regularuser@LCXVDU22NPE4030:~$ sudo adsysctl update -m -vvv
INFO github.com/ubuntu/adsys/internal/config/config.go:78 Init() Using configuration file: /etc/adsys.yaml
DEBUG Connecting as [[4492:009622]]
DEBUG github.com/ubuntu/adsys/internal/grpc/logconnections/logconnections.go:27 StreamServerInterceptor.func1() New request /service/UpdatePolicy
DEBUG github.com/ubuntu/adsys/internal/grpc/logconnections/logconnections.go:60 loggedServerStream.RecvMsg() Requesting with parameters: IsComputer: true, All: false, Target: LCXVDU22NPE4030, Krb5Cc:
DEBUG github.com/ubuntu/adsys/internal/ad/ad.go:571 (*AD).NormalizeTargetName() NormalizeTargetName for "LCXVDU22NPE4030", type "computer"
DEBUG github.com/ubuntu/adsys/internal/authorizer/authorizer.go:111 Authorizer.IsAllowedFromContext() Check if grpc request peer is authorized
DEBUG github.com/ubuntu/adsys/internal/authorizer/authorizer.go:150 Authorizer.isAllowed() Authorized as being administrator
DEBUG github.com/ubuntu/adsys/internal/ad/ad.go:225 (*AD).GetPolicies() GetPolicies for "LCXVDU22NPE4030", type "computer"
DEBUG github.com/ubuntu/adsys/internal/ad/ad.go:293 (*AD).GetPolicies() Getting gpo list with arguments: "--objectclass computer ldap://n060adkhdc121.domain.com LCXVDU22NPE4030"
DEBUG github.com/ubuntu/adsys/internal/ad/ad.go:315 (*AD).GetPolicies() GPO "0000000000cEntCTX-Ubuntu-Edge" for "LCXVDU22NPE4030" available at "smb://domain.com/SysVol/domain.com/Policies/{F7E97A8D-7DB1-4571-956A-005D1658DC35}"
DEBUG github.com/ubuntu/adsys/internal/ad/ad.go:315 (*AD).GetPolicies() GPO "0000000000cEntCtx-Ubuntu-Test" for "LCXVDU22NPE4030" available at "smb://domain.com/SysVol/domain.com/Policies/{5B925A10-9572-4FB8-B9A0-DB2DFF9EF34B}"
DEBUG github.com/ubuntu/adsys/internal/ad/download.go:113 (*AD).fetch.func2() Analyzing "0000000000cEntCtx-Ubuntu-Test"
DEBUG github.com/ubuntu/adsys/internal/ad/download.go:113 (*AD).fetch.func2() Analyzing "0000000000cEntCTX-Ubuntu-Edge"
DEBUG github.com/ubuntu/adsys/internal/ad/download.go:113 (*AD).fetch.func2() Analyzing "assets"
INFO github.com/ubuntu/adsys/internal/ad/download.go:124 (*AD).fetch.func2() No assets directory with GPT.INI file found on AD, skipping assets download
ERRORgithub.com/ubuntu/adsys/cmd/adsysd/main.go:50 main.run() Error from server: error while updating policy: can't get policies for "LCXVDU22NPE4030": can't download all gpos and assets: one or more error while fetching GPOs and assets: can't download "0000000000cEntCtx-Ubuntu-Test": can't check if 0000000000cEntCtx-Ubuntu-Test needs refreshing: no GPT.INI file: cannot open smb://domain.com/SysVol/domain.com/Policies/{5B925A10-9572-4FB8-B9A0-DB2DFF9EF34B}/GPT.INI: invalid argument
Let me know if you want any additional information or want me to try anything. These are VMs so I can spin them back up quickly if I brick one.
I can do a cifs mount to the GPT.INI file and open it just fine but Adsys and Smbclient will fail out trying to hit those directly. I did notice smbclient works when using the -D flag....smbclient //example.com/sysvol -D "example.com/policies/{policy}" Without that flag (smbclient //example.com/sysvol/example.com/policies/{policy}) it comes back with tree connect failed: NT_STATUS_BAD_NETWORK_NAME Case matching doesn't seem to make a difference for me. I thought it was a client side configuration problem and have been tinkering with SMB.conf but I had not gotten anywhere.
regularuser@ LCXVDU22NPE4030 :~$ apt list --installed | grep adsys
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
adsys/jammy- updates, now 0.9.2~22.04.2 amd64 [installed] LCXVDU22NPE4030 :~$ apt list --installed | grep libsmbclient
regularuser@
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
libsmbclient/ jammy-security, now 2:4.15. 13+dfsg- 0ubuntu1. 5 amd64 [installed, automatic]
regularuser@ LCXVDU22NPE4030 :~$ sudo adsysctl update -m -vvv com/ubuntu/ adsys/internal/ config/ config. go:78 Init() Using configuration file: /etc/adsys.yaml com/ubuntu/ adsys/internal/ grpc/logconnect ions/logconnect ions.go: 27 StreamServerInt erceptor. func1() New request /service/ UpdatePolicy com/ubuntu/ adsys/internal/ grpc/logconnect ions/logconnect ions.go: 60 loggedServerStr eam.RecvMsg( ) Requesting with parameters: IsComputer: true, All: false, Target: LCXVDU22NPE4030, Krb5Cc: com/ubuntu/ adsys/internal/ ad/ad.go: 571 (*AD).Normalize TargetName( ) NormalizeTargetName for "LCXVDU22NPE4030", type "computer" com/ubuntu/ adsys/internal/ authorizer/ authorizer. go:111 Authorizer. IsAllowedFromCo ntext() Check if grpc request peer is authorized com/ubuntu/ adsys/internal/ authorizer/ authorizer. go:150 Authorizer. isAllowed( ) Authorized as being administrator com/ubuntu/ adsys/internal/ ad/ad.go: 225 (*AD).GetPolicies() GetPolicies for "LCXVDU22NPE4030", type "computer" com/ubuntu/ adsys/internal/ ad/ad.go: 293 (*AD).GetPolicies() Getting gpo list with arguments: "--objectclass computer ldap:// n060adkhdc121. domain. com LCXVDU22NPE4030" com/ubuntu/ adsys/internal/ ad/ad.go: 315 (*AD).GetPolicies() GPO "0000000000cEnt CTX-Ubuntu- Edge" for "LCXVDU22NPE4030" available at "smb:// domain. com/SysVol/ domain. com/Policies/ {F7E97A8D- 7DB1-4571- 956A-005D1658DC 35}" com/ubuntu/ adsys/internal/ ad/ad.go: 315 (*AD).GetPolicies() GPO "0000000000cEnt Ctx-Ubuntu- Test" for "LCXVDU22NPE4030" available at "smb:// domain. com/SysVol/ domain. com/Policies/ {5B925A10- 9572-4FB8- B9A0-DB2DFF9EF3 4B}" com/ubuntu/ adsys/internal/ ad/download. go:113 (*AD).fetch.func2() Analyzing "0000000000cEnt Ctx-Ubuntu- Test" com/ubuntu/ adsys/internal/ ad/download. go:113 (*AD).fetch.func2() Analyzing "0000000000cEnt CTX-Ubuntu- Edge" com/ubuntu/ adsys/internal/ ad/download. go:113 (*AD).fetch.func2() Analyzing "assets" com/ubuntu/ adsys/internal/ ad/download. go:124 (*AD).fetch.func2() No assets directory with GPT.INI file found on AD, skipping assets download com/ubuntu/ adsys/cmd/ adsysd/ main.go: 50 main.run() Error from server: error while updating policy: can't get policies for "LCXVDU22NPE4030": can't download all gpos and assets: one or more error while fetching GPOs and assets: can't download "0000000000cEnt Ctx-Ubuntu- Test": can't check if 0000000000cEntC tx-Ubuntu- Test needs refreshing: no GPT.INI file: cannot open smb://domain. com/SysVol/ domain. com/Policies/ {5B925A10- 9572-4FB8- B9A0-DB2DFF9EF3 4B}/GPT. INI: invalid argument
INFO github.
DEBUG Connecting as [[4492:009622]]
DEBUG github.
DEBUG github.
DEBUG github.
DEBUG github.
DEBUG github.
DEBUG github.
DEBUG github.
DEBUG github.
DEBUG github.
DEBUG github.
DEBUG github.
DEBUG github.
INFO github.
ERRORgithub.
Let me know if you want any additional information or want me to try anything. These are VMs so I can spin them back up quickly if I brick one.
I can do a cifs mount to the GPT.INI file and open it just fine but Adsys and Smbclient will fail out trying to hit those directly. I did notice smbclient works when using the -D flag....smbclient //example. com/sysvol -D "example. com/policies/ {policy} " Without that flag (smbclient //example. com/sysvol/ example. com/policies/ {policy} ) it comes back with tree connect failed: NT_STATUS_ BAD_NETWORK_ NAME Case matching doesn't seem to make a difference for me. I thought it was a client side configuration problem and have been tinkering with SMB.conf but I had not gotten anywhere.