Sysvolcheck returns error on backup DC upon each replication

Spread the love

I have two DCs in my Samba AD with sysvol replication via rsync set up to run every 5 minutes.
On the PDC, samba-tool ntacl sysvolcheck returns no errors.
On the BDC, samba-tool ntacl sysvolcheck returns this error:
ERROR(<class ‘samba.provision.ProvisioningError’>): uncaught exception – ProvisioningError: VFS ACL on sysvol directory /var/lib/samba/sysvol/<my domain> O:LAG:BAD:(A;OICI;0x001f01ff;;;LA)(A;OICI;0x001200a9;;;LG)(A;OICI;0x001f01ff;;;BG)(A;OICI;0x001200a9;;;BU)(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;LG)(A;OICI;0x001f01ff;;;BG)(A;OICI;0x001200a9;;;BU)(A;;0x001f01ff;;;BA)(A;;0x001f01ff;;;LA)(A;;0x001200a9;;;WD)(A;OICIIO;0x001f01ff;;;CO)(A;OICIIO;;;;CG)(A;OICIIO;;;;WD) does not match expected value O:LAG:BAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;SO)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU) from provision
File “/usr/lib/python3/dist-packages/samba/netcmd/”, line 186, in _run
return*args, **kwargs)
File “/usr/lib/python3/dist-packages/samba/netcmd/”, line 453, in run
provision.checksysvolacl(samdb, netlogon, sysvol,
File “/usr/lib/python3/dist-packages/samba/provision/”, line 1896, in checksysvolacl
raise ProvisioningError(‘%s ACL on sysvol directory %s %s does not match expected value %s from provision’ % (acl_type(direct_db_access), dir_path, fsacl_sddl, SYSVOL_ACL))

I can run sysvolreset on the BDC which fixes the problem, but then after 5 minutes when the rsync job finishes replication the error returns on the BDC once again.
And during all this the PDC still returns no errors. It seems like something going on exclusively on the BDC’s end.
As far as I can see, this isn’t really causing any problems…group policies still work on the domain. Should I just let this go then?
Any help would be appreciated!

X ITM Cloud News


Leave a Reply

Next Post

How to setup visual studio on windows for remote linux build with Qt

Fri Sep 11 , 2020
Spread the love          Pretty much what question says. I need to setup Qt on Ubuntu server and compile C++ code (for Ubuntu) from Visual Studio (2019) running on Windows. I’ve installed Qt Visual Studio Tools and I can compile and run the following code using the Linux development with C++ Toolset: […]

Cloud Computing – Consultancy – Development – Hosting – APIs – Legacy Systems

X-ITM Technology helps our customers across the entire enterprise technology stack with differentiated industry solutions. We modernize IT, optimize data architectures, and make everything secure, scalable and orchestrated across public, private and hybrid clouds.

This image has an empty alt attribute; its file name is x-itmdc.jpg

The enterprise technology stack includes ITO; Cloud and Security Services; Applications and Industry IP; Data, Analytics and Engineering Services; and Advisory.

Watch an animation of  X-ITM‘s Enterprise Technology Stack

We combine years of experience running mission-critical systems with the latest digital innovations to deliver better business outcomes and new levels of performance, competitiveness and experiences for our customers and their stakeholders.

X-ITM invests in three key drivers of growth: People, Customers and Operational Execution.

The company’s global scale, talent and innovation platforms serve 6,000 private and public-sector clients in 70 countries.

X-ITM’s extensive partner network helps drive collaboration and leverage technology independence. The company has established more than 200 industry-leading global Partner Network relationships, including 15 strategic partners: Amazon Web Services, AT&T, Dell Technologies, Google Cloud, HCL, HP, HPE, IBM, Micro Focus, Microsoft, Oracle, PwC, SAP, ServiceNow and VMware