[Samba] GPO Create error

Ryan Bair ryandbair at gmail.com
Mon Apr 21 15:30:13 MDT 2014


I have a domain that I upgraded from a Samba 3/LDAP set up about a year
ago. I haven't done anything too interesting with it and it's generally
been working OK.

I attempted to create a new GPO for my domain. From a Win 7 client I get an
error "This security ID may not be assigned as the owner of this object".

Thinking this was an issue with sysvol acls, I ran "samba-tool ntacl
sysvolcheck" which exploded with:
ERROR(<type 'exceptions.TypeError'>): uncaught exception - (61, 'No data
available')
  File "/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line
175, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/python2.6/site-packages/samba/netcmd/ntacl.py", line
249, in run
    lp)
  File "/usr/lib64/python2.6/site-packages/samba/provision/__init__.py",
line 1686, in checksysvolacl
    fsacl = getntacl(lp, dir_path, direct_db_access=direct_db_access,
service=SYSVOL_SERVICE)
  File "/usr/lib64/python2.6/site-packages/samba/ntacls.py", line 73, in
getntacl
    xattr.XATTR_NTACL_NAME)

After reading some other peoples experiences I tried doing a sysvolrepair
which completed, but did not fix either of the issues.

I also tried creating the GPO with "samba-tool gpo create 'New GPO'" which
gave an error that smells similar to the error Win 7 GPO Management
reported:
ERROR(runtime): uncaught exception - (-1073741734,
'NT_STATUS_INVALID_OWNER')
  File "/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line
175, in _run
    return self.run(*args, **kwargs)
  File "/usr/lib64/python2.6/site-packages/samba/netcmd/gpo.py", line 1000,
in run
    conn.set_acl(sharepath, fs_sd, sio)

I'm running 4.1.6-SerNet-RedHat-7.el6 on Centos 6.5.

Any ideas where to look next?


More information about the samba mailing list