[Samba] can't open/create local group with usrmgr
yaya
MaceWinX at HotPOP.com
Wed Oct 26 08:59:07 GMT 2005
Yes, I 'enable privileges = yes' in smb.conf.
[root at server-1 sbin]# ./smbldap-usermod -G +512 yaya
User "yaya" already member of the group "512".
..but....
[root at server-1 sbin]# ldapsearch -x -D
cn=Manager,dc=sma,dc=al-izhar-jkt,dc=sch,dc=id -W uid=yaya
...cutted....
gidNumber: 513
sambaPrimaryGroupSID: S-1-5-21-2567078096-2875653774-645762936-513
...cutted....
Should I set the 'gidNumber: 512 and the 'sambaPrimaryGroupSID:
S-1-5-21-2567078096-2875653774-645762936-512' too?
[root at server-1 sbin]# net rpc rights list accounts
Password:
..cutted..
SMA\Domain Admins
SeMachineAccountPrivilege
SeRemoteShutdownPrivilege
SePrintOperatorPrivilege
SeAddUsersPrivilege
SeDiskOperatorPrivilege
..cutted..
TiA,
yaya
----- Original Message -----
From: "Jerome Tournier" <jerome.tournier at idealx.com>
To: <samba at lists.samba.org>
Sent: Wednesday, October 26, 2005 2:32 PM
Subject: Re: [Samba] can't open/create local group with usrmgr
Le Wed, Oct 26, 2005 at 12:30:06PM +0700, yaya a ecrit:
> When I do it as root, the usrmgr message:
> The following error occured creating the local group Staffs:
> Access is denied.
> I installed Samba with ldap backend and applying IDEALX. I need to
> create/manage users and groups with usrmgr.
Did you tried setting priviledge to the "Domain Admins" group (for example),
and then tried to use a member of this group ?
. smbldap-usermod -G +512 adminuser
. "enable privileges = yes" in smb.conf
. net -U root%XXX rpc rights grant 'SMB-DOM\Domain Admins'
SeMachineAccountPrivilege
--
Jérôme
More information about the samba
mailing list