[Samba] GPO issues - getting SYSVOL cleaned up again

L.P.H. van Belle belle at bazuin.nl
Wed Jul 31 09:45:13 UTC 2019


> Am 31.07.19 um 10:47 schrieb L.P.H. van Belle via samba:
> > I pointed to that link becuase of the last message. 
> >>> The OU the users were in required read permissions on the 
> Authenticated Users security group! 
> > Im guyessing this is what your problem is, i just dont know 
> where in your AD. 
> OK, that might be the case.
> So the step is "add/check ACLs on the SYSVOL-share for the OU of the
> users" ?
> Observation right now:
> on the W2008R2 server the GPOs apply now!
> on a w10 (per RDP) not
Im guessing your missing something like this. 

Quote from site http://www.mustbegeek.com/how-to-enable-gpo-loopback-processing/ 

GPO loopback processing is a mechanism that allows user policy to takes effect only on certain computers.

Normally, user policy is linked to the user OU and will be applied regardless of which computer the user is signed in. 
However in this case, user policy is linked to the computer OU and will not takes effect to the user when signed in to computers outside this OU

> -
> I definitely don't have the latest ADMX-files up on the DCs ...
> hesitating not to break more stuff

Just backup the complete sysvol folder, and put the latest ADMX in the sysvol. 



More information about the samba mailing list