[Samba] "Element not found" when connecting to sysvol

Wed Sep 18 15:28:54 MDT 2013

Future Googlers...

I noticed the problem was only occurring when I had both DCs turned on...so
a temporary fix is:

For your PDC (presumably with the FSMO role PDC Emulator) set to:

host msdfs = yes     # in global
msdfs root = yes  # in sysvol

For all of the other DCs:

host msdfs = no      # in global

-------------------------------------------------

It's more of a workaround than a solution, because you can only use dfs on
one DC...but at least group policy is working for me...

On Tue, Sep 17, 2013 at 1:19 PM, Alan Romans <aromans at ashlandhc.org> wrote:

> Even more info...
>
> *Broken Client,   **dfsutil /spcinfo*
> *
> *
> [*][bdc.ahc.pdc]
> [*][AHC]
> [*][ahc.pdc]
> [-][AHC]
> [-][ahc.pdc]
>
> Working Client,  *dfsutil /spcinfo*
> *
> *
> [*][bdc.ahc.pdc]
> [*][AHC]
> [*][ahc.pdc]
> [-][AHC]
> [+][ahc.pdc]
> [-RADIUS-STORAGE.ahc.pdc] AccessStatus: 0xc00000be
>  [+BDC.ahc.pdc] AccessStatus: 0
> [-PDC.ahc.pdc]
> *
> *
>
> --------------------------------------------------------------------------------------
>
>
> *
> *
>
>
>
> On Tue, Sep 17, 2013 at 12:58 PM, Alan Romans <aromans at ashlandhc.org>wrote:
>
>> I've found some more info...
>>
>> *Broken Client*
>> dfsutil /pktinfo
>>
>> 0 entries...
>>
>> *Working Client*
>> dfsutil /pktinfo
>>
>> 2 entries...
>> Entry: \ahc.pdc\netlogon
>> ShortEntry: \ahc.pdc\netlogon
>> Expires in 561 seconds
>> UseCount: 0 Type:0x1 ( DFS )
>>    0:[\RADIUS-STORAGE.ahc.pdc\netlogon] AccessStatus: 0xc00000cc (
>> TARGETSET )
>>    1:[\BDC.ahc.pdc\netlogon] AccessStatus: 0 ( ACTIVE )
>>    2:[\PDC.ahc.pdc\netlogon]
>>
>> Entry: \ahc.pdc\SysVol
>> ShortEntry: \ahc.pdc\SysVol
>> Expires in 189 seconds
>> UseCount: 14 Type:0x1 ( DFS )
>>    0:[\RADIUS-STORAGE.ahc.pdc\SysVol] AccessStatus: 0xc00000be (
>> TARGETSET )
>>    1:[\BDC.ahc.pdc\SysVol] AccessStatus: 0 ( ACTIVE )
>>    2:[\PDC.ahc.pdc\SysVol]
>>
>>
>>
>> On Tue, Sep 17, 2013 at 10:13 AM, Alan Romans <aromans at ashlandhc.org>wrote:
>>
>>> I have two samba DCs (4.0.9) and no Windows DCs, and group policy is
>>> failing.  I've narrowed it down to an error accessing the sysvol folder.
>>>
>>> Some clients (not all clients) get the error "Element not found" when
>>> connecting to our sysvol folder which is "\\ahc.pdc\sysvol\".  The problem
>>> seems to be intermittent, a client may suddenly start working again, or
>>> suddenly stop.
>>>
>>> However, when connecting to it using the domain controller name
>>> "\\BDC.ahc.pdc\sysvol\" it works 100% of the time.  Unfortunately, this
>>> isn't where clients look for group policy.
>>>
>>>  Some history with this domain that may/may not help...
>>>
>>> We had a DC die on us and we had to seize FSMO roles on BDC.ahc.pdc.  I
>>> had to manually edit some DNS entries to get this to work as well.
>>>
>>> I've also been trying to get SSO working with Openfire, so I've used
>>> setspn a number of times...
>>>
>>
>>
>