[Samba] GPOs: only Default Domain Policy is being applied, ohers are ignored
Miguel Medalha
medalist at sapo.pt
Fri Jun 24 15:32:03 UTC 2016
I recently discovered that only the Default Domain Policy is being applied.
All other GPOs seem to be ignored. All Sysvol filesystem objects have the
right permissions. Both DCs are running Samba 4.4.3 over CentOS 7. There are
no related errors in logs or Windows Event Viewer. Other policies did work
before. I noticed that the corresponding filesystem objects were lastly
placed on usersÂ’ desktops four days go.
[global]
workgroup = MYDOMAIN
realm = MYREALM
netbios name = MYSERVER
server role = active directory domain controller
dns forwarder = 10.0.0.254
wins support = yes
domain master =yes
preferred master = yes
local master = yes
ntlm auth = no
client ipc signing = mandatory
server min protocol = SMB2_10
server max protocol = SMB3_11
client min protocol = SMB2_10
client max protocol = SMB3_11
client ipc min protocol = SMB2_10
client ipc max protocol = SMB3_11
strict sync = yes
store dos attributes = yes
map acl inherit = yes
admin users = @"CIMBAL\Domain Admins"
[netlogon]
path = /usr/local/samba/var/sysvol/mydomain/scripts
read only = no
browsable = no
vfs objects = acl_xattr dfs_samba4
[sysvol]
path = /usr/local/samba/var/sysvol
read only = no
browsable = no
vfs objects = acl_xattr dfs_samba4
More information about the samba
mailing list