[Samba] Access Denied to Netlogon Share on secondary DC
Dirk Laurenz
samba at laurenz.ws
Mon May 4 21:18:02 UTC 2020
Hello Andrew,
i use the rsync script from the wiki....
crontabl -l
*/5 * * * * rsync -XAavz --delete-after
--password-file=/etc/samba/rsync-sysvol.secret
rsync://sysvol-replication@dc01.samba.laurenz.ws/SysVol
/var/lib/samba/sysvol/
-----Ursprüngliche Nachricht-----
Von: samba <samba-bounces at lists.samba.org> Im Auftrag von Andrew Bartlett
via samba
Gesendet: Montag, 4. Mai 2020 23:10
An: Dirk Laurenz <samba at laurenz.ws>; samba at lists.samba.org
Betreff: Re: [Samba] Access Denied to Netlogon Share on secondary DC
On Mon, 2020-05-04 at 22:24 +0200, Dirk Laurenz via samba wrote:
> Hello $list,
>
>
>
> i can't access the netlogon share on the second dc. I got this error:
>
>
>
> Mai 04 22:13:53 dc02 smbd[3321]: [2020/05/04 22:13:53.035964, 0]
> ../../source3/smbd/uid.c:448(change_to_user_internal)
>
> Mai 04 22:13:53 dc02 smbd[3321]: change_to_user_internal:
> chdir_current_service() failed!
>
>
>
> I checked the rights which are identically on both nodes. Accessing as
> admin works but not as user.
>
> I'm a little bit lost..
>
How are you syncronising the netlogon share? You need to ensure the NT
ACLs are reset on the new DC, see 'samba-tool ntacl sysvolreset',
particularly if the idmap is not the same on both.
Andrew Bartlett
--
Andrew Bartlett https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Developer, Catalyst IT
https://catalyst.net.nz/services/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list