Environment
Domain Services for Windows
Novell Open Enterprise Server 2 Support Pack 3
Novell Open Enterprise Server 11
SUSE Linux Enterprise Server 10 Service Pack 4
Novell Open Enterprise Server 2 Support Pack 3
Novell Open Enterprise Server 11
SUSE Linux Enterprise Server 10 Service Pack 4
Situation
After the installation of Samba version 3.0.36-0.13.18.1, the execution of the login scripts and GPO's fails when the workstation connects to an ADC during the login process.
The issue only occurs in environments having DSfW Additional Domain Controllers.
When the "gpupdate /force" command is executed on a workstation the following error message is being returned.
Error: Group policies path was not found in the specified location
When the DSfW Additional Domain Controller is affected by the issue, when accessing \\domain.com\sysvol from a workstation the following directory structure is displayed:
- Policies
- scripts
- sysvol
When the DSfW Additional Domain Controller is not affected, the following directory structure is displayed while accessing \\domain.com\sysvol from a workstation.
\\domain.com\sysvol\domain.com\
In this case \\domain.com\sysvol\domain.com contains the following directory structure:
- Policies
- scripts
- sysvol
The issue only occurs in environments having DSfW Additional Domain Controllers.
When the "gpupdate /force" command is executed on a workstation the following error message is being returned.
Error: Group policies path was not found in the specified location
When the DSfW Additional Domain Controller is affected by the issue, when accessing \\domain.com\sysvol from a workstation the following directory structure is displayed:
- Policies
- scripts
- sysvol
When the DSfW Additional Domain Controller is not affected, the following directory structure is displayed while accessing \\domain.com\sysvol from a workstation.
\\domain.com\sysvol\domain.com\
In this case \\domain.com\sysvol\domain.com contains the following directory structure:
- Policies
- scripts
- sysvol
Resolution
The Additional Information section contains a script which can be used to correct the issue.
Verify the Sysvol DFS referral links in the following location by running the ls -l command on the DSfW Additional Domain Controller.
Prior to the execution of the updateDFSlink.sh script, the symbolic link looks as follows:
ls -l /var/opt/novell/xad/msdfs
msdfs:adcserver\sysvol-msdfs\domain.com,frdserver\sysvol\domain.com
This is also how the symbolic link should look when an earlier version of samba is installed.
The updateDFSlink.sh script should only be used in combination with samba-3.0.36-0.13.18.1 or newer.
Use the updateDFSlink.sh script to modify the symbolic link on each DSfW Additional Domain Controller.
Steps to apply:
Copy the script to /tmp/
chmod 700 /tmp/updateDFSlink.sh
/tmp/updateDFSlink.sh
After the execution of the script, the symbolic link should look as follows:
ls -l /var/opt/novell/xad/msdfs
msdfs:adcserver\sysvol-msdfs,frdserver\sysvol
Verify the Sysvol DFS referral links in the following location by running the ls -l command on the DSfW Additional Domain Controller.
Prior to the execution of the updateDFSlink.sh script, the symbolic link looks as follows:
ls -l /var/opt/novell/xad/msdfs
msdfs:adcserver\sysvol-msdfs\domain.com,frdserver\sysvol\domain.com
This is also how the symbolic link should look when an earlier version of samba is installed.
The updateDFSlink.sh script should only be used in combination with samba-3.0.36-0.13.18.1 or newer.
Use the updateDFSlink.sh script to modify the symbolic link on each DSfW Additional Domain Controller.
Steps to apply:
Copy the script to /tmp/
chmod 700 /tmp/updateDFSlink.sh
/tmp/updateDFSlink.sh
After the execution of the script, the symbolic link should look as follows:
ls -l /var/opt/novell/xad/msdfs
msdfs:adcserver\sysvol-msdfs,frdserver\sysvol
Status
Reported to EngineeringAdditional Information
Contact Novell Support and reference this TID for the updateDFSlink.sh or create the script by copying and pasting the below information.
#!/bin/bash
Log()
{
Message=`echo "$*"`;
echo "$Message";
}
main()
{
RootDomain=$(/opt/novell/xad/share/dcinit/printConfigKey.pl "Root Domain" 2> /dev/null);
LinkFile=$(ls /var/opt/novell/xad/msdfs/ 2>/dev/null);
if [ "$RootDomain" = "$LinkFile" ]
then
Log "Link File present, proceeding with modify";
LinkValue=$(ls -l /var/opt/novell/xad/msdfs/$LinkFile | awk -F"-> " '{print $2}' 2>/dev/null);
if [ $LinkValue = "" ]
then
Log "Unable deduce the link value for $LinkFile";
exit 1;
else
Log "Current Link value $LinkValue"
fi
Link1=$(echo $LinkValue | sed "s/msdfs\\\\${RootDomain},/msdfs,/i");
NewLink=$(echo $Link1 | sed "s/sysvol\\\\${RootDomain}$/sysvol/i");
Log "Setting the new link as -- $NewLink";
cd /var/opt/novell/xad/msdfs/;
rm $RootDomain;
ln -sf $NewLink $RootDomain;
cd - 2>&1 > /dev/null;
LinkValue=$(ls -l /var/opt/novell/xad/msdfs/$LinkFile);
Log "Active link is $LinkValue";
chown -R administrator:"domain admins" /var/opt/novell/xad/msdfs/
else
echo "Link Not present. Execute this script only on ADC"
exit 1
fi
exit 0
}
main $@