[Samba] Group Policies are not applied

[L.P.H. van Belle]

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Pisch Tamás via
> samba
> Verzonden: dinsdag 13 april 2021 9:05
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Group Policies are not applied
> 
> > CMD : ipconfig /all
> > Check dns-suffix and primary domain suffix..
> ad.ourdomain.hu: thats ok.
> 
> > What is windows event ID telling?
> 1053 and 1055. Windows cannot resolve user/computer name.
> > And, did you test with the firewall off.. of not at least try it.
> Unfortunately not. It let in the vpn traffic, and it has several other
> important rules. As I see, traffic between dc2 and the client Win10 is
> not filtered. dc2 runs on a Windows 2008 hypervisor. I'm going to move
> it to Vmware in 1-2 days, because I've read an article about that
> Windows 2008 has a network problem what could cause similar problem
> (yes, Windows 2008 is too old, but I inherited that environment).

Ah, 1053 and 1055 .. well 

If its RoadWarrior setup, you can try this

Add-VpnConnection -Name "VpnConnectionNAME" -ServerAddress "vpn.domain.tld " -TunnelType "IKEv2" -AuthenticationMethod EAP -SplitTunneling -DnsSuffix " ad.ourdomain.hu" -AllUserConnection

Add-VpnConnectionRoute -ConnectionName " VpnConnectionNAME" -DestinationPrefix "IP_RANGE_LAN_BEHIND_VPN" -PassThru -AllUserConnection

Add-VpnConnectionRoute " VpnConnectionNAME" ::/1 -AllUserConnection
Add-VpnConnectionRoute " VpnConnectionNAME" 8000::/1 -AllUserConnection

In above case, VPN clients gets DNS through DHCP server from lan. 
above worked for me. 

in addition, read this. 
http://woshub.com/dns-resolution-via-vpn-not-working-windows/ 

If its a LAN2LAN, most should work, i have that here.
my remote PC's just login at main office, 
you can try and set the DNS and dns domain in the ip settings 
If the VPN tunnel isnt restricted that should work. 
But there is more going on in the Windows 10 setups, thats first to make sure its all ok. 


Greetz, 

Louis