Things that break group policy: Difference between revisions
From Pumping Station One
No edit summary |
|||
| Line 31: | Line 31: | ||
samba-tool ntacl sysvolreset | samba-tool ntacl sysvolreset | ||
samba-tool dbcheck --cross-ncs --fix | samba-tool dbcheck --cross-ncs --fix | ||
=== ACLs break after rsync === | |||
If <code>samba-tool ntacls sysvolcheck</code> reveals a problem after every rsync of the sysvol, you may want to copy /var/lib/samba/private/idmap.ldb from the rsync host to the replicated Domain Controller. | |||
Revision as of 08:37, 13 October 2014
Group Policy
Group policy on windows controls windows settings for the domain.
It's used for the following
- Determing logon rights for pc's hooked into the shopbot and laser cutter
- setting registry keys for certains fotware licenses
- disabling power saveing
Basic Troubleshooting
If you notice something wrong, the following command will trigger a group policy update, and may display information about what went wrong.
gpupdate gpupdate /force gpupdate /force /sync
Time desync
If the computer's time is desynchronized from AD:
net time /domain /set /y
and try gpupdate again
Garbage in sysvol
I don't know if this actually fixed anything, but try running the following commands as root on the Domain Controller
samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix samba-tool ntacl sysvolreset samba-tool dbcheck --cross-ncs --fix
ACLs break after rsync
If samba-tool ntacls sysvolcheck reveals a problem after every rsync of the sysvol, you may want to copy /var/lib/samba/private/idmap.ldb from the rsync host to the replicated Domain Controller.
