[Samba] GPO on a DC

samba-ml-en samba-ml-en at protonmail.com
Sun Jun 26 17:05:14 UTC 2022


Great, my later mail from yesterday has it all I think, with a lot of details about what I tried and relevant logs. Just probably the most relevant finding is:

 add_local_groups: SID S-1-5-21-3771616199-2733218289-4272702380-1000 -> getpwuid(30....
Error always happen when apply group policies = true is run and never when run manually. and as I wrote yesterday the difference is
apply group policies = true is in winbind (winbindd_gpupdate.c makes the call via its call back function)


> That explains that then, whilst a computer in AD is a basically a user
> with an extra objectclass (computer), it isn't a user and isn't mapped
> by Samba to a user.

More information about the samba mailing list