[Samba] Problems with sysvolcheck

L.P.H. van Belle belle at bazuin.nl
Mon May 22 06:39:32 UTC 2017 

Yes, 

This is a bug in samba-tools.
Just ignore it, dont use reset if you have made changes. 
Just set the needed rights and edit your GPO's.  

It wil work fine. 

Greetz, 

Louis

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Santiago Londoño Mejía via samba
> Verzonden: vrijdag 19 mei 2017 19:14
> Aan: Rowland Penny
> CC: samba at lists.samba.org
> Onderwerp: Re: [Samba] Problems with sysvolcheck
> 
> Hello,
> ¿Any idea about this?
> 
> Best regards,
> 
> Santiago.
> 
> 
> 
> 2017-05-17 10:18 GMT-05:00, Santiago Londoño Mejía
> <santiago.londono at pragma.com.co>:
> > Hello,
> > After creating some GPOs Sysvolreset also fails
> >
> > ./samba-tool ntacl sysvolreset
> > open: error=2 (No such file or directory)
> > ERROR(runtime): uncaught exception - (-1073741823, 'Undetermined
> > error')  File
> > 
> "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/_
> _init__.py",
> > line 175, in _run    return self.run(*args, **kwargs)  File
> > 
> "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/ntacl.py"
> > ,
> > line 239, in run
> >     lp, use_ntvfs=use_ntvfs)  File
> > 
> "/usr/local/samba/lib64/python2.7/site-packages/samba/provisio
> n/__init__.py",
> > line 1618, in setsysvolacl    set_gpos_acl(sysvol, dnsdomain,
> > domainsid, domaindn, samdb, lp, use_ntvfs, p
> > assdb=s4_passdb)
> >   File
> > 
> "/usr/local/samba/lib64/python2.7/site-packages/samba/provision/__init
> > __.py",
> > line 1523, in set_gpos_acl
> >     passdb=passdb)  File
> > 
> "/usr/local/samba/lib64/python2.7/site-packages/samba/provisio
> n/__init__.
> > py", line 1486, in set_dir_acl    setntacl(lp, path, acl, domsid,
> > use_ntvfs=use_ntvfs, skip_invalid_chown=True , passdb=passdb, 
> > service=service)  File 
> > 
> "/usr/local/samba/lib64/python2.7/site-packages/samba/ntacls.py", line
> > 16
> > 2, in setntacl    smbd.set_nt_acl(file, security.SECINFO_OWNER |
> > security.SECINFO_GROUP | security.SECINFO_DACL | 
> > security.SECINFO_SACL, sd, service=service) ¿any ideas?
> >
> > Best regards,
> >
> > Santiago.
> >
> >
> >
> >
> >
> > 2017-05-16 16:51 GMT-05:00, Santiago Londoño Mejía
> > <santiago.londono at pragma.com.co>:
> >> Hello,
> >> no, is principal dc.
> >> I have tried to create a policy but this does not apply and 
> >> sysvolcheck gives the same result.
> >>
> >> Best regards,
> >>
> >> Santiago.
> >>
> >>
> >>
> >> 2017-05-16 16:45 GMT-05:00, Rowland Penny via samba
> >> <samba at lists.samba.org>:
> >>> On Tue, 16 May 2017 16:31:37 -0500
> >>> Santiago Londoño Mejía <santiago.londono at pragma.com.co> wrote:
> >>>
> >>>> Hello,
> >>>> Thanks for your answer
> >>>> I have tried to alter the default policies but the error 
> persists 
> >>>> ./samba-tool ntacl sysvolreset
> >>>> open: error=2 (No such file or directory)
> >>>> ERROR(runtime): uncaught exception - (-1073741823, 'Undetermined
> >>>> error')  File
> >>>> 
> "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/__init
> >>>> __.py", line 175, in _run return self.run(*args, **kwargs)  File 
> >>>> 
> "/usr/local/samba/lib64/python2.7/site-packages/samba/netcmd/ntacl.
> >>>> py",
> >>>> l
> >>>> ine 239, in run    lp, use_ntvfs=use_ntvfs)  File
> >>>> 
> "/usr/local/samba/lib64/python2.7/site-packages/samba/provisio
> n/__init__.py",
> >>>> line 1618, in setsysvolacl    set_gpos_acl(sysvol, dnsdomain,
> >>>> domainsid, domaindn, samdb, lp, use_ntvfs, 
> passdb=s4_passdb)  File 
> >>>> 
> "/usr/local/samba/lib64/python2.7/site-packages/samba/provision/__i
> >>>> nit__.py",
> >>>> line 1523, in set_gpos_acl
> >>>>     passdb=passdb)  File
> >>>> 
> "/usr/local/samba/lib64/python2.7/site-packages/samba/provisio
> n/__init__.
> >>>> py", line 1486, in set_dir_acl
> >>>>     setntacl(lp, path, acl, domsid, use_ntvfs=use_ntvfs, 
> >>>> skip_invalid_chown=True, passdb=passdb, service=service)
> >>>>   File
> >>>> "/usr/local/samba/lib64/python2.7/site-packages/samba/ntacls.py",
> >>>> line 162, in setntacl smbd.set_nt_acl(file, 
> security.SECINFO_OWNER 
> >>>> | security.SECINFO_GROUP | security.SECINFO_DACL | 
> >>>> security.SECINFO_SACL, sd, service=service)
> >>>>
> >>>
> >>> Is this a second DC ?
> >>> If so then sysvol isn't fully created during the join, 
> you will need 
> >>> to copy the missing directories from the first DC, you will also 
> >>> need to sync idmap.ldb between the DCS.
> >>>
> >>> You do not add to the default policies, you must create new GPOs
> >>>
> >>> Rowland
> >>>
> >>>
> >>> --
> >>> To unsubscribe from this list go to the following URL and read the
> >>> instructions:  https://lists.samba.org/mailman/options/samba
> >>>
> >>
> >>
> >> --
> >> Santiago Londoño Mejía
> >> Analista de Infraestructura
> >> t. (574) 605 25 23 ext. 1232
> >> m. (57) 3148332567
> >> Medellín | Carrera 50  C #10 Sur  80
> >> Bogotá | Medellín | Cali
> >> www.pragma.com.co
> >>
> >
> >
> > --
> > Santiago Londoño Mejía
> > Analista de Infraestructura
> > t. (574) 605 25 23 ext. 1232
> > m. (57) 3148332567
> > Medellín | Carrera 50  C #10 Sur  80
> > Bogotá | Medellín | Cali
> > www.pragma.com.co
> >
> 
> 
> --
> Santiago Londoño Mejía
> Analista de Infraestructura
> t. (574) 605 25 23 ext. 1232
> m. (57) 3148332567
> Medellín | Carrera 50  C #10 Sur  80
> Bogotá | Medellín | Cali
> www.pragma.com.co
> 
> -- 
> 
> 
> Este mensaje es confidencial. Puede contener información 
> privilegiada que pertenece a PRAGMA S.A. y/o a sus clientes, 
> contratistas, directores, empleados y asesores, por tanto no 
> debe ser usado ni divulgado por personas distintas a su 
> destinatario. Si obtiene este mensaje por error, equivocación 
> u omisión, por favor bórrelo y avise al remitente.
> 
> Está prohibida su retención, grabación, utilización o 
> divulgación con cualquier propósito.
> 
> Este mensaje ha sido sometido a programas antivirus. No 
> obstante, PRAGMA S.A. no asume ninguna responsabilidad por 
> eventuales daños generados por el recibo y uso de este 
> material, siendo responsabilidad del destinatario verificar 
> con sus propios medios la existencia de virus u otros defectos.
> 
> Las opiniones, conclusiones y otra información contenida en 
> este correo no relacionadas con el negocio oficial de PRAGMA 
> S.A., deben entenderse como personales y de ninguna manera 
> son avaladas por la Compañía.
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
>

More information about the samba mailing list