GPO Get Inheritance Clarification
Rowland penny
rpenny at samba.org
Sun Aug 2 10:31:07 UTC 2020
On 02/08/2020 11:07, hezekiah maina via samba-technical wrote:
> I'm working on Group Policy Object management as part of the GSoC project.
> One of the commands I have come across is the samba-tool gpo
> getinheritance <container_dn>.
>
> I have obtained the containers using:
> samba-tool gpo listcontainers {6AC1786C-016F-11D2-945F-00C04FB984F9}
> (the last part being the gpo I'm obtaining containers for)
> and the result was the following:
> Container(s) using GPO 6AC1786C-016F-11D2-945F-00C04FB984F9
> DN: OU=Domain Controllers,DC=samdom,DC=example,DC=com
>
> What should I pass in as my container in the get inheritance command?
The output of this search:
ldbsearch --cross-ncs -H ldap://dc01 -P -b "CN=Policies,CN=System,$(echo
"dc=$(hostname -d)" | sed 's/\./,dc=/g')" -s sub
'(&(objectClass=groupPolicyContainer)(name='{6AC1786C-016F-11D2-945F-00C04FB984F9}'))'
dn | grep 'dn:' | sed 's/dn: //'
Replace 'dc01' with the short hostname of your DC.
By the way, the policy GUID is for one of the default policies, you
shouldn't modify the default policies ;-)
Rowland
More information about the samba-technical
mailing list