DSfW: Recreate Default GPO objects

Document ID:7014599
Creation Date:20-Feb-2014
Modified Date:20-Feb-2014
- Micro Focus Products:
  eDirectory
  Open Enterprise Server
- SUSE Products:
  SUSE Linux Enterprise Server

Environment

Open Enterprise Server 11 SP2 (OES11SP2)

Domain Services for Windows

DSfW

Situation

The Default GPO is missing.

The Default GPO is not displayed in the Group Policy Management Console

The Default GPO objects are missing from under the CN=Policies,CN=System,o=yourcontainer

The sysvol has the {31B2F340-016D-11D2-945F-00C04FB984F9} directory

The {31B2F340-016D-11D2-945F-00C04FB984F9} is the default GPO GUID which should be a directory in the /var/opt/novell/xad/sysvol/domain/Policies

Resolution

Create a ldif called default-gpo.ldif changing the domain name and context listed in bold

In this example the container where the domain is mapped is o=novell

The domain name is novell.com

use ldap modify to apply the changes.

DSfW server example

export LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf

/usr/bin/ldapmodify -Y EXTERNAL -f default-gpo.ldif

eDirectory secure version

/usr/bin/ldapmodify -x -H ldaps:// -D cn=admin,o=novell -W -f default-gpo.ldif

Specifying another eDirectory server

/usr/bin/ldapmodify -x -H ldaps://192.168.0.29 -D cn=admin,o=novell -W -f default-gpo.ldif

For unsure connection remove the s as in this example

/usr/bin/ldapmodify -x -H ldap://192.168.0.29 -D cn=admin,o=novell -W -f default-gpo.ldif

Here is the content for the ldif, again, replace the names in bold with the container and domain name

dn: CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,o=novell

changetype: add

objectClass: groupPolicyContainer

showInAdvancedViewOnly: TRUE

displayName: Default Domain Policy

gPCFileSysPath: \\novell.com\sysvol\novell.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}

gPCFunctionalityVersion: 2

gPCMachineExtensionNames: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}]

gPCUserExtensionNames: [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}]

versionNumber: 65541

flags: 0

isCriticalSystemObject: TRUE

systemFlags: 2348810240

dn: CN=User,CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,o=novell

changetype: add

objectClass: Container

showInAdvancedViewOnly: TRUE

isCriticalSystemObject: TRUE

systemFlags: 2348810240

Create the

dn: CN=Machine,CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,o=novell

changetype: add

objectClass: Container

showInAdvancedViewOnly: TRUE

isCriticalSystemObject: TRUE

systemFlags: 2348810240