[Samba] Sysvol "incorrect parameter" on some new DC's
Adam Tauno Williams
awilliam at whitemice.org
Tue Aug 12 08:02:57 MDT 2014
I have a site with a working Samba4 AD domain with a single DC. It
works.
I've added three new DCs to the domain [using the SerNet packages for
4.0.21]. The intention is to then demote the old, original Samba4 DC.
But problems exist for netlogon/sysvol. One of the new DCs - the second
one added - works, clients can access netlogon & sysvol.
However the other two DCs have ACL errors on their sysvol & netlogon
volumes.
~> smbclient -U XXXXX -W XXXXXX \\\\DC4.example.com\\netlogon
Enter XXXXXX password:
Domain=[BACKBONE] OS=[Unix] Server=[Samba 4.0.21-SerNet-RedHat-7.el6]
smb: \> ls
NT_STATUS_INVALID_ACL listing \*
Windows 7 clients see a "The parameter is incorrect" message.
All three servers have sysvol contents that were rsync'd from the
original DC in the same manner.
On a DC where the sysvol does *not* work, the ntacl check seems to
complete without errors.
[root at HOST ~]# samba-tool ntacl sysvolreset
Please note that POSIX permissions have NOT been changed, only the
stored NT ACL
[root at HOST ~]# samba-tool ntacl sysvolcheck
--
Adam Tauno Williams <mailto:awilliam at whitemice.org> GPG D95ED383
Systems Administrator, Python Developer, LPI / NCLA
More information about the samba
mailing list