[Samba] Group Policies are not applied

Pisch Tamás pischta at gmail.com
Fri Mar 19 13:21:02 UTC 2021

> On both DC's run the debugscript.
> and diff them.
> https://raw.githubusercontent.com/thctlo/samba4/master/samba-collect-debug-info.sh

Thanks, I've done it. The krb5.conf file was different. On one server
the allow dns updates was missing. I corrected them. Thats all.

> And your sure there is nothing blocking needed ports in/on the vpn (tunnels)

I ran nmap on the Windows client. There ara a lot of open ports on dc1
and dc2. Nmap listed only open ports. Which are the necessary ports?

> greetz,
> Louis

>> Hi,
>> I tried to solve the problem, but without success. I googled, tried out things.
>> I give some additional info.
>> dc1 is a guest on an xcpng hypervisor (site1). dc2 is a guest on a Windows 2008 R2 Hyper-V (site2, default). I connect to the domain through VPN.
>> The replication between the servers is ok.
>> I can ping the dcs. As I said, I can join to the AD, and can log in as a domain user.
>> nslookup ad.ourdomain.hu
>> Server: Unknown
>> Address:
>> Name: ad.ourdomain.hu
>> Address:
>> nltest /query
>> Flags: 0
>> Connection Status = 1311 0x51f ERROR_NO_LOGON_SERVERS
>> I tried to rejoin the client (disjoin; on dc: samba-tool computer delete testcomputer\$;on client: join), but the situation is the same>.
>> Any idea, what could cause that, and what can I do with it?

More information about the samba mailing list