Project

General

Profile

Tâche #17982

Updated by Klaas TJEBBES almost 6 years ago

(solution placée en haut car la description est un peu longue)
<pre>
samba-tool ntacl sysvolreset
</pre>
Corrige les droits sur "sysvol" et règle donc le problème. On peut envisager de placer cette commande dans *_reconfigure_*.

Suite à une mise à jour, les droits sur sysvol ont été modifiés :
log/rsyslog/local/zephir/zephir.log:2016-11-22T04:50:03.020580+01:00 dc2.ac-test.lan zephir: MAJ => INIT : Début
log/rsyslog/local/zephir/zephir.log:2016-11-22T04:51:21.668013+01:00 dc2.ac-test.lan zephir: MAJ => FIN : 32 paquets mis à jour

À 04h55 les 22/11/2016 je reçois par mail :

<pre>
root@dc1:~# samba-tool ntacl sysvolcheck
ERROR(<class 'samba.provision.ProvisioningError'>): uncaught exception - ProvisioningError: DB ACL on GPO directory /home/sysvol/ac-test.lan/Policies/{3C682FA0-399B-41F0-AB79-2AA3810ABB34} O:DAG:DAD:PAI(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED) does not match expected value O:DAG:DAD:P(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED) from GPO object
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 175, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/ntacl.py", line 249, in run
lp)
File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1733, in checksysvolacl
direct_db_access)
File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1684, in check_gpos_acl
domainsid, direct_db_access)
File "/usr/lib/python2.7/dist-packages/samba/provision/__init__.py", line 1631, in check_dir_acl
raise ProvisioningError('%s ACL on GPO directory %s %s does not match expected value %s from GPO object' % (acl_type(direct_db_access), path, fsacl_sddl, acl))

</pre>

root@dc2:~# grep 2016-11-22 log/dpkg.log|grep " installed"
2016-11-22 04:50:39 status installed libc-bin:amd64 2.23-0ubuntu4
2016-11-22 04:50:40 status installed libapt-pkg5.0:amd64 1.2.15
2016-11-22 04:50:40 status installed libc-bin:amd64 2.23-0ubuntu4
2016-11-22 04:50:41 status installed libc-bin:amd64 2.23-0ubuntu4
2016-11-22 04:50:42 status installed man-db:amd64 2.7.5-1
2016-11-22 04:50:43 status installed apt:amd64 1.2.15
2016-11-22 04:50:43 status installed libc-bin:amd64 2.23-0ubuntu4
2016-11-22 04:51:07 status installed man-db:amd64 2.7.5-1
2016-11-22 04:51:07 status installed mime-support:all 3.59ubuntu1
2016-11-22 04:51:07 status installed libc-bin:amd64 2.23-0ubuntu4
2016-11-22 04:51:07 status installed ureadahead:amd64 0.100.0-19
2016-11-22 04:51:07 status installed systemd:amd64 229-4ubuntu12
2016-11-22 04:51:08 status installed libapt-inst2.0:amd64 1.2.15
2016-11-22 04:51:08 status installed apt-utils:amd64 1.2.15
2016-11-22 04:51:08 status installed chromium-codecs-ffmpeg-extra:amd64 53.0.2785.143-0ubuntu0.16.04.1.1257
2016-11-22 04:51:08 status installed chromium-browser:amd64 53.0.2785.143-0ubuntu0.16.04.1.1257
2016-11-22 04:51:08 status installed chromium-browser-l10n:all 53.0.2785.143-0ubuntu0.16.04.1.1257
2016-11-22 04:51:08 status installed libprocps4:amd64 2:3.3.10-4ubuntu2.2
2016-11-22 04:51:09 status installed procps:amd64 2:3.3.10-4ubuntu2.2
2016-11-22 04:51:09 status installed eole-resolvconf:all 2.6.0-117
2016-11-22 04:51:10 status installed isc-dhcp-client:amd64 4.3.3-5ubuntu12.4
2016-11-22 04:51:11 status installed isc-dhcp-server:amd64 4.3.3-5ubuntu12.4
2016-11-22 04:51:11 status installed isc-dhcp-common:amd64 4.3.3-5ubuntu12.4
2016-11-22 04:51:11 status installed apt-transport-https:amd64 1.2.15
2016-11-22 04:51:12 status installed python3-distupgrade:all 1:16.04.18
2016-11-22 04:51:12 status installed ubuntu-release-upgrader-core:all 1:16.04.18
2016-11-22 04:51:12 status installed creole-common:all 2.6.0-98
2016-11-22 04:51:14 status installed eole-common-pkg:all 2.6.0-117
2016-11-22 04:51:14 status installed zephir-client:all 2.6.0-49
2016-11-22 04:51:15 status installed zephir-stats:all 2.6.0-49
2016-11-22 04:51:15 status installed eole-ad-dc-pkg:all 2.6.0-68
2016-11-22 04:51:15 status installed linux-firmware:all 1.157.5
2016-11-22 04:51:15 status installed xserver-common:all 2:1.18.4-0ubuntu0.2
2016-11-22 04:51:15 status installed xserver-xorg-core:amd64 2:1.18.4-0ubuntu0.2
2016-11-22 04:51:15 status installed python-creole:all 2.6.0-98
2016-11-22 04:51:15 status installed creole:all 2.6.0-98
2016-11-22 04:51:20 status installed eole-server:all 2.6.0-117
2016-11-22 04:51:20 status installed eole-ad-dc:all 2.6.0-68
2016-11-22 04:51:20 status installed eole-seth:all 2.6.0-68
2016-11-22 04:51:20 status installed eole-seth-module:all 2.6.0-68
2016-11-22 04:51:20 status installed eole-seth-all:all 2.6.0-68
2016-11-22 04:51:20 status installed python-pyeole:all 2.6.0-22
2016-11-22 04:51:20 status installed libc-bin:amd64 2.23-0ubuntu4

Back