[Samba] Joining a domain with a non-administrator account

David Sonenberg dsonenberg at strozllc.com
Tue Feb 8 16:13:40 GMT 2005


I'm trying to set it up so I can join the domain with a regular user 
that is part of the domain admin group.  I have a user dsonenberg that 
is in the domain admin group(512), but I can't join the domain with that 
account.  For the record I can login with that account and Administrator 
can join the domain.  The PDC has an LDAP backend.  Here's the log.

2005/02/08 10:26:25, 2] smbd/sesssetup.c:setup_new_vc_session(608)
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
all old resources.
[2005/02/08 10:26:25, 2] smbd/sesssetup.c:setup_new_vc_session(608)
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
all old resources.
[2005/02/08 10:26:25, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511)
  init_sam_from_ldap: Entry found for user: dsonenberg
[2005/02/08 10:26:25, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011)
  init_group_from_ldap: Entry found for group: 512
[2005/02/08 10:26:25, 2] auth/auth.c:check_ntlm_password(305)
  check_ntlm_password:  authentication for user [dsonenberg] -> 
[dsonenberg] -> [dsonenberg] succeeded
[2005/02/08 10:26:25, 2] smbd/server.c:exit_server(571)
  Closing connections
[2005/02/08 10:26:26, 2] smbd/sesssetup.c:setup_new_vc_session(608)
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
all old resources.
[2005/02/08 10:26:26, 2] smbd/sesssetup.c:setup_new_vc_session(608)
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would close 
all old resources.
[2005/02/08 10:26:26, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511)
  init_sam_from_ldap: Entry found for user: dsonenberg
[2005/02/08 10:26:26, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011)
  init_group_from_ldap: Entry found for group: 512
[2005/02/08 10:26:26, 2] auth/auth.c:check_ntlm_password(305)
  check_ntlm_password:  authentication for user [dsonenberg] -> 
[dsonenberg] -> [dsonenberg] succeeded
[2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
  Returning domain sid for domain STROZLLC -> 
S-1-5-21-1001378032-4272845324-1772824492
[2005/02/08 10:26:26, 2] 
rpc_server/srv_samr_nt.c:access_check_samr_object(93)
  _samr_open_domain: ACCESS DENIED  (requested: 0x00000211)
[2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
  Returning domain sid for domain STROZLLC -> 
S-1-5-21-1001378032-4272845324-1772824492
[2005/02/08 10:26:26, 2] 
rpc_server/srv_samr_nt.c:access_check_samr_function(115)
  _samr_create_user: ACCESS DENIED (granted: 0x00000201;  required: 
0x00000010)
[2005/02/08 10:26:26, 2] smbd/server.c:exit_server(571)
  Closing connections

-- 
David Sonenberg
Systems / Network Administrator
Stroz Friedberg, LLC
15 Maiden Lane
15th Floor
New York, NY 10038
212.981.6527 (o) | 917.495.4918 (c)



More information about the samba mailing list