[Samba] GPO apply fails after rsync of SysVol.
andrew.barlow at gmail.com
Thu Sep 5 10:44:25 UTC 2019
I've got an interesting problem; I have a multi AD-DC setup using Samba 4.
They're using the rsync method to replicate SysVol as per the docs here:
If I create a new GPO on the main DC, it replicates just fine to the second
DC. However, when a client tries to apply those policies ("gpupdate /force"
on the client), I get an error saying the policy cannot be read. However,
if I run "samba-tool ntacl sysvolreset" on the second DC, the GPO then
I've checked using "getfacl" on the sysvol directory and its contents are
identical to the main DC.
Does anyone know if its harmful just to run "samba-tool ntacl sysvolreset"
after every rsync to the second DC? Or if this issue is well known at all?
Thanks in advance.
More information about the samba