[Samba] Access denied on GPO after "ntacl sysvolreset"
Rowland Penny
rpenny at samba.org
Wed Apr 16 16:07:06 UTC 2025
On Wed, 16 Apr 2025 17:03:10 +0200
Klaas TJEBBES via samba <samba at lists.samba.org> wrote:
>
> I don't understand how import parameters from a previously backuped
> GPO in RSAT can work on your setup as it clearly does not on ours.
>
>
> To summarize :
>
> root at addc:~# cat /etc/lsb-release
> DISTRIB_ID=Ubuntu
> DISTRIB_RELEASE=24.04
> DISTRIB_CODENAME=noble
> DISTRIB_DESCRIPTION="Ubuntu 24.04.2 LTS"
>
> root at addc:~# cat /etc/samba/smb.conf
> [global]
> realm = DOMSCRIBE.AC-TEST.FR
> workgroup = DOMSCRIBE
> netbios name = ADDC
> disable netbios = yes
> smb ports = 445
> map acl inherit = Yes
> store dos attributes = Yes
> winbind separator = /
> server role = active directory domain controller
> server services = -dns
> tls enabled = yes
> tls keyfile = /var/lib/samba/private/tls/key.pem
> tls certfile = /var/lib/samba/private/tls/cert.pem
> tls cafile =
> usershare max shares = 0
> restrict anonymous = 2
> interfaces = 192.168.0.30
>
> [netlogon]
> comment = Network Logon Service
> path = /home/sysvol/domscribe.ac-test.fr/scripts
> read only = No
> guest ok = yes
>
> [sysvol]
> comment = Sysvol Service
> path = /home/sysvol
> read only = No
> guest ok = yes
>
I asked this once, but you didn't answer, lets try again:
Why are sysvol and netlogon in /home instead of being in
/var/lib/samba where it belongs ?
Rowland
More information about the samba
mailing list