similar to: Samba4: Unknown parameter encountered: "secrets database"

Displaying 20 results from an estimated 2000 matches similar to: "Samba4: Unknown parameter encountered: "secrets database""

2020 Oct 26
7
GPO fail and sysvol perm errors
> It's needed after every GPO addition and edit. There must be a root > cause to hunt down somewhere. Or is it a bug in 4.13.0 ? Yes, and no. Yes, its a bug. No, in my opionion its an old setting thats just needs some updating. Try this. samba-tool ntacl set "O:LAG:BAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;SO)(A;OICI;0x001f01
2020 Oct 28
1
GPO fail and sysvol perm errors
For completeness: The existing GPO: # samba-tool ntacl get --as-sddl \{07AF723D-5FFD-4807-B3C6-DFCE911B922A\}/ O:DAG:DAD:P(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED) The newly created GPO: # samba-tool ntacl get --as-sddl \{0C0B713E-EE65-4ACE-88AE-25125E2AAE00\}/
2020 Oct 25
3
GPO fail and sysvol perm errors
On 25/10/2020 20:37, Sonic wrote: > The reset allowed the current GPO to take effect, but right after > adding a new GPO (just named it, no editing, or linking) the > sysvolcheck fails: > # samba-tool ntacl sysvolcheck > ERROR(<class 'samba.provision.ProvisioningError'>): uncaught exception > - ProvisioningError: DB ACL on GPO directory >
2020 Oct 25
2
GPO fail and sysvol perm errors
On Sun, Oct 25, 2020 at 3:31 PM Rowland penny via samba <samba at lists.samba.org> wrote: > OK, if you look at the end of the permissions, there is a '+' sign, this > shows that extended acls set, to see these: > > getfacl /usr/local/samba/var/locks/sysvol The difference in acls is that the non-working domain includes: user:3000001:r-x user:3000002:rwx user:3000003:r-x
2019 Jun 21
0
GPO ACL
Hello, I've en error again in the samba AD world. I use RSAT with the DOMAIN\administrator account to make some GPOs. Sometimes it doesn't work. So I have checked GPO ACL with 'gpo aclcheck' command, and this is the return : got OID=1.2.840.48018.1.2.2 ERROR: Invalid GPO ACL
2020 Oct 25
0
GPO fail and sysvol perm errors
On 25/10/2020 19:44, Sonic wrote: > On Sun, Oct 25, 2020 at 3:31 PM Rowland penny via samba > <samba at lists.samba.org> wrote: >> OK, if you look at the end of the permissions, there is a '+' sign, this >> shows that extended acls set, to see these: >> >> getfacl /usr/local/samba/var/locks/sysvol > The difference in acls is that the non-working
2023 Apr 02
2
Inconsistent SYSVOL ACLs
First of all thank you all for the answers and for trying to help me. I agree with you michael regarding the parameters passed in the ./configure command, the location is not part of the problem. The file system used is XFS. and the strace command logs are in the attached link https://drive.google.com/file/d/1R_b6TzeJVmNIpnlkPfRk0CtkpeU4dgcg/view?usp=share_link Rowland, the result of the
2020 May 19
0
sysvolcheck and sysvolreset errors
On 19/05/2020 21:29, Roy Eastwood wrote: >> You could try using a script Louis wrote, see here: >> https://github.com/thctlo/samba4/blob/master/samba-check-set-sysvol.sh >> >> The 'idmap config' lines are nothing to worry about, you cannot set them on a DC, but, for some reason, testparm etc warns about >> them. >> >> Rowland >> > Sorry, I
2015 Jun 17
0
samba tool and sysvol/gpo checks error/bugged? ( but it all works ok)
>-----Oorspronkelijk bericht----- >Van: rowlandpenny at googlemail.com >[mailto:samba-bounces at lists.samba.org] Namens Rowland Penny >Verzonden: woensdag 17 juni 2015 10:54 >Aan: samba at lists.samba.org >Onderwerp: Re: [Samba] samba tool and sysvol/gpo checks >error/bugged? ( but it all works ok) > >On 17/06/15 08:15, L.P.H. van Belle wrote: >> Hai, >>
2020 Oct 28
0
GPO fail and sysvol perm errors
> -----Oorspronkelijk bericht----- > Van: Sonic [mailto:sonicsmith at gmail.com] > Verzonden: woensdag 28 oktober 2020 14:24 > Aan: L.P.H. van Belle > CC: samba at lists.samba.org > Onderwerp: Re: [Samba] GPO fail and sysvol perm errors > > Good day Louis, > > On Wed, Oct 28, 2020 at 3:46 AM L.P.H. van Belle > <belle at bazuin.nl> wrote: > > Ok, im
2020 May 19
2
sysvolcheck and sysvolreset errors
> You could try using a script Louis wrote, see here: > https://github.com/thctlo/samba4/blob/master/samba-check-set-sysvol.sh > > The 'idmap config' lines are nothing to worry about, you cannot set them on a DC, but, for some reason, testparm etc warns about > them. > > Rowland > Sorry, I should have said - I ran louis' script and set the acl's according
2015 Jun 17
3
samba tool and sysvol/gpo checks error/bugged? ( but it all works ok)
Hai, ? im running samba 4.2.2 sernet on debian. ? when i run : samba-tool gpo aclcheck -UAdministrator ? im getting : ERROR: Invalid GPO ACL O:DAG:DAD:PAI(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED) and it tells me it should be O:DAG:DAD:P?
2020 May 20
2
sysvolcheck and sysvolreset errors
> > > Yes, There are three places where permissions are stored on sysvol (4 if you count in AD), the standard Linux permissions 'ugo', POSIX > ACLs as shown by getfacl and an EA (this is where the ACLs are stored when set from Windows). > > Try running 'samba-tool ntacl get /var/lib/samba/sysvol --as-sddl', this should produce something similar to this: >
2020 Jul 01
0
Users, home directories and profiles
On Wed, 1 Jul 2020 10:04:07 +0100 Rowland penny via samba <samba at lists.samba.org> wrote: > On 01/07/2020 09:03, Enrico Morelli wrote: > > On Wed, 1 Jul 2020 08:43:37 +0100 > > Rowland penny via samba <samba at lists.samba.org> wrote: > > > >> On 01/07/2020 08:36, Enrico Morelli via samba wrote: > >>> On Tue, 30 Jun 2020 10:28:41 -0700
2017 Mar 21
3
Problem sysvolreset
Hai,   Here you go my output of the R2008R2. (64bit)   1) original GPO from the install ( the domain controller policy ) Path   : Microsoft.PowerShell.Core\FileSystem::C:\Windows\SYSVOL\domain\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9} Owner  : BUILTIN\Administrators Group  : NT AUTHORITY\SYSTEM Access : CREATOR OWNER Allow  268435456          NT AUTHORITY\Authenticated Users
2019 Jun 11
0
Problems with inconsistent ACL inheritance and permissions after Samba upgrade
On 11/06/2019 13:13, Sebastian Arcus via samba wrote: > > On 11/06/19 11:49, Rowland penny via samba wrote: >> On 11/06/2019 11:38, Sebastian Arcus via samba wrote: >>> >>> On 11/06/19 11:07, Rowland penny via samba wrote: >>>> On 11/06/2019 10:34, Sebastian Arcus via samba wrote: >>>>> I've just upgraded a Samba AD server to 4.10.2 a
2016 Jul 24
3
Samba 4.2.14 GPO issue
Dear All, I've recently upgrade from samba 4.1.x to samba 4.2.14 and found that GPO are having issue Specifically when I'm adding new using they *never *got the gpupdate success fully. When I run samba-tool ntacl sysvolcheck or samba-tool ntacl sysvolreset But don't seem to got it fix.. Any suggestion? Thank in advance. #samba-tool ntacl sysvolcheck Processing section
2020 Jul 01
3
Users, home directories and profiles
On 01/07/2020 09:03, Enrico Morelli wrote: > On Wed, 1 Jul 2020 08:43:37 +0100 > Rowland penny via samba <samba at lists.samba.org> wrote: > >> On 01/07/2020 08:36, Enrico Morelli via samba wrote: >>> On Tue, 30 Jun 2020 10:28:41 -0700 >>> Jeremy Allison via samba <samba at lists.samba.org> wrote: >>> >>>> On Tue, Jun 30, 2020 at
2020 May 08
1
Only domain admins can access shares
I've set up a single server with a DC and fileserver. I've read through all docs and the warnings on the wiki (VERY well done, many thanks to all the contributors) more than once so I hope I haven't missed anything. smb.conf: # Global parameters [global] netbios name = FILESERVER realm = WDC.DOMAIN.IT server role = active directory domain controller
2017 Sep 05
1
BUILTIN\Administrators - failed to call wbcSidToUid: WBC_ERR_DOMAIN_NOT_FOUND
Well, we are getting somewere...;) >It is probably 'greyed' out because no Windows tools use it or will add it. You will probably need to use Unix tools (ldb or ldap) to remove>them, but you can if you so wish ignore them. What you should never do is to rely on them being there, because they may or may not be there.Ok, I'll let it be there> You need to remove the gidNumber