[Samba] samba-tool ntacl sysvolreset error on newly joined DC

Carlos Gardel carlosito2021 at outlook.com
Thu Jan 6 23:38:01 UTC 2022 

Hello again,

After syncing sysvol as well everything worked perfectly!

Thank you Rowland for pointing out what was clearly stated in the tutorial. Sometimes it’s easy to miss a line after a couple of hours behind the screen.

Kind regards,
Carl

Från: Carlos Gardel via samba<mailto:samba at lists.samba.org>
Skickat: den 6 januari 2022 19:25
Till: Rowland Penny<mailto:rpenny at samba.org>; samba at lists.samba.org<mailto:samba at lists.samba.org>
Ämne: Re: [Samba] samba-tool ntacl sysvolreset error on newly joined DC

Hello Rowland and thank you very much for your extremely fast answer!

I have synced idmap.ldb but not sysvol to the new DC. I guess I must have missed that step of the guide! How embarrassing. I will do that, give it a new try and report back!

Wish you a nice evening,

Carl


Från: Rowland Penny via samba<mailto:samba at lists.samba.org>
Skickat: den 6 januari 2022 19:17
Till: samba at lists.samba.org<mailto:samba at lists.samba.org>
Ämne: Re: [Samba] samba-tool ntacl sysvolreset error on newly joined DC

On Thu, 2022-01-06 at 18:02 +0000, Carlos Gardel via samba wrote:
> Hello!
>
> I am running an active directory domain with two samba DC:s (DC1 och
> DC2).
>
> The existing DC:s, working perfectly, are running on Centos 6 with
> samba 4.9.8. Due to Centos 6  EOL since quite some time I now
> want to join a new DC (DC3) to the domain.
>
> I have set up a new DC, running Centos 8/stream with samba 4.15.3
> (compiled from source), following the tutorial at
> https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory
> .
> Everything has worked perfectly until the section ”Built-in User &
> Group ID Mappings” where you are supposed to ”reset the Sysvol
> folder’s file system acces Control lists on  the new DC” by running:
> # samba-tool ntacl sysvolreset.
>
> On running this command I get the following error output:
>
> [root at dc3 ~]# samba-tool ntacl sysvolreset
> set_nt_acl_conn: init_files_struct failed:
> NT_STATUS_OBJECT_NAME_NOT_FOUND
> ERROR(runtime): uncaught exception - (3221225524, 'The object name is
> not found.')

Have you synced idmap.ldb and sysvol to the new DC ?

See here:
https://wiki.samba.org/index.php/SysVol_replication_(DFS-R)

Rowland



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list