Samba4 MMC Write Support
tridge at samba.org
tridge at samba.org
Tue Jul 3 02:21:34 GMT 2007
Andrew,
> [SYSVOL] shouldn't be our private dir, but say /usr/local/samba/sysvol.
actually, I wonder if we shouldn't make [sysvol] point by default into
one of the standard directories (like where we place our long term tdb
databases). It should remain fairly small, and is really config
information, not user data.
> Perhaps just check the silly things - do the directories exist, and do
> you have access?
Here is a (very brief) howto:
1) you need to create the right directories. Run this command:
ldbsearch -H $PREFIX/private/sam.ldb objectClass=groupPolicyContainer gPCFileSysPath
That will point you at a UNC path with a GUID in it. You can edit
that path using ldbedit, or create a share to match that path.
Within that path you need to create subdirectories called Machine
and User.
2) use gpmc.msc and edit your policies, connected as administrator
3) use chmod -R to make the files and directories in that share
accessible for read by everyone. This shouldn't be necessary, and I
have a pending patch to fix this, but for now you'll need to do it
by hand.
4) login from a client, and see that the policies are obeyed. I
sometimes find it takes 2 logins before they apply on a client. I
don't know why yet.
Cheers, Tridge
More information about the samba-technical
mailing list