[Samba] Few questions about members
L.P.H. van Belle
belle at bazuin.nl
Fri Jun 6 07:52:51 MDT 2014
Did you set the privileges on the member server.
here you have them.. if you get a denied when attempting to apply them.
add the file /etc/samba/samba_usermapping
!root = YOURDOMAIN\Administrator YOURDOMAIN\administrator
If you Administrator is not "Administrator, then change that in the above line or add them also.
and in smb.conf
username map = /etc/samba/samba_usermapping
reload samba
and run :
SETNTPASSWD="YourAdministratorPassword"
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeDiskOperatorPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeTakeOwnershipPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeBackupPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeRestorePrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeRemoteShutdownPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SePrintOperatorPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeAddUsersPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeDiskOperatorPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeSecurityPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeSystemtimePrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeShutdownPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeDebugPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeSystemEnvironmentPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeSystemProfilePrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeProfileSingleProcessPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeIncreaseBasePriorityPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeLoadDriverPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeCreatePagefilePrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeIncreaseQuotaPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeChangeNotifyPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeUndockPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeManageVolumePrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeImpersonatePrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeCreateGlobalPrivilege -UAdministrator
echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain Admins" SeEnableDelegationPrivilege -UAdministrator
Greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: campbell at cnpapers.com
>[mailto:samba-bounces at lists.samba.org] Namens Steve Campbell
>Verzonden: vrijdag 6 juni 2014 15:09
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] Few questions about members
>
>
>On 6/6/2014 8:47 AM, steve wrote:
>> On Fri, 2014-06-06 at 08:35 -0400, Steve Campbell wrote:
>>> On 6/5/2014 4:54 PM, steve wrote:
>>>> On Thu, 2014-06-05 at 15:58 -0400, Steve Campbell wrote:
>>>>
>>>>>> /etc/hostname
>>>>> No such file
>>>> create it with:
>>>> storage.ts.mystuff.com
>>>>
>>>> hostname -d
>>>>
>>>> Now try to read the shares.
>>>>
>>>>
>>> Still no luck. Permission denied. Error code 5 in Microsoft
>>> Administration tools.
>>>
>>> steve
>> How are you accessing the shares? Is the ws also joined to
>the domain?
>> hostname -d
>> ?
>>
>>
>Yes the ws is in the domain. We're trying to use the Microsoft Active
>Directory Manager for XP. We can see the member server in the
>Users and
>Computers. When we attempt to "manage" it, we're asked for a password
>and then we get permission denied, error code 5.
>
>steve
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list