[Samba] Missing Policies folder after failure; how to recreate

Marc Muehlfeld mmuehlfeld at samba.org
Tue Jan 13 14:13:06 MST 2015

Am 13.01.2015 um 21:50 schrieb James:
> Have you tried to reset the permissions?
> samba-tool ntacl sysvolreset

If he lost folders, as he said, sysvolreset won't help. This command
wont recreate the sysvol content.

> On 1/13/2015 3:09 PM, "Gergely, Kaszás" wrote:
>> I need to recreate the default GPO-s (as in the
>> \SysVol\domain.of\Policies\ folder and subfolders) of my domain.
>> Trying to delete the old GPO-s I run into errors, both in the windows
>> mmc and on the dc with runing samba-tools as root.
>> ERROR(ldb): uncaught exception - LDAP error 50
>> LDAP_INSUFFICIENT_ACCESS_RIGHTS -  <dsdb_access: Access check failed
>> on
>> CN={97A64DB0-B51D-4A70-80A3-7F47483B0EB2},CN=Policies,CN=System,DC=domain,DC=of
>> > <>
>>   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
>> line 175, in _run

If you just lost your sysvol folder content, restore the files from your
backup or copy them from an additional DC in the domain + run
'samba-tool ntacl sysvolreset'.

If the security stuff inside the AD is messed up, too, I have no idea,
if you don't give more information and if we aren't allowed to ask to
find out what happened and what exactly is broken. ;-)


More information about the samba mailing list