[Samba] Adding group policy ability
Kees van Vloten
keesvanvloten at gmail.com
Thu Jun 20 11:18:23 UTC 2024
Op 20-06-2024 om 06:10 schreef lists--- via samba:
> Thanks a lot, Kees! :)
>
> Any hint which package to download for Windows Server 2022?
The proper ADMX for your version of Windows are on Windows itself in
C:\windows\PolicyDefinitions. You just copy the content of the directory
(and subdirs) to your Sysvol share \Policies\PolicyDefinitions
- Kees.
>
> Cheers,
> Torsten
>
>
> Am 19.06.2024 um 09:30 schrieb Kees van Vloten via samba:
>>
>> Op 19-06-2024 om 08:42 schreef lists--- via samba:
>>> Good morning list :)
>>>
>>> currently I don't need a group policy, but maybe that will change in
>>> the future - so I'd like to install its ability right now.
>>>
>>> As far as I understand https://wiki.samba.org/index.php/Group_Policy
>>> I have to execute:
>>> samba-tool gpo admxload -U Administrator
>>> (and samba-tool gpo admxload -H ldap://dcXYZ.samdom.example.com -U
>>> Administrator on additional DCs).
>> This will load Samba's ADMX files from where the distro installs them
>> onto sysvol. Handy for the settings Samba provides, but those are
>> mainly for GPOs on Linux.
>>>
>>> Not clear is:
>>> which Microsoft's ADMX templates for which MS-Server version?
>>> There're only MS-Windows Server 2016 and MS-Windows Server 2008/R2
>>> listed, but no eg. 2016, 2019 or 2022 ...
>>> Plus another question on this: _if_ I have install the ADMX eg. for
>>> 2022, does I have to install those ADMX-versions on every MS
>>> quarterly H-update pack again?
>>
>> You only need to cover the settings you are using in your GPOs with
>> ADMX files that define those settings. As long as you don't change
>> your GPOs (and add new settings), there is no need to update the ADMX
>> files.
>>
>> If you use Windows tooling (admc) to create GPOs, it will read the
>> ADMX files from your sysvol to create the UI. So not updating ADMX
>> files implies that you will never see the latest settings and hence
>> you will not use them :-)
>>
>> I hard ever upgrade them.
>>
>> - Kees.
>>
>>>
>>> Cheers,
>>> Torsten
>>>
>>
>
More information about the samba
mailing list