# samba-tool gpo aclcheck ERROR(<type 'exceptions.KeyError'>): uncaught exception - 'No such element' File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line 175, in _run return self.run(*args, **kwargs) File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/gpo.py", line 1150, in run ds_sd_ndr = m['nTSecurityDescriptor'][0] The command always fails. The same failure was already mentioned in bug report #9922 regarding 4.0.0. As this bug report was in its origin about a different problem, I create a separate bug report for this exception. Debian also has already a bug report about that: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742182
This is also happening on Sernet-Samba 4.1.9: samba-tool -V 4.1.9-SerNet-RedHat-8.el6 [root@auth1 ad.brewerscience.com]# samba-tool gpo aclcheck ldb_wrap open of secrets.ldb GENSEC backend 'gssapi_spnego' registered GENSEC backend 'gssapi_krb5' registered GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend 'sasl-DIGEST-MD5' registered GENSEC backend 'schannel' registered GENSEC backend 'spnego' registered GENSEC backend 'ntlmssp' registered GENSEC backend 'krb5' registered GENSEC backend 'fake_gssapi_krb5' registered ERROR(<type 'exceptions.KeyError'>): uncaught exception - 'No such element' File "/usr/lib64/python2.6/site-packages/samba/netcmd/__init__.py", line 175, in _run return self.run(*args, **kwargs) File "/usr/lib64/python2.6/site-packages/samba/netcmd/gpo.py", line 1150, in run ds_sd_ndr = m['nTSecurityDescriptor'][0] My GPOs are acting funny (working on some computers and not others in the same OU). I am not sure if that is related, but that is how I encountered this bug.
I can't confirm any GPO problems. I created today some new and all worked fine and like expected. Also all previous created work. All DCs are 4.1.9. Only the aclcheck command isn't working.
I tried 4.5.0rc2: Using this version, the command works and does not fail anymore.