# Create a file system security descriptor
domain_sid = security.dom_sid(self.samdb.get_domain_sid())
- sddl = dsacl2fsacl(ds_sd, domain_sid)
- fs_sd = security.descriptor.from_sddl(sddl, domain_sid)
+ fs_sd = dsacl2fsacl(ds_sd, domain_sid, as_sddl=False)
+ fs_sd.type = security.SEC_DESC_SELF_RELATIVE
+ fs_sd.type |= security.SEC_DESC_DACL_PROTECTED
+ fs_sd.type |= security.SEC_DESC_DACL_AUTO_INHERITED
+ fs_sd.type |= security.SEC_DESC_DACL_AUTO_INHERIT_REQ
+ fs_sd.type |= security.SEC_DESC_SACL_AUTO_INHERITED
# Copy GPO directory
create_directory_hier(conn, sharepath)