[Samba] Syncing sysvol -> samba-tool ntacl sysvolreset?

Rowland penny rpenny at samba.org
Thu Jul 18 13:26:48 UTC 2019

On 18/07/2019 14:11, Jonathan Hunter via samba wrote:
> On Wed, 17 Jul 2019 at 17:58, Rowland penny via samba
> <samba at lists.samba.org> wrote:
>> On 17/07/2019 17:43, Kris Lou via samba wrote:
>>> I had thought that the conventional wisdom was that ntacl sysvolreset
>>> should be mostly avoided once relative stability achieved and additional
>>> GPO's created.
>>> https://wiki.samba.org/index.php/Sysvolreset
>>> Has this changed recently?
>> Well, to my knowledge, the problem hasn't been fixed yet, but then
>> again, it might have been as a side affect of other fixes. There doesn't
>> seem to have been many 'sysvolreset doesn't work' reports recently,
>> whether this is because it has been fixed or because people just aren't
>> using it, I do not know ;-)
> I'm an infrequent poster to this list (mostly because I tend to dip in
> and out, I often go weeks/months without checking my gmail) but I saw
> this and it caught my eye :)
> For me, at least, "ntacl sysvolreset" is definitely broken and has
> been for the last few years. It's on my list of things I really need
> to fix as soon as possible, but I just haven't had enough tuits -
> probably because as Rowland says, there hasn't been much discussion of
> any breakage and therefore I assume it works for other people. In my
> case, it's definitely not working :)
> I'm following these bugs in bugzilla:
> https://bugzilla.samba.org/show_bug.cgi?id=12363
> https://bugzilla.samba.org/show_bug.cgi?id=12924
> and right now I just tried sysvolreset (I'm running 4.10.6) and got:
> set_nt_acl_conn: init_files_struct failed: NT_STATUS_OBJECT_NAME_NOT_FOUND
> ERROR(runtime): uncaught exception - (3221225524, 'The object name is
> not found.')
>    File "/usr/local/samba/lib/python3.4/site-packages/samba/netcmd/__init__.py",
> line 185, in _run
>      return self.run(*args, **kwargs)
>    File "/usr/local/samba/lib/python3.4/site-packages/samba/netcmd/ntacl.py",
> line 283, in run
>      lp, use_ntvfs=use_ntvfs)
>    File "/usr/local/samba/lib/python3.4/site-packages/samba/provision/__init__.py",
> line 1742, in setsysvolacl
>      set_gpos_acl(sysvol, dnsdomain, domainsid, domaindn, samdb, lp,
> use_ntvfs, passdb=s4_passdb)
>    File "/usr/local/samba/lib/python3.4/site-packages/samba/provision/__init__.py",
> line 1636, in set_gpos_acl
>      passdb=passdb)
>    File "/usr/local/samba/lib/python3.4/site-packages/samba/provision/__init__.py",
> line 1599, in set_dir_acl
>      setntacl(lp, path, acl, domsid, use_ntvfs=use_ntvfs,
> skip_invalid_chown=True, passdb=passdb, service=service)
>    File "/usr/local/samba/lib/python3.4/site-packages/samba/ntacls.py",
> line 232, in setntacl
>      service=service, session_info=session_info)
> HTH!
> J
I reported this as a bug back in 2017: 

There has been only one response to it, from someone called 'Jonathan 
Hunter' ;-)

The main problem with Sysvol on Samba is that it has NEVER used the same 
permissions that Windows does. I tried to fix this and turned up the 
problem that bug 12924 is all about. I cannot write 'C' code, so someone 
else will have to fix this.


More information about the samba mailing list