Bug 12257 - Windows 10 unable to update group policy.
Windows 10 unable to update group policy.
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
All All
: P5 normal
: ---
Assigned To: Andrew Bartlett
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2016-09-13 05:26 UTC by Kelvin Yip
Modified: 2016-11-11 05:44 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Kelvin Yip 2016-09-13 05:26:18 UTC

I found all our Windows 10 workstation are not able to update group policy. I tried manually using gpupdate /force also fails.
The following error display after I execute gpupdate command.

The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful.

Also tried the following registry but no helps.
\\*\SYSVOL RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0
\\*\NETLOGON RequireMutualAuthentication=1,RequireIntegrity=1

I also discover that when I use group policy editor and navigate to Computer Configuration->Windows Settings->Security Settings, it will display an error about "Wired Network Management".
Comment 1 Sander Plas 2016-09-13 09:43:46 UTC
Hi Kelvin, 

Do you mean that it's only going wrong on Windows 10? Or that you only have Windows 10 workstations? 

Do other things, like logging in on the workstations, or browsing on file shares, or running "wbinfo -i <username>" on the server still work? 

If you shut down samba the normal way (using an init.d script or whatever you're using on your OS) does it actually stop, or do several 'smb' or 'samba' processes keep on running? 

The reason i'm asking is that i'm seeing somewhat similar symptoms and i'm wondering wether it's the same problem or something entirely different. 

Comment 2 Kelvin Yip 2016-09-13 09:56:22 UTC
(In reply to Sander Plas from comment #1)

Most of Workstations in my company are Windows 7. All windows 7 workstations works normally. They can login, browse the share, use RSAT without any error message, execute gpupdate without any errors.
Comment 3 Kelvin Yip 2016-09-19 07:53:10 UTC
(In reply to Kelvin Yip from comment #2)

I find another problem of Windows 10 which may be related. When I try to add a domain user to local administrator group. I cannot lookup a domain user when I click "check user" button.
Again, all Windows 7 workstation behave normal.
Comment 4 Kelvin Yip 2016-11-11 05:44:01 UTC
(In reply to Kelvin Yip from comment #3)
Finally, I figure out all these problems are related to these setting:restrict anonymous = 2, setting this value to 0 or 1 does not have this problem.

I think I use this setting from SambaV 4.0

Is it an expected behaviour ?