[Samba] privileges in 3.11?
Gerald (Jerry) Carter
jerry at samba.org
Mon Feb 7 14:16:11 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dmitry Melekhov wrote:
| I found a reason.
| Problem is that I created tdbsam from smbpasswd
| using pdbedit. Now I tried to reproduce this and
| here is pdbedit output:
|
| Processing account root
| tdb_update_sam: Failing to store a SAM_ACCOUNT for [root] without a
| primary group RID
| pdb_getsampwent
|
| And then I can't modify or add root account with the same result:
|
| tdb_update_sam: Failing to store a SAM_ACCOUNT for [root] without a
| primary group RID
|
| This problem appears only if groupmap to unixgroup exists:
|
| ./net groupmap list
|
| Domain Admins (S-1-5-21-2314933419-357499204-1604414191-512) -> root
The problem is actually that Windows does not allow a user and
group to have the same name. You must assign a different display
name to group map entry.
This is strange though. I'll look into it some more.
| Then if I add groupmapping all works:
|
| [root at dm bin]# ./net groupmap modify
| sid=S-1-5-21-1953428550-3027608681-49554636-512 unixgroup=root
| Updated mapping entry for Domain Admins
| [root at dm bin]# ./net rpc rights grant 'TEST\dm' SePrintOperatorPrivilege
| Password:
| Successfully granted rights.
Thanks for the feedback.
cheers, jerry
=====================================================================
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"I never saved anything for the swim back." Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCB3grIR7qMdg1EfYRAt1sAJ4i42y7L77l8lJsscUf/f8jF6zpoACg7Jkq
alziuwles1xVL46cOdzCciA=
=22Dj
-----END PGP SIGNATURE-----
More information about the samba
mailing list