[Samba] Group Policies are not applied
L.P.H. van Belle
belle at bazuin.nl
Fri Mar 19 10:57:34 UTC 2021
On both DC's run the debugscript.
and diff them.
https://raw.githubusercontent.com/thctlo/samba4/master/samba-collect-debug-info.sh
And your sure there is nothing blocking needed ports in/on the vpn (tunnels)
greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Pisch Tamás via
> samba
> Verzonden: vrijdag 19 maart 2021 11:48
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Group Policies are not applied
>
> Hi,
>
> I tried to solve the problem, but without success. I googled, tried out
> things.
> I give some additional info.
> dc1 is a guest on an xcpng hypervisor (site1). dc2 is a guest on a Windows
> 2008 R2 Hyper-V (site2, default). I connect to the domain through VPN.
> The replication between the servers is ok.
> I can ping the dcs. As I said, I can join to the AD, and can log in as a
> domain user.
> nslookup ad.ourdomain.hu
> Server: Unknown
> Address: 172.18.255.196
> Name: ad.ourdomain.hu
> Address: 172.18.255.196
> 172.17.253.253
> nltest /query
> Flags: 0
> Connection Status = 1311 0x51f ERROR_NO_LOGON_SERVERS
> I tried to rejoin the client (disjoin; on dc: samba-tool computer delete
> testcomputer\$;on client: join), but the situation is the same.
> Any idea, what could cause that, and what can I do with it?
>
> Regards,
>
> Tamas Pisch.
>
>
>
> Pisch Tamás <pischta at gmail.com> ezt írta (id??pont: 2021. márc. 16., K,
> 15:53):
>
> > Hi,
> >
> > I set up a policy as test. When I run
> > gpupdate /force
> > on a Windows 10 client, I get error messages:
> > -Group policy processing was unsuccessful. Windows cannot resolve
> computer
> > name.
> > -Group policy processing was unsuccessful. Windows cannot resolve user
> > name.
> > The windows client was joined the domain, and I logged in with a domain
> > user.
> > Server side: Samba 4.13.4. It is a fresh installation. I went through
> the
> > Samba documentation, and the test commands run successful, so I don't
> know,
> > what Windows cannot resolve.
> > I installed RSAT. I added our AD to the Group policy management tool.
> When
> > I click on ad.ourdomain.hu, I get an error:
> > Processing error encountered with this default domain controller while
> > data-collection (sorry, I tried to translate it from Hungarian to
> English).
> > Change the domain controller and try again.
> > I applied samba-tool sysvolreset after I got error message related to
> rpc
> > too.
> > I installed two dcs: dc1, dc2. dc2 gets sysvol content with rsync.
> > smb.conf:
> > [global]
> > bind interfaces only = Yes
> > dns forwarder = 208.67.222.222 208.67.220.220
> > interfaces = lo eth0
> > netbios name = DC1
> > realm = AD.OURDOMAIN.HU
> > server role = active directory domain controller
> > workgroup = AD
> > idmap_ldb:use rfc2307 = yes
> > allow dns updates = secure only
> >
> > [sysvol]
> > path = /var/lib/samba/sysvol
> > read only = No
> >
> > [netlogon]
> > path = /var/lib/samba/sysvol/ad.ourdomain.hu/scripts
> > read only = No
> > Regards,
> >
> > Tamas Pisch.
> >
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list