Goodtime from Kaluga, USSR
Security updated Samba 4.3.6, worked properly before, had shown to me this at the morning:
RU: "//ukt.home/ Ccылается на недоступное расположение. ... Убедитесь, что диск вставлен правильно..."
EN (free-translated-by-me): WIN says, that /SYSVOL is not connectable in case of computer-offline or resource-renamed.
I tried to check shares on my ADC and found, that NONE (not SYSVOL only) shares inavailable from WIN. NTACLs are all-right, winlogon ok, connecting ADServer ok, managing users and policies ok. I cannot apply policies to anybody, because /SYSVOL is offline.
Looking up for policies I tried to check samba-shares from domain-joined UBUNTU-machine (one more UBUNTU 14.04LTS) as a domain client SMBCLIENT-connection. SMBCLIENT connects to ADS, but >DIR pulls
samba-tool ntacl sysvolreset has token no effect.
samba-tool gpo aclcheck returned this:
root@ukt-local:/var/mail# samba-tool gpo aclcheck
ERROR(runtime): uncaught exception - (-1073741772, 'The object name is not found.')
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 175, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/gpo.py", line 1148, in run
fs_sd = conn.get_acl(sharepath, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL, security.SEC_FLAG_MAXIMUM_ALLOWED)
Please, help. I'm a domain controller of a municipal trolleybus station of 80 PC's, 24 of which are in a domain.
All logs you need will be sended to you as fast as you told us. Thanks for your help.
p.s. Ubuntu browses /var/lib/samba/sysvol and all shares i have on my ADC.
Windows (or each-other client) see some shares on a Samba4.3.8-machine, but cannot browse any of them.
Samba 4.3.9 with winbind installed in working in AD domain controller now. I'd set up my DC retrieving domain users and groups as domain member (for system only, not for samba), and I give permissions of /SYSVOL - operating for both domain users and administrators groups.
And now I have some trobules in samba user file sharing; like configuring a simple catalog in ./home/user for common (read only = No; guest OK = Yes). But I took a bug of "No such resources or permission denied" in WinX. !nix gets directory lists and operates files properly. WIDW???