samba - Mar 2025 - Missing Policies folder in AD and /var/lib/samba/sysvol

I currently am running 3 Samba DC's.

None of them have a 'Policies' folder under /var/lib/samba/sysvol (only 
'scripts')

My Samba migration started from a Windows Server 2008 configuration 
several years ago.

I first installed Samba 4.11 (van-belle), joined it to the Windows AD and
migrated the FSMO roles there.
I then removed the Windows Servers and turned them off.

This set-up worked fine until a Windows update broke AD logins with 
Samba 4.11 from Windows 11 so...
A year or so ago, I added a Samba 4.17 server and migrated FSMO roles there.

So, I'm not sure when (or if) the Policies folder got lost along the way.

Is there a way to manually repair these Default GPO's?

On Sat, 15 Mar 2025 15:16:57 -0600
Rick Hollinbeck via samba <samba at lists.samba.org> wrote:
> I currently am running 3 Samba DC's.
> 
> None of them have a 'Policies' folder under /var/lib/samba/sysvol
> (only 'scripts')
> 
> My Samba migration started from a Windows Server 2008 configuration 
> several years ago.
> 
> I first installed Samba 4.11 (van-belle), joined it to the Windows AD
> and migrated the FSMO roles there.
> I then removed the Windows Servers and turned them off.
> 
> This set-up worked fine until a Windows update broke AD logins with 
> Samba 4.11 from Windows 11 so...
> A year or so ago, I added a Samba 4.17 server and migrated FSMO roles
> there.
> 
> So, I'm not sure when (or if) the Policies folder got lost along the
> way.
> 
> Is there a way to manually repair these Default GPO's?
> 
> 
> 
I think that the contents of Sysvol have never been there, you probably
never synced them from the Windows DCs.

It isn't a big problem though, the default GPOs are virtually empty,
you just need to know what to create. You could provision a new domain
and then copy what is created in Sysvol on that and then run
'samba-tool ntacl sysvolreset', other than that, I have script
somewhere that creates the required directories/files.

Rowland