Displaying 20 results from an estimated 30000 matches similar to: "Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies"
2017 Jan 12
3
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
cool!
root at dc1:~ # wbinfo -r richard.h
10001
3000008
10000
10014
10004
10005
3000005
3000009
3000000
-----Original Message-----
From: samba [mailto:samba-bounces at lists.samba.org] On Behalf Of lingpanda101 via samba
Sent: 12 January 2017 22:57
To: samba at lists.samba.org
Subject: Re: [Samba] Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
On 1/12/2017 3:47 PM,
2017 Jan 15
0
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
I remain baffled as to why richard.h cannot access the sysvol share.
Permissions all seem ok from what I can see and I'm not sure why this should be any different from normal AD share behaviour (our other shares are working fine for domain users)
I would really appreciate it if someone could let me know whether the sysvol has become corrupt in some way and I am wasting my time even trying
2017 Jan 14
0
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
Hi All,
Trying to avoid making this into a "Me too" response :) but this is
the single largest issue I have with Samba at the moment, I've
struggled with this for literally years, both before I switched to
rfc2307 (which did help in many areas) and since switching. I am
following this thread with great interest, in the hope that I can get
my GPOs working, too.
Currently I've
2017 Jan 12
2
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
Hi
root at dc1:~ # samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix --yes
...some error information...
Checked 3647 objects (2 errors)
root at dc1:~ # samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix
Checking 3647 objects
Checked 3647 objects (0 errors)
root at dc1:~ # getfacl /usr/local/samba/var/locks/sysvol/
getfacl: Removing leading '/' from absolute path
2017 Jan 12
2
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
Hi
here are the commands in the order I ran them:
root at dc1:~ # systemctl stop samba
root at dc1:~ # net cache flush
root at dc1:~ # samba-tool ntacl sysvolreset
root at dc1:~ # net cache flush
root at dc1:~ # samba-tool ntacl sysvolcheck
root at dc1:~ # systemctl start samba
root at dc1:~ # smbclient //localhost/sysvol -UAdministrator -c 'ls'
Enter Administrator's password:
2017 Jan 12
3
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
Hi Rowland,
I've done the below and retried to log on as a normal user, but sadly:
C:\> gpupdate /force still returns
The processing of Group Policy failed. Windows attempted to read the file \\ct.mydomain.com\sysvol\ct.mydomain.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until
2017 Jan 12
4
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
Hi James
The output is as follows...
wbinfo --gid-info=10013 => CT\domain admins:x:10013:
wbinfo --gid-info=10014 => CT\domain users:x:10014:
wbinfo --uid-info=3000000 => BUILTIN\administrators:*:3000000:3000000::/home/BUILTIN/administrators:/bin/false
wbinfo --uid-info=3000008 => CT\domain admins:*:3000008:3000008::/home/CT/domain admins:/bin/false
Yes I have set
2017 Jan 12
2
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
Hi Andrew,
thanks so much for the feedback.
Yes, you're 100% right. I'm new at this and originally changed the default GPO, however subsequently reset the default and created a new GPO. (so this getfacl output is post creation of a new GPO)
The getfacl output is shown here:
# getfacl /usr/local/samba/var/locks/sysvol/mydomain.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}
2017 Jan 12
1
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
On 1/12/2017 2:09 PM, Rowland Penny via samba wrote:
> On Thu, 12 Jan 2017 20:46:15 +0200
> Richard via samba <samba at lists.samba.org> wrote:
>
>> Hi James
>>
>> The output is as follows...
>>
>> wbinfo --gid-info=10013 => CT\domain admins:x:10013:
>>
>> wbinfo --uid-info=3000008 => CT\domain
>>
2017 Jan 12
0
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
On 1/12/2017 3:47 PM, Richard via samba wrote:
> Hi
>
> root at dc1:~ # samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix --yes
> ...some error information...
> Checked 3647 objects (2 errors)
> root at dc1:~ # samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix
> Checking 3647 objects
> Checked 3647 objects (0 errors)
>
> root at dc1:~ # getfacl
2017 Jan 12
3
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
I have Samba 4.5.3 working fine as an AD DC and DNS provider.
I now need to set up a group policy on the DC but I am having problems with
the internal sysvol and netlogon shares.
Via the Windows Group Policy Manager snap-in I successfully created a GPO
specifying the DC as the primary time source for all clients, using the
Administrator user
...but my windows domain test client
2017 Jan 12
0
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
On 1/12/2017 3:25 PM, Richard via samba wrote:
> Hi
>
> here are the commands in the order I ran them:
>
> root at dc1:~ # systemctl stop samba
> root at dc1:~ # net cache flush
> root at dc1:~ # samba-tool ntacl sysvolreset
> root at dc1:~ # net cache flush
> root at dc1:~ # samba-tool ntacl sysvolcheck
> root at dc1:~ # systemctl start samba
> root at dc1:~ #
2017 Jan 12
0
Samba 4.5.3 AD DC - issues with sysvol when setting up Group Policies
On 1/12/2017 2:47 PM, Richard via samba wrote:
> Hi Rowland,
>
> I've done the below and retried to log on as a normal user, but sadly:
>
> C:\> gpupdate /force still returns
>
> The processing of Group Policy failed. Windows attempted to read the file \\ct.mydomain.com\sysvol\ct.mydomain.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain
2018 Nov 06
3
classicupgrade
Hai,
Ok, i expected a bit different outputs.
On my DC, i use /home/samba/sysvol and /home/samba/netlogon.
This is what i expected.
getfacl /home/samba/
getfacl: Removing leading '/' from absolute path names
# file: home/samba/
# owner: root
# group: BUILTIN\134administrators
user::rwx
user:root:rwx
group::rwx
group:BUILTIN\134administrators:rwx
2018 Nov 06
3
classicupgrade
Hello Luis
tomorrow i'm not in office, reply to you thursday
One question : who is owner and whats rights for dir
/home
/home/samba
/home/samba/sysvol
because, from windows client, user into domain admins, when i change in
security tab, explorer always crash
bye
Il 06/11/2018 17:16, L.P.H. van Belle via samba ha scritto:
> Ok, next,
>
> From a windows pc connect to
2015 Apr 30
10
FW: [Bug 11241] different ids even when idmap.ldb copied. not abug..
Please read the reported bug and bjorn answer.. which does not help any to a solution of fix, or explenation.
But the big question now is, does someone somewhere know what bjorn is talking about.
i did search for "gencache" but no go here..
just from old documentation.
https://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/tdb.html
gencache.tdb Generic caching database.
2017 Sep 29
3
user cannot access shares on new ad-dc
> On 29.09.2017 11:44 Rowland Penny wrote:
> Have you set up the libnss_winbind links, PAM and /etc/nsswitch.conf ?
Yes, I had modified two lines in /etc/nsswitch.conf:
passwd: files winbind
group: files winbind
No, I had not seen a pointer to libnss, but now did
ln -s /usr/local/samba/lib/libnss_winbind.so.2 /lib/i386-linux-gnu/
ln -s
2015 May 26
2
Problems with joining a second DC to AD
> Gesendet: Dienstag, 26. Mai 2015 um 13:31 Uhr
> Von: "Rowland Penny" <rowlandpenny at googlemail.com>
> An: "Stephan Mattecka" <ste-fun_s at gmx.de>
> Cc: samba at lists.samba.org
> Betreff: Re: Aw: Re: [Samba] [SAMBA] Problems with joining a second DC to AD
>
> On 26/05/15 10:42, Stephan Mattecka wrote:
> > Gesendet: Donnerstag, 21. Mai
2015 Apr 30
1
FW: [Bug 11241] different ids even when idmap.ldb copied. not abug..
On 30/04/15 09:09, L.P.H. van Belle wrote:
> ( sorry for mailing directly bjorn, but please have a look )
>
> I still think this is a bug..
>
> why not a bug:
> If i do assign a UID/GID to a user, then yes, this wil work fine.
> new users and groups sure.. but now im talking about the default domain groups..
>
> why a bug:
> User administrator and the domain groups
2014 Nov 01
3
DC2 denies access when saving through the Group Policy Management Console
Hello list,
I am not sure if this is a bug or known already but I will describe it. I have two domain controllers running on 4.1.12/sernet which are linked together. I am using unison for bidirectional sync for the sysvol directory as described on samba's wiki, although in my opinion the problem I will describe in the following has nothing to do with the sync process. The sync occurs every