[Samba] Missing Policies folder in AD and /var/lib/samba/sysvol

[Rick Hollinbeck]

Progress maybe...

I tried running sysvolcheck with strace and noticed something really odd....

This was in the trace:

getxattr("/var/lib/samba/sysvol/samdom.example.com/Policies/{6AC1786C-016F-11D2-945F-00C04fB984F9}", 
"security.NTACL", NULL, 0) = -1 ENOENT

But I knew that folder was in my sysvol folder:

├── [drwxrwx--- root     BUILTIN\administrators] 
{31B2F340-016D-11D2-945F-00C04FB984F9}
│   ├── [-rwxrwx--- root     BUILTIN\administrators]  GPT.INI
│   ├── [drwxrwx--- root     BUILTIN\administrators]  MACHINE
│   └── [drwxrwx--- root     BUILTIN\administrators]  USER
└── [drwxrwx--- root     BUILTIN\administrators] 
{6AC1786C-016F-11D2-945F-00C04FB984F9}
     ├── [-rwxrwx--- root     BUILTIN\administrators]  GPT.INI
     ├── [drwxrwx--- root     BUILTIN\administrators]  MACHINE
     └── [drwxrwx--- root     BUILTIN\administrators]  USER

But this command also failed when I cut and pasted the folder name from 
the strace:

pi at pidc3:~ $ sudo ls -al 
/var/lib/samba/sysvol/samdom.example.com/Policies/{6AC1786C-016F-11D2-945F-00C04fB984F9}
ls: cannot access 
'/var/lib/samba/sysvol/samdom.example.com/Policies/{6AC1786C-016F-11D2-945F-00C04fB984F9}': 
No such file or directory

It took me awhile to spot the problem...

Somehow sysvolcheck is using a LOWER CASE 'f' in the GUID folder name 
for the default GPO!

Where is this coming from? Of course, in Windows this doesn't matter. 
But in linux it is a showstopper.

How can I convince sysvolcheck and sysvolreset to use the correct 
subfolder name - all uppercase?