[Samba] sysvol permissions

L.P.H. van Belle belle at bazuin.nl
Thu Sep 17 11:09:12 UTC 2015 

And rowland, 

Am "maybe" good addition to your modified backup script. 

Adding something like : 
getfacl -R /path2/sysvol > sysvol.permissions.acl

(and a restore option) 
setfacl --restore=sysvol.permissions.acl

Greetz, 

Louis


> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens L.P.H. van Belle
> Verzonden: donderdag 17 september 2015 13:00
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] sysvol permissions
> 
> You have 2 DC's i see.
> 
> You do you sync your sysvol?
> 
> 
> 
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens mourik jan
> > heupink
> > Verzonden: donderdag 17 september 2015 12:54
> > Aan: samba at lists.samba.org
> > Onderwerp: Re: [Samba] sysvol permissions
> >
> > Hi Rowland and Louis, list,
> >
> > I now (after deleting en restoring the problem-gpo directory) seem to
> > have a more serious error on that dc:
> >
> > > root at DC2:~# samba-tool ntacl sysvolcheck
> > > ERROR(<type 'exceptions.TypeError'>): uncaught exception - (61, 'No
> data
> > available')
> > >   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py",
> line
> > 175, in _run
> > >     return self.run(*args, **kwargs)
> > >   File "/usr/lib/python2.7/dist-packages/samba/netcmd/ntacl.py", line
> > 249, in run
> > >     lp)
> > >   File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py",
> > line 1726, in checksysvolacl
> > >     direct_db_access)
> > >   File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py",
> > line 1677, in check_gpos_acl
> > >     domainsid, direct_db_access)
> > >   File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py",
> > line 1621, in check_dir_acl
> > >     fsacl = getntacl(lp, path, direct_db_access=direct_db_access,
> > service=SYSVOL_SERVICE)
> > >   File "/usr/lib/python2.7/dist-packages/samba/ntacls.py", line 73, in
> > getntacl
> > >     xattr.XATTR_NTACL_NAME)
> > > root at DC2:~#
> >
> > Has anyone seen this?
> >
> > It seems most (or perhaps all) of my GPO's are still working. (one is
> > not working, and that is why I started looking at this in the first
> place)
> >
> > MJ
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> 
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list