When trying to apply a Group Policy to a UNIX client the following error is displayed and the group policy is not applied:
CIFS error unable to log on to \\domainname\sysvol\domainname\GPOid\gpo.ini. Unable to connect to any domain controller. NT_connect refused
This is caused by VGP not being able to connect to the domain controller to get the Group Policy Object
Group Policies are copied to clients using CIFS (Common Internet File System), which uses port 445
1 - Confirm that there are no firewalls between the client and the domain controller that is issuing the Group Policy Objects.
2 - Check to make sure there is no local fire wall enabled on either the DC or VAS client.
3 - Port 445 can also be disabled on the DC using the following registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\SmbDeviceEnabled
1 = enable
0 = disable
Make sure this is not disabled
4 - Test port 445 communication from the client:
telnet 445
5 - Check the version of SMB enabled. In QAS 4.1.3 and up SMB2 used by default. QAS 4.1.0-4.1.2 uses SMB1 by default. Windows Server 2012 has SMB2 enabled by default.
For more information please read How Authentication Services Group Policy works and tips for troubleshooting (135145)
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center