[Samba] Fwd: net rpc rights grant fail to connect 127.0.0.1

Douglas G. Oechsler doguibnu at gmail.com
Wed Jul 15 13:27:09 UTC 2020 

Hello!

I really do not know what to do. Still in error. I did step by step ad-dc
and AD Member file server.
Any other idea please?

username map - check

Command from AD Member:

Error:
net rpc rights grant "MYDOMAIN\Unix Admins" SeDiskOperatorPrivilege -U
"MYDOMAIN\Administrator"
Enter MYDOMAIN\Administrator's password:
Could not connect to server 127.0.0.1

 testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER

Member AD smb.conf

# Global parameters
[global]
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
log file = /var/log/samba/%m.log
realm = AD.MYDOMAIN.BR
security = ADS
template homedir = /home/%U
template shell = /bin/bash
username map = /etc/samba/etc/user.map
winbind refresh tickets = Yes
winbind use default domain = Yes
workgroup = MYDOMAIN
idmap config mydomain:unix_primary_group = yes
idmap config mydomain:unix_nss_info = yes
idmap config mydomain:range = 10000-999999
idmap config mydomain:schema_mode = rfc2307
idmap config mydomain:backend = ad
idmap config * : range = 3000-7999
idmap config * : backend = tdb
map acl inherit = Yes
vfs objects = acl_xattr

Thanks attention



Em ter., 14 de jul. de 2020 às 10:39, Rowland penny via samba <
samba at lists.samba.org> escreveu:

> On 14/07/2020 14:08, Douglas G. Oechsler wrote:
> > Hello Friends!
> >
> > I start from zero again to configure ad-dc and ad member file server.
> > In ad-dc way seems all working well
> >
> > In *ad member file server *maybe I did wrong configuration. Checking
> > now, I add symbolic link of *libnss_winbind*. But, symbolic link it is
> > only for Samba compiled. I did not compile samba, I use the samba
> > package from distro.
> > Can be this affecting the command: *net rpc right?*
>
> Ah, the old 'problem between keyboard and chair' bug ;-)
>
> Or to put it another way, yes
>
> Rowland
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


-- 
*Douglas Giovani Oechsler*
e-mail: doguibnu at gmail.com <douglasgiovani at oechsler.com.br>
*Prudentópolis - PR*



-- 
*Douglas Giovani Oechsler*
e-mail: doguibnu at gmail.com <douglasgiovani at oechsler.com.br>
*Prudentópolis - PR*

More information about the samba mailing list