[Samba] gpo client linux sssd does not apply

Anderson Sampaio Mello anderson.sampaio.mello at gmail.com
Fri Apr 14 08:23:04 UTC 2023 

Hello Samba Team, how are you?

I'm joining linux clients in the company's environment and I would like to
apply GPOs to linux clients, I'm in the testing phase.

I'm testing with ubuntu clients version 22.04 and the software I used to
join the samba AD was sssd.

The 22.04 ubuntu client has joined and everything is working fine except
for the GPOs for linux clients.

I compiled and installed oddjob-gpupdate and also installed oddbjob as
recommended by the samba documentation (
https://dmulder.github.io/group-policy-book/)

I also installed samba version 4.15.3 with the command samba-gpupdate, when
I run the command samba-gpupdate --rsop with sssd working it reports these
errors:

Traceback (most recent call last):
   File "/usr/sbin/samba-gpupdate", line 117, in <module>
     rsop(lp, creds, logger, store, gp_extensions, opts.target)
   File "/usr/lib/python3/dist-packages/samba/gpclass.py", line 511, in rsop
     dc_hostname = get_dc_hostname(creds, lp)
   File "/usr/lib/python3/dist-packages/samba/gpclass.py", line 358, in
get_dc_hostname
     cldap_ret = net.finddc(domain=lp.get('realm'),
flags=(nbt.NBT_SERVER_LDAP |
samba.NTSTATUSError: (3221225524, 'The object name is not found.')
Error in sys.excepthook:
Traceback (most recent call last):
   File "/usr/lib/python3/dist-packages/apport_python_hook.py", line 153,
in apport_excepthook
     with os.fdopen(os.open(pr_filename,
FileNotFoundError: [Errno 2] No such file or directory:
'/var/crash/_usr_sbin_samba-gpupdate.0.crash'

Original exception was:
Traceback (most recent call last):
   File "/usr/sbin/samba-gpupdate", line 117, in <module>
     rsop(lp, creds, logger, store, gp_extensions, opts.target)
   File "/usr/lib/python3/dist-packages/samba/gpclass.py", line 511, in rsop
     dc_hostname = get_dc_hostname(creds, lp)
   File "/usr/lib/python3/dist-packages/samba/gpclass.py", line 358, in
get_dc_hostname
     cldap_ret = net.finddc(domain=lp.get('realm'),
flags=(nbt.NBT_SERVER_LDAP |
samba.NTSTATUSError: (3221225524, 'The object name is not found.')

On another station when I test on another linux ubuntu client with the same
version of samba, but with winbind(not sssd), the GPOs are applied normally.

I think it's something that isn't working well, which could be a result of
the compilation or some detail I missed.

I downloaded the code from https://github.com/openSUSE/oddjob-gpupdate and
compiled it like this:

apt install autoconf libtool libxml2-dev libdbus-1-dev oddjob libpam0g-dev
xmlto libselinux1-dev libxml++2.6-dev
./autogen
make up
make install

Did I make a mistake in the compilation process? can someone guide me to
compile correctly?

More information about the samba mailing list