Difference between revisions of "Things that break group policy"
Jump to navigation
Jump to search
m (spelling) |
m (add systems category) |
||
| Line 35: | Line 35: | ||
If <code>samba-tool ntacls sysvolcheck</code> reveals a problem after every rsync of the sysvol, you may want to copy /var/lib/samba/private/idmap.ldb from the rsync host to the replicated Domain Controller. | If <code>samba-tool ntacls sysvolcheck</code> reveals a problem after every rsync of the sysvol, you may want to copy /var/lib/samba/private/idmap.ldb from the rsync host to the replicated Domain Controller. | ||
| + | |||
| + | [[Category:Systems]] | ||
Latest revision as of 13:54, 9 November 2017
Group Policy
Group policy on windows controls windows settings for the domain.
It's used for the following
- Determing logon rights for pc's hooked into the shopbot and laser cutter
- setting registry keys for certains software licenses
- disabling power saveing
Basic Troubleshooting
If you notice something wrong, the following command will trigger a group policy update, and may display information about what went wrong.
gpupdate gpupdate /force gpupdate /force /sync
Time desync
If the computer's time is desynchronized from AD:
net time /domain /set /y
and try gpupdate again
Garbage in sysvol
I don't know if this actually fixed anything, but try running the following commands as root on the Domain Controller
samba-tool dbcheck --cross-ncs --reset-well-known-acls --fix samba-tool ntacl sysvolreset samba-tool dbcheck --cross-ncs --fix
ACLs break after rsync
If samba-tool ntacls sysvolcheck reveals a problem after every rsync of the sysvol, you may want to copy /var/lib/samba/private/idmap.ldb from the rsync host to the replicated Domain Controller.