[Samba] Missing Policies folder in AD and /var/lib/samba/sysvol
Rowland Penny
rpenny at samba.org
Mon Mar 17 12:59:40 UTC 2025
On Sat, 15 Mar 2025 15:16:57 -0600
Rick Hollinbeck via samba <samba at lists.samba.org> wrote:
> I currently am running 3 Samba DC's.
>
> None of them have a 'Policies' folder under /var/lib/samba/sysvol
> (only 'scripts')
>
> My Samba migration started from a Windows Server 2008 configuration
> several years ago.
>
> I first installed Samba 4.11 (van-belle), joined it to the Windows AD
> and migrated the FSMO roles there.
> I then removed the Windows Servers and turned them off.
>
> This set-up worked fine until a Windows update broke AD logins with
> Samba 4.11 from Windows 11 so...
> A year or so ago, I added a Samba 4.17 server and migrated FSMO roles
> there.
>
> So, I'm not sure when (or if) the Policies folder got lost along the
> way.
>
> Is there a way to manually repair these Default GPO's?
>
>
>
I think that the contents of Sysvol have never been there, you probably
never synced them from the Windows DCs.
It isn't a big problem though, the default GPOs are virtually empty,
you just need to know what to create. You could provision a new domain
and then copy what is created in Sysvol on that and then run
'samba-tool ntacl sysvolreset', other than that, I have script
somewhere that creates the required directories/files.
Rowland
More information about the samba
mailing list