61F7D1651970}
drwxrwx---+ 5 XXX\yusef.sad???? users????????????????? 4096 Dec 3? 2019 
{99C7FA72-C4DD-4E08-BD34-82207FD6DB2C}
drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 Dec 5? 2019 
{023F6920-DB5A-42A1-9FB7-43BDA9F60E59}
drwxrwx---+ 4 XXX\domain admins COTRIEL\domain admins? 4096 Dec 5? 2019 
{80C1D392-60EA-4558-BFDB-661E1128013B}
drwxrwx---+ 5 root????????????????? BUILTIN\administrators 4096 Dec? 5? 
2019 {5CE3F48F-F206-4569-9A79-4EEE6A01D994}
drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 Dec 5? 2019 
{B59AD5F3-C408-44A8-B520-E6C2274430A0}
drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 Feb 24? 2020 
{8842F75C-A136-42F0-BFEC-04B69D638168}
drwxrwx---+ 4 root????????????????? BUILTIN\administrators 4096 May? 7? 
2020 {00E54E3A-386D-4880-A9E7-ED0CE4F4A237}
drwxrwx---+ 5 root????????????????? BUILTIN\administrators 4096 Sep 16? 
2020 {45DDD552-E86A-4AA0-BC02-EC077F1EA952}
drwxrwx---+ 4 root????????????????? BUILTIN\administrators 4096 Apr 15 
09:04 {E311C0A2-8F30-436B-94F0-036134C47AB1}
drwxrwx---+ 4 root????????????????? BUILTIN\administrators 4096 Apr 15 
10:23 {6C53454A-25C7-4264-8300-31351E682D2E}
drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 May 20 15:16 
{D79B199C-B2CC-4A0C-A0AB-DBF6C8C9FBAC}
drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 May 21 16:28 
{1F1D65A3-2DFD-491D-A844-D4D448520B2E}
drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 May 24 14:55 
{149AD731-C29D-41E7-B1D4-1DECA7DBED58}

Regards;


Em 25/05/2021 11:40, Rowland penny via samba escreveu:> On 25/05/2021 15:12, Carlos via samba wrote:
>> ldbsearch -H ldap://"$(host -t SRV
_ldap._tcp.pdc._msdcs."$(hostname
>> -d)" | awk '{print $NF}' | awk -F '.' '{print
$1}')" -P -b
>> "CN=Policies,CN=System,$
>> (echo "DC=$(hostname -d)" | sed 's/\./,DC=/g')"
-s sub
>> '(objectClass=groupPolicyContainer)' cn | grep 'cn:'
>> Failed to connect to ldap URL 'ldap://DC1
>> DC1' - LDAP client internal error: NT_STATUS_OBJECT_NAME_NOT_FOUND
>> Failed to connect to 'ldap://DC0
>> DC1' with backend 'ldap': LDAP client internal error: 
>> NT_STATUS_OBJECT_NAME_NOT_FOUND
>> Failed to connect to ldap://DC0
>> DC1 - LDAP client internal error: NT_STATUS_OBJECT_NAME_NOT_FOUND
>>
>> But i test telnet 389 in dc0 e dc1 and connection is OK.
>>
>>
>> ls /var/lib/samba/sysvol/$(hostname -d)/Policies
>>
>> But my samba is compilated(source).
>>
>> regards;
>>
>>
>>
>>
>>
>> Em 25/05/2021 10:54, Rowland penny via samba escreveu:
>>> On 25/05/2021 13:55, Carlos via samba wrote:
>>>> HI
>>>>
>>>> "I am unsure, have you given all the AD groups a gidNumber
?" I
>>>> dont understand.....
>>>
>>>
>>> Can you run these commands on a DC:
>>>
>>> sudo ldbsearch -H ldap://"$(host -t SRV 
>>> _ldap._tcp.pdc._msdcs."$(hostname -d)" | awk '{print
$NF}' | awk -F
>>> '.' '{print $1}')" -P -b
"CN=Policies,CN=System,$(echo
>>> "DC=$(hostname -d)" | sed 's/\./,DC=/g')" -s
sub
>>> '(objectClass=groupPolicyContainer)' cn | grep
'cn:'
>>>
>>> sudo ls /var/lib/samba/sysvol/$(hostname -d)/Policies
>>>
>>> Do the outputs show the same GPO's ?
>>>
>>> Rowland
>>>
>>>
>>>
>>
>
> Hmm, you do seem to have problems: $(host -t SRV 
> _ldap._tcp.pdc._msdcs."$(hostname -d)" | awk '{print
$NF}' | awk -F
> '.' '{print $1}') should produce the short hostname of the
DC that
> holds the PDC_Emulator FSMO role, which it does but then seem to be 
> able to connect (you are running this as 'root', aren't you ?).
What
> it shouldn't do is move on to the another DC, there should only be on 
> DC with the PDC_Emulator role.
>
> As for the second command, just change the '/var/lib/samba' with
the
> path to your sysvol.
>
> Rowland
>
>
>

Rowland penny

2021-May-25 15:36 UTC

head link

[Samba] NT_STATUS_OBJECT_NAME_NOT_FOUND

On 25/05/2021 16:13, Carlos via samba wrote:> I checked the FSMO and tooas are pointing to the correct DC (and only 
> to him), but I saw that in the DNS there were two entries for the PDC 
> question, I removed the wrong one (leaving only the correct DC), and 
> he executed the right command .
>
> I have 18 Dcs , which is causing problems and in the new one (in this 
> case, what I called DC2 here)
>
>
> ldbsearch -H ldap://"$(host -t SRV
_ldap._tcp.pdc._msdcs."$(hostname
> -d)" | awk '{print $NF}' | awk -F '.' '{print
$1}')" -P -b
> "CN=Policies,CN=System,$(echo "DC=$(hostname -d)" | sed 
> 's/\./,DC=/g')" -s sub
'(objectClass=groupPolicyContainer)' cn | grep
> 'cn:'
> cn: {517AE483-57E6-48B1-A9D8-DD4D7039D469}
> cn: {1F1D65A3-2DFD-491D-A844-D4D448520B2E}
> cn: {FC942ADA-CF96-4186-8942-322E045EE018}
> cn: {16071A9D-29DA-4CC5-90F8-1DC2BEE37DB1}
> cn: {6140C55E-E459-4B43-9071-D4244581BB9D}
> cn: {D5E1A2D1-070D-4DEB-A84F-32EFB68F8988}
> cn: {A98110BB-FF15-485A-86E8-1D18FC529F82}
> cn: {F100B212-EFF9-4E70-850A-411CECA54F74}
> cn: {7B507AB4-3463-4BFD-A859-3A95B52D48B4}
> cn: {16034E74-5F06-45EB-B778-0155BAC76EED}
> cn: {31B2F340-016D-11D2-945F-00C04FB984F9}
> cn: {B27F4E18-A83A-4B4C-BF95-992D17DE4356}
> cn: {B59AD5F3-C408-44A8-B520-E6C2274430A0}
> cn: {80C1D392-60EA-4558-BFDB-661E1128013B}
> cn: {BC36848B-3A6F-4BFB-B01A-BCE61A363205}
> cn: {2E488814-1084-4845-B68E-C38D60B476B8}
> cn: {C5B1194F-6DE8-4970-958A-96AEFF3F2F43}
> cn: {D448A7E7-22D8-4BEC-82E7-F73748AA7154}
> cn: {8842F75C-A136-42F0-BFEC-04B69D638168}
> cn: {889231A7-0199-4E7B-BE07-989D6095FD43}
> cn: {9E661234-529F-4287-8471-AAE5C68887B4}
> cn: {BBAC22FE-0437-49E5-A02A-D7D3C3CEE120}
> cn: {023F6920-DB5A-42A1-9FB7-43BDA9F60E59}
> cn: {2D2962FF-9D69-45F4-B2AC-7EDC19DD07B5}
> cn: {46367B44-346C-422E-AFB7-0A95EF896B78}
> cn: {F35825C8-B31A-4587-B3BC-962CAF1EE837}
> cn: {3BD1FBA6-32C7-43FA-911B-E383A8893A6C}
> cn: {99C7FA72-C4DD-4E08-BD34-82207FD6DB2C}
> cn: {474579AB-E1DD-48E9-8AFA-A590FEE2DECE}
> cn: {6342D129-B4C9-4155-BB98-B17435E5F396}
> cn: {4B9C1BA3-CA31-4F8A-8D27-3F387ECFEB14}
> cn: {D79B199C-B2CC-4A0C-A0AB-DBF6C8C9FBAC}
> cn: {F2A558C2-BE27-4ED3-B672-BB9724925AF1}
> cn: {7113698E-37E8-4032-A872-D837E03DA8F9}
> cn: {66EC17D5-97B0-469E-B0F1-DC239240102A}
> cn: {1C7ED877-F6DE-4418-B29D-3FC612CF3021}
> cn: {A0C2DBB8-64CB-4339-992E-055B7E10BE60}
> cn: {F5ED8DAD-6BBB-4B5B-A6F1-BE1FC33F498D}
> cn: {E9862430-D0D3-46C0-88DA-DB4915942961}
> cn: {BD719720-4036-41A8-9467-CF83611D59B5}
> cn: {5CE3F48F-F206-4569-9A79-4EEE6A01D994}
> cn: {04288E43-AF21-431C-B469-FCE404B8AACD}
> cn: {4C43A8BB-1414-4D9F-9D49-F07B8DCB21B3}
> cn: {A41C13B1-F655-421A-9F21-DA48E645A757}
> cn: {56ADB9BA-327F-4854-A9BC-249FA777F50A}
> cn: {B0D11970-E7A0-4548-B396-DF9F43814A30}
> cn: {E016F5CD-C850-4C91-9E40-61F7D1651970}
> cn: {8EE8ECFD-AD9F-464F-8317-69FD946D074D}
> cn: {3827FE58-5B69-47FB-AC70-4D7628028413}
> cn: {5DA55F19-6998-4DC5-A560-C7B9CB0A45FA}
> cn: {6C53454A-25C7-4264-8300-31351E682D2E}
> cn: {45DDD552-E86A-4AA0-BC02-EC077F1EA952}
> cn: {E311C0A2-8F30-436B-94F0-036134C47AB1}
> cn: {149AD731-C29D-41E7-B1D4-1DECA7DBED58}
> cn: {6AC1786C-016F-11D2-945F-00C04FB984F9}
> cn: {9D89DF4E-FFC6-4651-8E1F-97E2D4DCDB0D}
> cn: {00E54E3A-386D-4880-A9E7-ED0CE4F4A237}
>
> ---
>
> ls -ltr /usr/local/samba/var/locks/sysvol/$(hostname -d)/Policies
>
> ....
>
> ....
>
> drwxrwx---+ 4 XXX\domain admins COTRIEL\domain admins? 4096 May 3 2019 
> {2E488814-1084-4845-B68E-C38D60B476B8}
> drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 Aug 19? 
> 2019 {9E661234-529F-4287-8471-AAE5C68887B4}
> drwxrwxr-x+ 4 XXX\domain admins COTRIEL\domain admins? 4096 Sep 4 2019 
> {F35825C8-B31A-4587-B3BC-962CAF1EE837}
> drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 Sep 4 2019 
> {D448A7E7-22D8-4BEC-82E7-F73748AA7154}
> drwxrwx---+ 5 root????????????????? BUILTIN\administrators 4096 Sep? 
> 4? 2019 {E016F5CD-C850-4C91-9E40-61F7D1651970}
> drwxrwx---+ 5 XXX\yusef.sad???? users????????????????? 4096 Dec 3 2019 
> {99C7FA72-C4DD-4E08-BD34-82207FD6DB2C}
> drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 Dec 5 2019 
> {023F6920-DB5A-42A1-9FB7-43BDA9F60E59}
> drwxrwx---+ 4 XXX\domain admins COTRIEL\domain admins? 4096 Dec 5 2019 
> {80C1D392-60EA-4558-BFDB-661E1128013B}
> drwxrwx---+ 5 root????????????????? BUILTIN\administrators 4096 Dec? 
> 5? 2019 {5CE3F48F-F206-4569-9A79-4EEE6A01D994}
> drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 Dec 5 2019 
> {B59AD5F3-C408-44A8-B520-E6C2274430A0}
> drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 Feb 24? 
> 2020 {8842F75C-A136-42F0-BFEC-04B69D638168}
> drwxrwx---+ 4 root????????????????? BUILTIN\administrators 4096 May? 
> 7? 2020 {00E54E3A-386D-4880-A9E7-ED0CE4F4A237}
> drwxrwx---+ 5 root????????????????? BUILTIN\administrators 4096 Sep 
> 16? 2020 {45DDD552-E86A-4AA0-BC02-EC077F1EA952}
> drwxrwx---+ 4 root????????????????? BUILTIN\administrators 4096 Apr 15 
> 09:04 {E311C0A2-8F30-436B-94F0-036134C47AB1}
> drwxrwx---+ 4 root????????????????? BUILTIN\administrators 4096 Apr 15 
> 10:23 {6C53454A-25C7-4264-8300-31351E682D2E}
> drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 May 20 
> 15:16 {D79B199C-B2CC-4A0C-A0AB-DBF6C8C9FBAC}
> drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 May 21 
> 16:28 {1F1D65A3-2DFD-491D-A844-D4D448520B2E}
> drwxrwx---+ 5 XXX\domain admins COTRIEL\domain admins? 4096 May 24 
> 14:55 {149AD731-C29D-41E7-B1D4-1DECA7DBED58}

Do you think that having 57 GPO's in AD and only 18 on disk in sysvol 
might have anything to do with your problem ???

'NT_STATUS_OBJECT_NAME_NOT_FOUND' is another way of saying 'Cannot
find
a policy'

How did you create the GPO's and where ?

Rowland

Carlos

2021-May-25 15:49 UTC

head link

[Samba] NT_STATUS_OBJECT_NAME_NOT_FOUND

Now there is no more error in gpupdate, I create more gpo to test and 
all of them were successful, I restarted the machine several times, and 
the problem did not occur anymore ....
However the sysvolreset still occurs the error ....


Regards;


Em 25/05/2021 12:13, Carlos escreveu:> I checked the FSMO and tooas are pointing to the correct DC (and only 
> to him), but I saw that in the DNS there were two entries for the PDC 
> question, I removed the wrong one (leaving only the correct DC), and 
> he executed the right command .
>
> I have 18 Dcs , which is causing problems and in the new one (in this 
> case, what I called DC2 here)
>
>
> ldbsearch -H ldap://"$(host -t SRV
_ldap._tcp.pdc._msdcs."$(hostname
> -d)" | awk '{print $NF}' | awk -F '.' '{print
$1}')" -P -b
> "CN=Policies,CN=System,$(echo "DC=$(hostname -d)" | sed 
> 's/\./,DC=/g')" -s sub
'(objectClass=groupPolicyContainer)' cn | grep
> 'cn:'
> cn: {517AE483-57E6-48B1-A9D8-DD4D7039D469}
> cn: {1F1D65A3-2DFD-491D-A844-D4D448520B2E}
> cn: {FC942ADA-CF96-4186-8942-322E045EE018}
> cn: {16071A9D-29DA-4CC5-90F8-1DC2BEE37DB1}
> cn: {6140C55E-E459-4B43-9071-D4244581BB9D}
> cn: {D5E1A2D1-070D-4DEB-A84F-32EFB68F8988}
> cn: {A98110BB-FF15-485A-86E8-1D18FC529F82}
> cn: {F100B212-EFF9-4E70-850A-411CECA54F74}
> cn: {7B507AB4-3463-4BFD-A859-3A95B52D48B4}
> cn: {16034E74-5F06-45EB-B778-0155BAC76EED}
> cn: {31B2F340-016D-11D2-945F-00C04FB984F9}
> cn: {B27F4E18-A83A-4B4C-BF95-992D17DE4356}
> cn: {B59AD5F3-C408-44A8-B520-E6C2274430A0}
> cn: {80C1D392-60EA-4558-BFDB-661E1128013B}
> cn: {BC36848B-3A6F-4BFB-B01A-BCE61A363205}
> cn: {2E488814-1084-4845-B68E-C38D60B476B8}
> cn: {C5B1194F-6DE8-4970-958A-96AEFF3F2F43}
> cn: {D448A7E7-22D8-4BEC-82E7-F73748AA7154}
> cn: {8842F75C-A136-42F0-BFEC-04B69D638168}
> cn: {889231A7-0199-4E7B-BE07-989D6095FD43}
> cn: {9E661234-529F-4287-8471-AAE5C68887B4}
> cn: {BBAC22FE-0437-49E5-A02A-D7D3C3CEE120}
> cn: {023F6920-DB5A-42A1-9FB7-43BDA9F60E59}
> cn: {2D2962FF-9D69-45F4-B2AC-7EDC19DD07B5}
> cn: {46367B44-346C-422E-AFB7-0A95EF896B78}
> cn: {F35825C8-B31A-4587-B3BC-962CAF1EE837}
> cn: {3BD1FBA6-32C7-43FA-911B-E383A8893A6C}
> cn: {99C7FA72-C4DD-4E08-BD34-82207FD6DB2C}
> cn: {474579AB-E1DD-48E9-8AFA-A590FEE2DECE}
> cn: {6342D129-B4C9-4155-BB98-B17435E5F396}
> cn: {4B9C1BA3-CA31-4F8A-8D27-3F387ECFEB14}
> cn: {D79B199C-B2CC-4A0C-A0AB-DBF6C8C9FBAC}
> cn: {F2A558C2-BE27-4ED3-B672-BB9724925AF1}
> cn: {7113698E-37E8-4032-A872-D837E03DA8F9}
> cn: {66EC17D5-97B0-469E-B0F1-DC239240102A}
> cn: {1C7ED877-F6DE-4418-B29D-3FC612CF3021}
> cn: {A0C2DBB8-64CB-4339-992E-055B7E10BE60}
> cn: {F5ED8DAD-6BBB-4B5B-A6F1-BE1FC33F498D}
> cn: {E9862430-D0D3-46C0-88DA-DB4915942961}
> cn: {BD719720-4036-41A8-9467-CF83611D59B5}
> cn: {5CE3F48F-F206-4569-9A79-4EEE6A01D994}
> cn: {04288E43-AF21-431C-B469-FCE404B8AACD}
> cn: {4C43A8BB-1414-4D9F-9D49-F07B8DCB21B3}
> cn: {A41C13B1-F655-421A-9F21-DA48E645A757}
> cn: {56ADB9BA-327F-4854-A9BC-249FA777F50A}
> cn: {B0D11970-E7A0-4548-B396-DF9F43814A30}
> cn: {E016F5CD-C850-4C91-9E40-61F7D1651970}
> cn: {8EE8ECFD-AD9F-464F-8317-69FD946D074D}
> cn: {3827FE58-5B69-47FB-AC70-4D7628028413}
> cn: {5DA55F19-6998-4DC5-A560-C7B9CB0A45FA}
> cn: {6C53454A-25C7-4264-8300-31351E682D2E}
> cn: {45DDD552-E86A-4AA0-BC02-EC077F1EA952}
> cn: {E311C0A2-8F30-436B-94F0-036134C47AB1}
> cn: {149AD731-C29D-41E7-B1D4-1DECA7DBED58}
> cn: {6AC1786C-016F-11D2-945F-00C04FB984F9}
> cn: {9D89DF4E-FFC6-4651-8E1F-97E2D4DCDB0D}
> cn: {00E54E3A-386D-4880-A9E7-ED0CE4F4A237}
>
> ---
>
> ls -ltr /usr/local/samba/var/locks/sysvol/$(hostname -d)/Policies
>
> ....
>
> ....
>
> drwxrwx---+ 4 XXX\domain admins XXX\domain admins? 4096 May 3 2019 
> {2E488814-1084-4845-B68E-C38D60B476B8}
> drwxrwx---+ 5 XXX\domain admins XXX\domain admins? 4096 Aug 19 2019 
> {9E661234-529F-4287-8471-AAE5C68887B4}
> drwxrwxr-x+ 4 XXX\domain admins XXX\domain admins? 4096 Sep 4 2019 
> {F35825C8-B31A-4587-B3BC-962CAF1EE837}
> drwxrwx---+ 5 XXX\domain admins XXX\domain admins? 4096 Sep 4 2019 
> {D448A7E7-22D8-4BEC-82E7-F73748AA7154}
> drwxrwx---+ 5 root????????????????? BUILTIN\administrators 4096 Sep? 
> 4? 2019 {E016F5CD-C850-4C91-9E40-61F7D1651970}
> drwxrwx---+ 5 XXX\yusef.sad???? users????????????????? 4096 Dec 3 2019 
> {99C7FA72-C4DD-4E08-BD34-82207FD6DB2C}
> drwxrwx---+ 5 XXX\domain admins XXX\domain admins? 4096 Dec 5 2019 
> {023F6920-DB5A-42A1-9FB7-43BDA9F60E59}
> drwxrwx---+ 4 XXX\domain admins XXX\domain admins? 4096 Dec 5 2019 
> {80C1D392-60EA-4558-BFDB-661E1128013B}
> drwxrwx---+ 5 root????????????????? BUILTIN\administrators 4096 Dec? 
> 5? 2019 {5CE3F48F-F206-4569-9A79-4EEE6A01D994}
> drwxrwx---+ 5 XXX\domain admins XXX\domain admins? 4096 Dec 5 2019 
> {B59AD5F3-C408-44A8-B520-E6C2274430A0}
> drwxrwx---+ 5 XXX\domain admins XXX\domain admins? 4096 Feb 24 2020 
> {8842F75C-A136-42F0-BFEC-04B69D638168}
> drwxrwx---+ 4 root????????????????? BUILTIN\administrators 4096 May? 
> 7? 2020 {00E54E3A-386D-4880-A9E7-ED0CE4F4A237}
> drwxrwx---+ 5 root????????????????? BUILTIN\administrators 4096 Sep 
> 16? 2020 {45DDD552-E86A-4AA0-BC02-EC077F1EA952}
> drwxrwx---+ 4 root????????????????? BUILTIN\administrators 4096 Apr 15 
> 09:04 {E311C0A2-8F30-436B-94F0-036134C47AB1}
> drwxrwx---+ 4 root????????????????? BUILTIN\administrators 4096 Apr 15 
> 10:23 {6C53454A-25C7-4264-8300-31351E682D2E}
> drwxrwx---+ 5 XXX\domain admins XXX\domain admins? 4096 May 20 15:16 
> {D79B199C-B2CC-4A0C-A0AB-DBF6C8C9FBAC}
> drwxrwx---+ 5 XXX\domain admins XXX\domain admins? 4096 May 21 16:28 
> {1F1D65A3-2DFD-491D-A844-D4D448520B2E}
> drwxrwx---+ 5 XXX\domain admins XXX\domain admins? 4096 May 24 14:55 
> {149AD731-C29D-41E7-B1D4-1DECA7DBED58}
>
> Regards;
>
>
> Em 25/05/2021 11:40, Rowland penny via samba escreveu:
>> On 25/05/2021 15:12, Carlos via samba wrote:
>>> ldbsearch -H ldap://"$(host -t SRV
_ldap._tcp.pdc._msdcs."$(hostname
>>> -d)" | awk '{print $NF}' | awk -F '.'
'{print $1}')" -P -b
>>> "CN=Policies,CN=System,$
>>> (echo "DC=$(hostname -d)" | sed
's/\./,DC=/g')" -s sub
>>> '(objectClass=groupPolicyContainer)' cn | grep
'cn:'
>>> Failed to connect to ldap URL 'ldap://DC1
>>> DC1' - LDAP client internal error:
NT_STATUS_OBJECT_NAME_NOT_FOUND
>>> Failed to connect to 'ldap://DC0
>>> DC1' with backend 'ldap': LDAP client internal error: 
>>> NT_STATUS_OBJECT_NAME_NOT_FOUND
>>> Failed to connect to ldap://DC0
>>> DC1 - LDAP client internal error: NT_STATUS_OBJECT_NAME_NOT_FOUND
>>>
>>> But i test telnet 389 in dc0 e dc1 and connection is OK.
>>>
>>>
>>> ls /var/lib/samba/sysvol/$(hostname -d)/Policies
>>>
>>> But my samba is compilated(source).
>>>
>>> regards;
>>>
>>>
>>>
>>>
>>>
>>> Em 25/05/2021 10:54, Rowland penny via samba escreveu:
>>>> On 25/05/2021 13:55, Carlos via samba wrote:
>>>>> HI
>>>>>
>>>>> "I am unsure, have you given all the AD groups a
gidNumber ?" I
>>>>> dont understand.....
>>>>
>>>>
>>>> Can you run these commands on a DC:
>>>>
>>>> sudo ldbsearch -H ldap://"$(host -t SRV 
>>>> _ldap._tcp.pdc._msdcs."$(hostname -d)" | awk
'{print $NF}' | awk -F
>>>> '.' '{print $1}')" -P -b
"CN=Policies,CN=System,$(echo
>>>> "DC=$(hostname -d)" | sed
's/\./,DC=/g')" -s sub
>>>> '(objectClass=groupPolicyContainer)' cn | grep
'cn:'
>>>>
>>>> sudo ls /var/lib/samba/sysvol/$(hostname -d)/Policies
>>>>
>>>> Do the outputs show the same GPO's ?
>>>>
>>>> Rowland
>>>>
>>>>
>>>>
>>>
>>
>> Hmm, you do seem to have problems: $(host -t SRV 
>> _ldap._tcp.pdc._msdcs."$(hostname -d)" | awk '{print
$NF}' | awk -F
>> '.' '{print $1}') should produce the short hostname of
the DC that
>> holds the PDC_Emulator FSMO role, which it does but then seem to be 
>> able to connect (you are running this as 'root', aren't you
?). What
>> it shouldn't do is move on to the another DC, there should only be
on
>> DC with the PDC_Emulator role.
>>
>> As for the second command, just change the '/var/lib/samba'
with the
>> path to your sysvol.
>>
>> Rowland
>>
>>
>>

samba - May 2021 - NT_STATUS_OBJECT_NAME_NOT_FOUND

[Samba] NT_STATUS_OBJECT_NAME_NOT_FOUND

[Samba] NT_STATUS_OBJECT_NAME_NOT_FOUND

[Samba] NT_STATUS_OBJECT_NAME_NOT_FOUND