Samba-4.0-rc2 samba-tool ntacl sysvolreset

Gémes Géza geza at
Mon Oct 8 13:05:59 MDT 2012

2012-10-08 03:09 keltezéssel, Andrew Bartlett írta:
> On Sun, 2012-10-07 at 17:17 +0200, Gémes Géza wrote:
>> 2012-10-07 06:57 keltezéssel, Andrew Bartlett írta:
>>> On Sun, 2012-10-07 at 06:40 +0200, Gémes Géza wrote:
>>>> 2012-10-07 02:12 keltezéssel, Andrew Bartlett írta:
>>>>> On Sat, 2012-10-06 at 17:51 +0200, Gémes Géza wrote:
>>>>>> Hi,
>>>>>> My saga with RC2 continues :-)
>>>>>> I have successfully joined a new RC2 install to my old beta6-GIT-4631723
>>>>>> domain (from classicupgrade)
>>>>>> The rc2 works fine this time. Except one minor (or not so) problem:
>>>>>> I've copied (the tar-ed version) of the sysvol folder from the old
>>>>>> install (deliberately chose to drop acls at the origin)
>>>>>> then I ran samba-tool ntacl sysvolreset on the RC2 install, which gave:
>>>>>> set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_OWNER.
>>>>>> ERROR(runtime): uncaught exception - (-1073741734,
>>>>> Can you please try this patch?
>>>>> This is my current proposal to work around this situation - we just
>>>>> don't change the posix owner of the file in this case.
>>>>> (I might evolve this patch to have it manually chown the files to root,
>>>>> but it won't go via this failing codepath)
>>>>> Andrew Bartlett
>>>> Hi,
>>>> Unfortunately the (from master, the patch doesn't apply to RC2)
>>>> with the patch applied fails on RC2 with:
>>>> samba-tool ntacl sysvolreset yields:
>>>> ERROR(<type 'exceptions.AttributeError'>): uncaught exception -
>>>> 'NoneType' object has no attribute 'sid_to_id'
>>>>      File
>>>> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/",
>>>> line 168, in _run
>>>>        return*args, **kwargs)
>>>>      File
>>>> "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/",
>>>> line 214, in run
>>>>        lp, use_ntvfs=use_ntvfs)
>>>>      File
>>>> "/usr/local/samba/lib/python2.7/site-packages/samba/provision/",
>>>> line 1450, in setsysvolacl
>>>>        setntacl(lp,sysvol, SYSVOL_ACL, str(domainsid), use_ntvfs=use_ntvfs)
>>>>      File "/usr/local/samba/lib/python2.7/site-packages/samba/",
>>>> line 90, in setntacl
>>>>        (owner_id, owner_type) = passdb.sid_to_id(sd.owner_sid)
>>> As far as I can tell, you don't have my patch correctly applied, as
>>> those line numbers don't line up with current master+my patch.
>>> Andrew Bartlett
>> Hi,
>> With your patch applied to master I was able to successfully reset the
>> sysvol acls (I've backed up (with samba_backup) the RC2 production
>> server and copied the resulting archives to a recently (today) built
>> testdomain).
> A modified version of that patch is in autobuild.  It seems the smallest
> change that will allow us to get past this issue for now.
> Can you confirm that GPOs behave as expected with this change, including
> editing etc?
> Thanks,
> Andrew Bartlett

Unfortunately I couldn't test the GPO behavior yet, because I wasn't 
able to join any Windows (virtual) machine to my (master based) 
testdomain. I'm going to investigate the causes (I have a plenty of 
failed to bind to uuid .... NT_STATUS_UNSUCCESFULL messages in the logs).


Geza Gemes

More information about the samba-technical mailing list