Future Googlers... I noticed the problem was only occurring when I had both DCs turned on...so a temporary fix is:
For your PDC (presumably with the FSMO role PDC Emulator) set to: host msdfs = yes # in global msdfs root = yes # in sysvol For all of the other DCs: host msdfs = no # in global ------------------------------------------------- It's more of a workaround than a solution, because you can only use dfs on one DC...but at least group policy is working for me... On Tue, Sep 17, 2013 at 1:19 PM, Alan Romans <arom...@ashlandhc.org> wrote: > Even more info... > > *Broken Client, **dfsutil /spcinfo* > * > * > [*][bdc.ahc.pdc] > [*][AHC] > [*][ahc.pdc] > [-][AHC] > [-][ahc.pdc] > > Working Client, *dfsutil /spcinfo* > * > * > [*][bdc.ahc.pdc] > [*][AHC] > [*][ahc.pdc] > [-][AHC] > [+][ahc.pdc] > [-RADIUS-STORAGE.ahc.pdc] AccessStatus: 0xc00000be > [+BDC.ahc.pdc] AccessStatus: 0 > [-PDC.ahc.pdc] > * > * > > -------------------------------------------------------------------------------------- > > > * > * > > > > On Tue, Sep 17, 2013 at 12:58 PM, Alan Romans <arom...@ashlandhc.org>wrote: > >> I've found some more info... >> >> *Broken Client* >> dfsutil /pktinfo >> >> 0 entries... >> >> *Working Client* >> dfsutil /pktinfo >> >> 2 entries... >> Entry: \ahc.pdc\netlogon >> ShortEntry: \ahc.pdc\netlogon >> Expires in 561 seconds >> UseCount: 0 Type:0x1 ( DFS ) >> 0:[\RADIUS-STORAGE.ahc.pdc\netlogon] AccessStatus: 0xc00000cc ( >> TARGETSET ) >> 1:[\BDC.ahc.pdc\netlogon] AccessStatus: 0 ( ACTIVE ) >> 2:[\PDC.ahc.pdc\netlogon] >> >> Entry: \ahc.pdc\SysVol >> ShortEntry: \ahc.pdc\SysVol >> Expires in 189 seconds >> UseCount: 14 Type:0x1 ( DFS ) >> 0:[\RADIUS-STORAGE.ahc.pdc\SysVol] AccessStatus: 0xc00000be ( >> TARGETSET ) >> 1:[\BDC.ahc.pdc\SysVol] AccessStatus: 0 ( ACTIVE ) >> 2:[\PDC.ahc.pdc\SysVol] >> >> >> >> On Tue, Sep 17, 2013 at 10:13 AM, Alan Romans <arom...@ashlandhc.org>wrote: >> >>> I have two samba DCs (4.0.9) and no Windows DCs, and group policy is >>> failing. I've narrowed it down to an error accessing the sysvol folder. >>> >>> Some clients (not all clients) get the error "Element not found" when >>> connecting to our sysvol folder which is "\\ahc.pdc\sysvol\". The problem >>> seems to be intermittent, a client may suddenly start working again, or >>> suddenly stop. >>> >>> However, when connecting to it using the domain controller name >>> "\\BDC.ahc.pdc\sysvol\" it works 100% of the time. Unfortunately, this >>> isn't where clients look for group policy. >>> >>> Some history with this domain that may/may not help... >>> >>> We had a DC die on us and we had to seize FSMO roles on BDC.ahc.pdc. I >>> had to manually edit some DNS entries to get this to work as well. >>> >>> I've also been trying to get SSO working with Openfire, so I've used >>> setspn a number of times... >>> >> >> > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
