FreeBSD 11.0 p8 x64 Samba 4.6.2 from ports I have problem with domain provisioning related to acl using. While trying test provisioning of new domain (samba-tool domain provision --use-rfc2307 --interactive) get next error: Setting up sam.ldb users and groups Setting up self join set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_PARAMETER. ERROR(runtime): uncaught exception - (-1073741811, 'Unexpected information received') File "/usr/local/lib/python2.7/site-packages/samba/netcmd/__init__.py", line 176, in _run return self.run(*args, **kwargs) File "/usr/local/lib/python2.7/site-packages/samba/netcmd/domain.py", line 471, in run nosync=ldap_backend_nosync, ldap_dryrun_mode=ldap_dryrun_mode) File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py", line 2175, in provision skip_sysvolacl=skip_sysvolacl) File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py", line 1806, in provision_fill names.domaindn, lp, use_ntvfs) File "/usr/local/lib/python2.7/site-packages/samba/provision/__init__.py", line 1593, in setsysvolacl service=SYSVOL_SERVICE) File "/usr/local/lib/python2.7/site-packages/samba/ntacls.py", line 162, in setntacl smbd.set_nt_acl(file, security.SECINFO_OWNER | security.SECINFO_GROUP | security.SECINFO_DACL | security.SECINFO_SACL, sd, service=service) This issue is absent at 4.5.6, 4.5.7, 4.5.8. Also in maillist there is note about this problem in Samba 4.6.0 rc4 - https://www.spinics.net/lists/samba/msg141182.html
The patch at https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220844 may help. Its built on the work of others on the samba lists. A workaround until...
Thanks for reporting this issues. This is a duplicate, so I'm closing it do ensure we handle this in just one place. Sadly it is also a difficult issue to sort out. *** This bug has been marked as a duplicate of bug 12912 ***