[Samba] Joining samba to AD domain with a non-admin user
qzhou at isilon.com
Fri Jul 18 00:12:46 GMT 2003
I need help to resolve this issue.
I saw that Andrew put a patch by Antti to enable users without full admin
access to join samba into an AD domain. I am playing with it and always get
"Insufficient access". Using the same user, I can join a Windows box into
the domain just fine. The user is a member of "domain users", but not
"domain admins". I can use a user in "domain admins" to join the AD domain
fine too. I tried with beta3, and it's the same as alpha24 and alpha21 (a21
did not have Antti's patch).
So my question is, is this supported, or broken, or am I using it wrong? The
failure happens during ldap_add_s called from ads_add_machine_acct(). I do
kinit before the "net ads join" command. However I haven't found where the
kerberos ticket was used before the failure although the ticket does make a
More information about the samba