[Samba] Policies for AD clients (still poledit only ?).

Wed Oct 21 11:32:09 UTC 2020

You have to upload the GP templates into the appropriate Sysvol
subdirectory on the Samba DC and mmc/gpedit will get them from there.

That is \\<yourdc>\sysvol\<yourdomain>\Policies\PolicyDefinitions ,
100's of .admx files and language-specific subdirectories with as many
.adml files.

You can download the templates for the various products (Windows 10
versions, Office versions etc.) from Microsoft.

Make sure that you point the GP editor at that DC from where sysvol gets
synchronized to other DCs (and upload the templates to that same DC).

regards,
Norbert

On 21.10.2020 11:44, Peter Boos via samba wrote:
> So only for old NT4 style PDC - BDC environment one needs poledit.
>
> While AD's (with virtual pdc role servers) can use the MMC.
>
> We got a pure Samba AD environment and thus it should work.
> Be it that we might not have all mmc templates (not yet checked that).
>
> Thanks Viktor.
>
>
>
> -----Original message-----
> From: Viktor Trojanovic <viktor at troja.ch>
> Sent: Wednesday 21st October 2020 11:14
> To: Peter Boos <peter.boos at quest-innovations.com>; samba at lists.samba.org
> Subject: Re: [Samba] Policies for AD clients (still poledit only ?).
>
> In the article you provided you'll find the following paragraph:
>
> :::
> Currently Samba, the Free Software SMB Server, does not implement Active Directory functionality when using it as a Primary Domain Controller. If you deploy any Samba PDCs you will want to master System Policies using the SPE. So this article will cover the basics of Microsoft's older System Policy Editor, how to obtain it, use it and implement it's policies.
> :::
>
> So this is specifically not about an AD setup and therefore not relevant for you IMHO.
>
> Viktor
>
> On October 21, 2020 10:32:32 Peter Boos via samba <samba at lists.samba.org> wrote:
>
> I'm creating a deploy plan, for strict client policies (to comply to ISO standards and security)
> For mixed win 7 enterprise and win 10 enterprise on a Samba Active Directory.
>
> On the lookout if Samba would be any different towards client policies.
> I did some googling, and got pointed to old samba articles of 2007:
>
>     https://wiki.samba.org/index.php/Implementing_System_Policies_with_Samba
>
> Saying that samba allows only for poledit.exe (not the mmc variants?)
> Is this still the case ?
> And why?, as there is a policy editor mmc on a win 10 pro client.
> And even non win 10 pro clients have ways to get it.
>
>
>
>
>
>
>
> -----Original message-----
> From: samba-request at lists.samba.org <samba-request at lists.samba.org>
> Sent: Tuesday 20th October 2020 14:00
> To: samba at lists.samba.org
> Subject: samba Digest, Vol 214, Issue 19
>
> Send samba mailing list submissions to
> samba at lists.samba.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.samba.org/mailman/listinfo/samba
> or, via email, send a message with subject or body 'help' to
> samba-request at lists.samba.org
>
> You can reach the person managing the list at
> samba-owner at lists.samba.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of samba digest..."
> Today's Topics:
>
> 1. Re: Samba AD with multiple DC and multiple NICs (Rowland penny)
> 2. DNS Records (Nico B)
> 3. Re: DNS Records (Rowland penny)
> 4. Re: DNS Records (Jon Gerdes)
> 5. Re: Samba AD with multiple DC and multiple NICs (Stefano Vargiu)
> 6. Re: Samba AD with multiple DC and multiple NICs (Stefano Vargiu)
> 7. Replication issues / local DRS authentication failure
> (Derek Lambert)
> 8. Re: Replication issues / local DRS authentication failure
> (Rowland penny)
> 9. Re: Replication issues / local DRS authentication failure
> (Rowland penny)
> _______________________________________________
> samba mailing list
> samba at lists.samba.org
> https://lists.samba.org/mailman/listinfo/samba
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba