[Samba] sysvolreset error '{Operation Failed} The requested operation was unsuccessful.'

Ing. Claudio Nicora claudio.nicora at gmail.com
Mon Jul 23 15:40:18 UTC 2018 

So there's no error on my side: I have no idmap lines in my smb.conf and 
since I can't add any I should live with the error/warning, right?

Is this error related to sysvolreset taking forever to run?
What about Louis/your script here 
https://github.com/thctlo/samba4/blob/master/samba-check-set-sysvol.sh ?
I know it's safer but... is it also faster? :)

Thanks again
Claudio

---
# cat /etc/samba/smb.conf
[global]
   bind interfaces only = Yes
   interfaces = lo eth_lan
   netbios name = SRVSAMBA2
   realm = SAMDOM.LOCAL
   server role = active directory domain controller
   server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, 
winbindd, ntp_signd, kcc, dnsupdate
   workgroup = SAMDOM
   ldap server require strong auth = no
   client ldap sasl wrapping = plain
   log level = 2 vfs:1
   log file = /var/log/samba/log.samba
   max log size = 10000

[netlogon]
   path = /var/lib/samba/sysvol/samdom.local/scripts
   read only = No

[sysvol]
   path = /var/lib/samba/sysvol
   read only = No
---

Il 23/07/2018 17:27, Rowland Penny via samba ha scritto:
> On Mon, 23 Jul 2018 17:17:07 +0200
> "Ing. Claudio Nicora" <claudio.nicora at gmail.com> wrote:
>
>> I've added a "print" in file
>> "/usr/lib/python2.7/dist-packages/samba/ntacls.py" just before the
>> line raising the error to log the (missing) file causing the error.
>> I've found I had an orphaned GPO: it was shown in RSAT but didn't
>> have any file in sysvol folder on both DCs.
>> Just removed it from AD (it was only a test GPO) and the error
>> disappeared.
>>
>> I've posted my smb.conf in a reply to Louis Van Belle, hope you can
>> see what's causing the lot of "idmap range not specified for domain
>> '*'" lines.
>>
> That's easy, it is a bug introduced at 4.6.0 (I think that was the
> version). You cannot do anything to stop them on a DC. People were
> not setting 'idmap config' correctly, so the error message was added.
> The only problem is, you cannot use the 'idmap config' lines on a DC,
> so you get the error message every time smb.conf is checked.
>
> Rowland
>   
>

More information about the samba mailing list