[Samba] samba-tool ntacl sysvolreset error on newly joined DC

Rowland Penny rpenny at samba.org
Thu Jan 6 18:16:32 UTC 2022

On Thu, 2022-01-06 at 18:02 +0000, Carlos Gardel via samba wrote:
> Hello!
> I am running an active directory domain with two samba DC:s (DC1 och
> DC2).
> The existing DC:s, working perfectly, are running on Centos 6 with
> samba 4.9.8. Due to Centos 6 being EOL since quite some time I now
> want to join a new DC (DC3) to the domain.
> I have set up a new DC, running Centos 8/stream with samba 4.15.3
> (compiled from source), following the tutorial at 
> https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory
> .
> Everything has worked perfectly until the section ”Built-in User &
> Group ID Mappings” where you are supposed to ”reset the Sysvol
> folder’s file system acces Control lists on  the new DC” by running:
> # samba-tool ntacl sysvolreset.
> On running this command I get the following error output:
> [root at dc3 ~]# samba-tool ntacl sysvolreset
> set_nt_acl_conn: init_files_struct failed:
> ERROR(runtime): uncaught exception - (3221225524, 'The object name is
> not found.')

Have you synced idmap.ldb and sysvol to the new DC ?

See here:


More information about the samba mailing list