samba-tool ntacl sysvolreset error

Mark Rutherford mark at lowcountrybilling.com
Fri Aug 31 02:46:59 MDT 2012


Showing something similar but not quite the same:

set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_ACCESS_DENIED.
ERROR(runtime): uncaught exception - (-1073741790, 'Access denied')
   File 
"/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py", 
line 160, in _run
     return self.run(*args, **kwargs)
   File 
"/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/ntacl.py", 
line 180, in run
     lp, use_ntvfs=use_ntvfs)
   File 
"/usr/local/samba/lib/python2.6/site-packages/samba/provision/__init__.py", 
line 1446, in setsysvolacl
     setntacl(lp,sysvol, SYSVOL_ACL, str(domainsid), use_ntvfs=use_ntvfs)
   File "/usr/local/samba/lib/python2.6/site-packages/samba/ntacls.py", 
line 108, in setntacl
     smbd.set_nt_acl(file, security.SECINFO_OWNER | 
security.SECINFO_GROUP | security.SECINFO_DACL, sd)



On 8/31/2012 3:41 AM, steve wrote:
> Hi
>
> I tried the new sysvolreset tool but got this error:
>
> samba-tool ntacl sysvolreset
> set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_OWNER.
> ERROR(runtime): uncaught exception - (-1073741734, 
> 'NT_STATUS_INVALID_OWNER')
>   File 
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", 
> line 160, in _run
>     return self.run(*args, **kwargs)
>   File 
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/ntacl.py", 
> line 180, in run
>     lp, use_ntvfs=use_ntvfs)
>   File 
> "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py", 
> line 1458, in setsysvolacl
>     set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp, 
> use_ntvfs)
>   File 
> "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py", 
> line 1397, in set_gpos_acl
>     str(domainsid), use_ntvfs)
>   File 
> "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py", 
> line 1364, in set_dir_acl
>     setntacl(lp, path, acl, domsid, use_ntvfs=use_ntvfs)
>   File "/usr/local/samba/lib/python2.7/site-packages/samba/ntacls.py", 
> line 108, in setntacl
>     smbd.set_nt_acl(file, security.SECINFO_OWNER | 
> security.SECINFO_GROUP | security.SECINFO_DACL, sd)
>
> Here is the directory:
>
> hh1:/usr/local/samba/var/locks/sysvol # ls -l
> total 8
> drwxrwx---+ 4 2000010 wheel 4096 Aug 28 16:37 hh3.site
> hh1:/usr/local/samba/var/locks/sysvol # ls -l
> total 8
> drwxrwx---+ 4 Administrator wheel 4096 Aug 28 16:37 hh3.site
> hh1:/usr/local/samba/var/locks/sysvol # getfacl hh3.site
> # file: hh3.site
> # owner: Administrator
> # group: wheel
> user::rwx
> user:Administrator:rwx
> group::rwx
> group:wheel:rwx
> group:3000014:r-x
> group:3000018:rwx
> group:3000021:r-x
> mask::rwx
> other::---
>
> What are the groups 3000014, 3000018 and 3000021 supposed to map to? I 
> suspect 3000018 to be Domain Admins but could anyone give me definite 
> names from a working sysvol?
>
> Cheers,
> Steve



More information about the samba-technical mailing list