[Samba] Samba-tool gpo manage - The authenticated user does not have sufficient privileges
David Mulder
dmulder at samba.org
Thu Apr 18 16:05:39 UTC 2024
On 4/18/24 8:07 AM, Rowland Penny via samba wrote:
> OK, After reading the commands help, I created a simple script and ran
> the command like this:
>
> adminuser at tmpdc1:~ $ sudo samba-tool gpo manage scripts startup add {31B2F340-016D-11D2-945F-00C04FB984F9} test_script.sh -Uadministrator
There is no reason to run this command as root. It operates via SMB, not
on local files.
> After being prompted for the Administrator password, the command
> appeared to complete without error.
>
> However, I couldn't find the script in sysvol on the DC I ran the
> command on, but after checking the other two DCs, I found this:
>
> adminuser at rpidc2:~ $ sudo cat /var/lib/samba/sysvol/samdom.example.com/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE/VGP/VTLA/Unix/Scripts/Startup/test_script.sh
> #!/bin/bash
>
> echo "Hello World"
>
> exit 0
>
> I have no idea why the script was created on another DC instead of the
> DC the command was run on, the DC uses itself for its nameserver.
We've had this discussion before. This command does not run on the
current host, it contacts *one of the DCs* and sets it there. It should
then be replicated to the others.
--
David Mulder
Labs Software Engineer, Samba
SUSE
1221 S Valley Grove Way, Suite 500
Pleasant Grove, UT 84062
(P)+1 385.208.2989
dmulder at suse.com
http://www.suse.com
More information about the samba
mailing list