[Samba] samba-tool gpo aclcheck error
Marc Muehlfeld
samba at marc-muehlfeld.de
Wed Dec 11 00:01:12 MST 2013
Hello David,
Am 11.12.2013 02:15, schrieb David Minard:
> samba-tool gpo aclcheck
>
> ERROR(<type 'exceptions.KeyError'>): uncaught exception - 'No such element'
> File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line 175, in _run
> return self.run(*args, **kwargs)
> File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/gpo.py", line 1150, in run
> ds_sd_ndr = m['nTSecurityDescriptor'][0]
https://bugzilla.samba.org/show_bug.cgi?id=9922
Do your GPOs work correct and you simply want to check the ACLs? Or are
there any problems?
I tried the command in my 4.1.0 test environment and 4.1.2 production.
There the command works (at least I don't get this error, but see an
invalid ACL, but it is the same on production and test environment):
# samba-tool gpo aclcheck
ERROR: Invalid GPO ACL
O:DAG:DAD:(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001200a9;;;ED)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001f01ff;;;SY)(A;OICI;;;;WD)(A;;0x001f01ff;;;DA)(A;OICIIO;0x001f01ff;;;CO)(A;OICIIO;;;;CG)
on path
(samdom.example.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}),
should be
O:DAG:DAD:P(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED)
Can you switch to 4.1?
Regards,
Marc
More information about the samba
mailing list