[Samba] Samba 4 and GPOs
Rowland Penny
rpenny at samba.org
Fri Oct 28 12:22:11 UTC 2022
On 28/10/2022 12:49, Bering, Uwe via samba wrote:
> Hi togehter,
>
> for each of our 20 schools we run a debian Server (bullseye) with Samba 4.16.5 as primary ad-dc.
No such thing as a 'primary' DC, there is the FSMO 'PDC_Emulator' role,
but this doesn't make it the primary DC.
There's no replication to another dc, there isn't another dc at all in
this network. It worked fine in all demands
I do hope that you are backing up the AD domain, because you have a
single point of failure there.
>
> Now I tried fort he first time to use the GPOs.
> The Installation of a central admx-store worked fine and also the first GPO I applied to a client.
>
> After some experiments I just encountered an error when invoking gpupdate on the client:
>
> = = = = = = = = = = = = =
> The processing of Group Policy failed. Windows attempted to read the file \\domain.local\sysvol\domain.local\Policies\{9CF5E225-C40D-452D-A5CE-0288D40407BA}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved.
> = = = = = = = = = = = = =
I do hope that 'domain.local' is a placeholder for your actual dns
domain and that it doesn't end in '.local', if it does, turn of Avahi
everywhere and do not connect from a Mac.
>
> From the client I can open \\[server]\\sysvol\[domain]\Policies\[guid]\GPT.INI, I have even write access to this location.
>
> Does anybody have an idea to solve this Problem?
>
> Viele Grüße
> Uwe
>
Have you tried running 'samba-tool ntacl sysvolcheck' and if required
'samba-tool ntacl sysvolreset'
Rowland
More information about the samba
mailing list