samba-tool ntacl sysvolreset error
Mark Rutherford
mark at lowcountrybilling.com
Fri Aug 31 02:46:59 MDT 2012
Showing something similar but not quite the same:
set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_ACCESS_DENIED.
ERROR(runtime): uncaught exception - (-1073741790, 'Access denied')
File
"/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py",
line 160, in _run
return self.run(*args, **kwargs)
File
"/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/ntacl.py",
line 180, in run
lp, use_ntvfs=use_ntvfs)
File
"/usr/local/samba/lib/python2.6/site-packages/samba/provision/__init__.py",
line 1446, in setsysvolacl
setntacl(lp,sysvol, SYSVOL_ACL, str(domainsid), use_ntvfs=use_ntvfs)
File "/usr/local/samba/lib/python2.6/site-packages/samba/ntacls.py",
line 108, in setntacl
smbd.set_nt_acl(file, security.SECINFO_OWNER |
security.SECINFO_GROUP | security.SECINFO_DACL, sd)
On 8/31/2012 3:41 AM, steve wrote:
> Hi
>
> I tried the new sysvolreset tool but got this error:
>
> samba-tool ntacl sysvolreset
> set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_OWNER.
> ERROR(runtime): uncaught exception - (-1073741734,
> 'NT_STATUS_INVALID_OWNER')
> File
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
> line 160, in _run
> return self.run(*args, **kwargs)
> File
> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/ntacl.py",
> line 180, in run
> lp, use_ntvfs=use_ntvfs)
> File
> "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py",
> line 1458, in setsysvolacl
> set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp,
> use_ntvfs)
> File
> "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py",
> line 1397, in set_gpos_acl
> str(domainsid), use_ntvfs)
> File
> "/usr/local/samba/lib/python2.7/site-packages/samba/provision/__init__.py",
> line 1364, in set_dir_acl
> setntacl(lp, path, acl, domsid, use_ntvfs=use_ntvfs)
> File "/usr/local/samba/lib/python2.7/site-packages/samba/ntacls.py",
> line 108, in setntacl
> smbd.set_nt_acl(file, security.SECINFO_OWNER |
> security.SECINFO_GROUP | security.SECINFO_DACL, sd)
>
> Here is the directory:
>
> hh1:/usr/local/samba/var/locks/sysvol # ls -l
> total 8
> drwxrwx---+ 4 2000010 wheel 4096 Aug 28 16:37 hh3.site
> hh1:/usr/local/samba/var/locks/sysvol # ls -l
> total 8
> drwxrwx---+ 4 Administrator wheel 4096 Aug 28 16:37 hh3.site
> hh1:/usr/local/samba/var/locks/sysvol # getfacl hh3.site
> # file: hh3.site
> # owner: Administrator
> # group: wheel
> user::rwx
> user:Administrator:rwx
> group::rwx
> group:wheel:rwx
> group:3000014:r-x
> group:3000018:rwx
> group:3000021:r-x
> mask::rwx
> other::---
>
> What are the groups 3000014, 3000018 and 3000021 supposed to map to? I
> suspect 3000018 to be Domain Admins but could anyone give me definite
> names from a working sysvol?
>
> Cheers,
> Steve
More information about the samba-technical
mailing list