Web lists-archives.com

Re: [Samba] samba-tool ntacl sysvolreset, - open: error=2 (No such file or directory)

On Tue, 11 Sep 2018 01:16:16 +0100
niya via samba <samba at lists.samba.org <https://lists.samba.org/mailman/listinfo/samba>> wrote:

>/hi everyone />//>/installed and joined a second dc following the instructions at />/https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory />/both version are 4.8.2 />/when i try to reset t the Sysvol folder's file system access control />/lists on the new dc />/i get the following error />//>/sudo samba-tool ntacl sysvolreset />/open: error=2 (No such file or directory) />/ERROR(runtime): uncaught exception - (3221225473L, '{Operation />/Failed} The requested operation was unsuccessful.') />/  File "/usr/lib/python2.7/site-packages/samba/netcmd/__init__.py", />/line 176, in _run />/    return self.run(*args, **kwargs) />/  File "/usr/lib/python2.7/site-packages/samba/netcmd/ntacl.py", />/line 239, in run />/    lp, use_ntvfs=use_ntvfs) />/  File />/"/usr/lib/python2.7/site-packages/samba/provision/__init__.py", line />/1686, in setsysvolacl set_gpos_acl(sysvol, dnsdomain, domainsid, />/domaindn, samdb, lp, use_ntvfs, passdb=s4_passdb) />/  File />/"/usr/lib/python2.7/site-packages/samba/provision/__init__.py", line />/1579, in set_gpos_acl use_ntvfs=use_ntvfs, skip_invalid_chown=True, />/passdb=passdb, service=SYSVOL_SERVICE) />/  File "/usr/lib/python2.7/site-packages/samba/ntacls.py", line 162, />/in setntacl />/    smbd.set_nt_acl(file, security.SECINFO_OWNER | />/security.SECINFO_GROUP | security.SECINFO_DACL | />/security.SECINFO_SACL, sd, service=service) />//>/================================================================================================================== />//>/open: error=2 (No such file or directory) - what  file or directory />/is missing ? />//>/shadrock />//>//
Probably most of sysvol ;-)

Have you synced sysvol and idmap.ldb from the first DC to the second ?

See here:

https://wiki.samba.org/index.php/SysVol_replication_(DFS-R <https://wiki.samba.org/index.php/SysVol_replication_%28DFS-R>)

hi Rowland

the instruction route the wiki leads you on is
Joining a Samba DC to an Existing Active Directory <https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory> i get to the Built-in User & Group ID Mappings section, setup and try samba-tool ntacl sysvolreset
no replication has been done yet, which doesn't work so i hop over to
 Sysvol Replication workaround <https://wiki.samba.org/index.php/SysVol_replication_%28DFS-R%29>
i choose the rsync option
Rsync based SysVol replication workaround <https://wiki.samba.org/index.php/Rsync_based_SysVol_replication_workaround>
Setup on all other Domain Controller(s) section implies that you
Make sure, that you haveidentical IDs of built-in groups on all DCs. <https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Built-in_User_.26_Group_ID_Mappingsfirst then do the replication which brings me back to the Joining a Samba DC to an Existing Active Directory page. my error was doing the sysvol replication last instead of the Built-in User & Group ID Mappings maybe the instruction could be made a bit clearer to do both the rsync replication and the identical IDs of built-in groups on all DCs. <https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory#Built-in_User_.26_Group_ID_Mappings> first before the sysvol reset.

as to your answer you were correct there was only a scripts directory and no policies directory in the directory folder on new dc
running the rsync command then the sysvol reset completes with no errors

thanks shadrock

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba