[Samba] Can't use samba-tool gpo restore command

Csorba Róbert csorbarobert at darabanth.com
Wed Jul 8 13:26:38 UTC 2020


Hi,

After I successfully dumped the GPO policies on my working domain 
controller I would like to reuse it on a different domain server, but 
when I use the following command:

samba-tool gpo restore B59E0B93-8226-40CA-A5C8-58A7AA1D139E 
/var/tmp/samba_gpo/policy/\{B59E0B93-8226-40CA-A5C8-58A7AA1D139E\}

I got this error message:

Using temporary directory /tmp/tmpo7huf4c0 (use --tmpdir to change)
ERROR(ldb): uncaught exception - LDAP error 50 
LDAP_INSUFFICIENT_ACCESS_RIGHTS -  <acl: unable to get access to 
CN={76FFB9E4-B557-433E-B105-7F5C36AE54C1},CN=Policies,CN=System,DC=teszt,DC=darabanth,DC=pro
 > <>
   File "/usr/lib64/python3.6/site-packages/samba/netcmd/__init__.py", 
line 186, in _run
     return self.run(*args, **kwargs)
   File "/usr/lib64/python3.6/site-packages/samba/netcmd/gpo.py", line 
1417, in run
     credopts, versionopts)
   File "/usr/lib64/python3.6/site-packages/samba/netcmd/gpo.py", line 
1239, in run

Do you have any idea what cause the problem or I use the command 
incorrectly?

I have already checked the offical site -> 
https://wiki.samba.org/index.php/GPO_Backup_and_Restore

My system details:

- Tranquil IT's repo

- Samba version 4.11.9

- CentOS Linux release 7.8.2003 (Core)


Yours Sincerely

Robert Csorba



More information about the samba mailing list