[Samba] Re: domain admin --> problem with secrets.tdb
ajacoutot at lphp.org
Mon Sep 15 15:14:56 GMT 2003
Antoine Jacoutot wrote:
> All my users sambaPrimaryGroupSID are set to 513. Now, I added some
> users to the "domainadmins" group (with the memberUid attribute in LDAP)
> but they do not get admin priviledges on NT workstations...
> What am I missing here ?
> I also added "@domainadmins" to the "user admins" parameter in smb.conf,
> but it does not work.
OK, I found what was causing the problem. But it is not fine :(
Basically, I had some errors about samba not being able to connect to
ldap because it was not root. In fact, what happened is that some samba
functions didn't have the right to read secrets.tdb, so I chmod it to
644 and now everything works great... except that 644 for secrets.tdb in
NOT a fine setup.
I found some similar cases, googling, but all the bugzilla that were
reported about it are in state FIXED... so I don't quite understand why
I am seing this behaviour.
More information about the samba