[Samba] Samba 4.2.14 GPO issue
Sébastien Le Ray
sebastien-samba at orniz.org
Sun Jul 24 07:56:45 UTC 2016
Hi,
Do you have any specific error message in Windows events log concerning GPO?
Regards
Le 24/07/2016 à 05:40, Min Wai Chan a écrit :
> Dear All,
> I've recently upgrade from samba 4.1.x to samba 4.2.14 and found that GPO
> are having issue
>
> Specifically when I'm adding new using they *never *got the gpupdate
> success fully.
>
> When I run samba-tool ntacl sysvolcheck or samba-tool ntacl sysvolreset
>
> But don't seem to got it fix..
>
> Any suggestion?
>
> Thank in advance.
>
> #samba-tool ntacl sysvolcheck
> Processing section "[netlogon]"
> Processing section "[sysvol]"
> Processing section "[dfs]"
> ERROR(<class 'samba.provision.ProvisioningError'>): uncaught exception -
> ProvisioningError: DB ACL on GPO directory /var/lib/samba/sysvol/
> kl01.amtb-m.org.my/Policies/{6AC1786C-016F-11D2-945F-00C04FB984F9}
> O:LAG:DAD:P(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED)
> does not match expected value
> O:DAG:DAD:P(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED)
> from GPO object
> File "/usr/lib64/python2.7/site-packages/samba/netcmd/__init__.py", line
> 175, in _run
> return self.run(*args, **kwargs)
> File "/usr/lib64/python2.7/site-packages/samba/netcmd/ntacl.py", line
> 249, in run
> lp)
> File "/usr/lib64/python2.7/site-packages/samba/provision/__init__.py",
> line 1730, in checksysvolacl
> direct_db_access)
> File "/usr/lib64/python2.7/site-packages/samba/provision/__init__.py",
> line 1681, in check_gpos_acl
> domainsid, direct_db_access)
> File "/usr/lib64/python2.7/site-packages/samba/provision/__init__.py",
> line 1628, in check_dir_acl
> raise ProvisioningError('%s ACL on GPO directory %s %s does not match
> expected value %s from GPO object' % (acl_type(direct_db_access), path,
> fsacl_sddl, acl))
>
> Regards,
> Min Wai
More information about the samba
mailing list