Web lists-archives.com

Re: [Samba] Domain Member Computer not showing in ADUC




On Thu, 07 Jun 2018 08:54:51 +0200 Henry Jensen wrote:
>
> Am 6. Juni 2018 19:55:52 MESZ schrieb Mark Foley via samba <samba@xxxxxxxxxxxxxxx>:
> >I am running Samba 4.4.16 on Slackware64 14.2. I have a domain member
> >Windows 7 workstation. I
> >upgraded the hardware on this computer a couple of weeks ago. I deleted
> >the computer from
> >the domain, the re-joined after finishing the upgrade.
> >
> >This computer show in the list with 'samba-tool group listmembers
> >"Domain Computers"', but does
> >not show up in ADUC > Computers.  I've removed and re-joined the
> >domain, but that didn't fix
> >the problem. 
>
>
> Samba 4.4.x is EOL as far as Samba is conerned. Also Slackware doesn't have PAM.
>
> You may want to consider my up-to-date Samba and PAM packages for Slackware64
>  14.2 at https://connochaetos.org/slack-n-free/pam64-14.2/
>
>
> Kind regards,
>
> Henry

Well, I'm having a number of problems including Group Policies not working, loss of redirected
desktop and so on. I'd really like to get these resolved as I need to connect more domain
member workstations.

So, I guess I'll upgrade to a more current version of Samba and see if that helps. The version
I'm using is the most recent available for my Slackware distribution. The next version in the
pending Slackware release is 4.8.2. I may try that first. Actually, I may try your package as
it is targeted to Slackware. I am using Ivandi's PAM on the Linux domain members.

I had no problems with the initial 4.1 version and Group Policies when installed back in 2014.
Still had no problem in 2016 with Samba 4.2.12 when the most recent user was added. That user
was able to log on the first time and get her redirected desktop. We've not added new users or
workstations since then until starting last November/December when we upgraded workstations and
in some cased created new Windows workstations from scratch with the installation DVD. Since
that time none of the existing users logging onto their workstations can get their redirected
desktops. I have to manually change the desktop location. Nor do they get their own desktops
when logging into workstations other than their own. It "feels" like something bad happened to
Group Policy management between 4.2.12 and 4.4.16.

When the workstation tried to connect I get the Event Log error:

'General' error: "The processing of Group Policy Failed. Windows could not apply the
registry-based policy settings for the Group Policy object
LDAP;//CN=Machine,cn={B78D19CB-914B-48F4-AA63-FD8708A55ED7},cn=policies,cn=system,DC=hprs,DC=local.
Group Policy settings will not be resolved until this event is resolved. View the event details
for more information on the file name and path that caused the failure."

Event details says, "Access is denied".  However, the Domain Administrator *is* able to get its
redirected desktop regardless of which workstation it logs into.  If anyone has any insight
into this, please reply.  Meanwhile, I'll update Samba. 

--Mark

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba