[Samba] Problems with samba-tool ntacl sysvol reset

Dirk Laurenz samba at laurenz.ws
Tue May 16 05:44:46 UTC 2017


Good moring,

i investigated last night in this issue and was able to solve it.

Short: Reason was a missing GPO file

======================

Long Version (how i think the failure occours)

I have 3 samba ad services (all raspberry pi's)

Because one pi crashed months ago (unreadable sd card) i move all roles from samba01 to samba02, demoted samba02 as bad dc and rejoined it as fresh install.

I have sysvol replication from samba01 to ..02 and 03 (one way via rsync - as described in your wiki)

So sysvol replication from 01 to 02 / 03 but pdc role on 02

Then i added a new GPO (with windows tool - which chooses the pdc...) and creates a gpo which is deleted via rsync

Samba-tool ntacl sysvolcheck then fails (a reference for a gpo in ldap, but none in filesystem)

========================

What did i do to fix it?

Move pdc role back to samba01 (and all other roles - via samba-tool fsmo)

Deleted the gpo - i added and recreated it - now it works

What would a suggest?

Samba-tool should be more specific - if this failure occurs, as it is user risen and not a samba bug - somehting like gpo file is missing or so...

In the long term - multi-master sysvol replication....

To answer your questions...

My build optiosn are:

./configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc --enable-fhs --with-systemd
Make
checkinstall make install


-----Ursprüngliche Nachricht-----
Von: samba [mailto:samba-bounces at lists.samba.org] Im Auftrag von Rowland Penny via samba
Gesendet: Montag, 15. Mai 2017 22:36
An: samba at lists.samba.org
Betreff: Re: [Samba] Problems with samba-tool ntacl sysvol reset

On Mon, 15 May 2017 22:02:30 +0200
"Dirk Laurenz" <samba at laurenz.ws> wrote:

> Any idea?
> 
> 
> 
> root at samba01:~# uname -a
> Linux samba01 4.9.14-v7+ #977 SMP Mon Mar 13 18:25:19 GMT 2017 armv7l 
> GNU/Linux
> 
> root at samba01:~# cat /etc/debian_version
> 8.7
> 
> root at samba01:~# samba -V
> Version 4.6.3

I take that you have built Samba yourself and you are using Bind9.
How did you build Samba, did you follow the Samba wiki or follow another webpage, if the later which one ?
What was your configure line ?
What filesystem are you using ?

Please post /etc/hosts, /etc/resolv.conf, /etc/hostname, /etc/krb5.conf and all your named.conf files.

Rowland

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba




More information about the samba mailing list