[Samba] Problems in applying GPO and DNS domain name resolution issues
raghav at exzatechconsulting.com
Wed May 24 03:39:26 UTC 2017
We are using Samba AD 4.6.3 and built it from source on CentOS 7. The
DNS back end is BIND 9.9.4
Initially all replications were working fine and all group policies were
All of a sudden, we are finding that GPO applying process is erratic.
Sometime it applies and sometimes not. We have edited the Default Policy
using Windows RAST tool.
Thinking that ACLs on "Sysvol" are incorrect, we reset the SYSVOL using
"samba-tool ntacl sysvolrest" command. The problems are persisting. Many
client workstations, do not get the policies.
The DNS,when queried for domain name throws up the domain controller
address randomly. That is we have 3 Domain controllers and two of them
are turned off for confirming whether there is any network issues. DNS
randomly throws up the domain controller details that are turned off and
the client workstation reports, cannot find the domain controller.
Now our questions are:
a. Why the policy deployment is erratic? and
b. Is there a manner in which we can set the Domain Controller
priorities in DNS?
Await some guidance.
Thanks & Regards,
This e-mail communication and any attachments may be privileged and
confidential to eXza Technology Consulting & Services, and are intended
only for the use of the recipients named above If you are not the
addressee you may not copy, forward, disclose or use any part of it. If
you have received this message in error, please delete it and all copies
from your system and notify the sender immediately by return e-mail.
Internet communications cannot be guaranteed to be timely, secure, error
or virus-free. The sender does not accept liability for any errors or
Do not print this e-mail unless required. Save Paper & trees.
More information about the samba