[Samba] net rpc rights problem with groups

Dirk.Laurenz at fujitsu-siemens.com Dirk.Laurenz at fujitsu-siemens.com
Fri Sep 23 19:28:02 GMT 2005 

Hello Jerry,

here's the avtive group mapping:

hgest3201:~ # net groupmap list
Domain Admins (S-1-5-21-3768962547-785479325-491471131-512) -> Domain Admins
Domain Users (S-1-5-21-3768962547-785479325-491471131-513) -> Domain Users
Domain Guests (S-1-5-21-3768962547-785479325-491471131-514) -> Domain Guests
Domain Computers (S-1-5-21-3768962547-785479325-491471131-515) -> Domain Computers
Administrators (S-1-5-32-544) -> Administrators
Account Operators (S-1-5-32-548) -> Account Operators
Print Operators (S-1-5-32-550) -> Print Operators
Backup Operators (S-1-5-32-551) -> Backup Operators
Replicators (S-1-5-32-552) -> Replicators
wksadd (S-1-5-21-3768962547-785479325-491471131-10213) -> wksadd
Subversion Admins (S-1-5-21-3768962547-785479325-491471131-10198) -> Subversion Admins
GES_BT (S-1-5-21-3768962547-785479325-491471131-10199) -> GES_BT
GES_BT-SN (S-1-5-21-3768962547-785479325-491471131-10200) -> GES_BT-SN
schreiben (S-1-5-21-3768962547-785479325-491471131-3007) -> schreiben
zugriff (S-1-5-21-3768962547-785479325-491471131-3011) -> zugriff
efsefewf (S-1-5-21-3768962547-785479325-491471131-10219) -> efsefewf
fcvxcvxcvxcvxcv (S-1-5-21-3768962547-785479325-491471131-10223) -> fcvxcvxcvxcvxcv
f2 (S-1-5-21-3768962547-785479325-491471131-10224) -> f2

hgest3201:~ # getent group | grep wksadd
wksadd:x:10213:laurenz.d,mathias

Mit freundlichem Gruß,



Dirk Laurenz
Systems Engineer	

Fujitsu Siemens Computers
S CE DE SE PS N/O
Sales Central Europe Deutschland 
Professional Service Nord / Ost

Hildesheimer Strasse 25
30880 Laatzen
Germany

Telephone:	+49 (511) 84 89 - 18 08
Telefax:	+49 (511) 84 89 - 25 18 08
Mobile:	+49 (170) 22 10 781
Email:	mailto:dirk.laurenz at fujitsu-siemens.com
Internet:	http://www.fujitsu-siemens.com
            http://www.fujitsu-siemens.de/services/index.html
*******************************************************************************************************************
  

-|  -----Original Message-----
-|  From: Gerald (Jerry) Carter [mailto:jerry at samba.org] 
-|  Sent: Friday, September 23, 2005 3:04 PM
-|  To: Oeltze, Benjamin
-|  Cc: samba at lists.samba.org; Laurenz, Dirk
-|  Subject: Re: [Samba] net rpc rights problem with groups
-|  
-|  -----BEGIN PGP SIGNED MESSAGE-----
-|  Hash: SHA1
-|  
-|  Benjamin.Oeltze at fujitsu-siemens.com wrote:
-|  
-|  | net rpc rights grant "TOPTEST\toptest.r" \
-|  |   SeMachineAccountPrivilege -U domainadmin
-|  |
-|  | net rpc rights shows:
-|  | hgest3201:~ # net rpc rights list accounts -Udomainadmin
-|  | Password:
-|  | TOPTEST\toptest.r
-|  | SeMachineAccountPrivilege
-|  |
-|  | The user can join workstations to TOPTEST.
-|  | But when I create a group named wksadd and grant
-|  | SeMachineAccountPrivilege to the group the users
-|  | of this group cant join workstations.
-|  |
-|  | net help rpc rights grant "TOPTEST\wksadd" \
-|  |   SeMachineAccountPrivilege -U domainadmin
-|  |
-|  | hgest3201:~ # net rpc rights list accounts -Udomainadmin
-|  | Password:
-|  | TOPTEST\wksadd
-|  | SeMachineAccountPrivilege
-|  |
-|  | Is this a bug ??
-|  
-|  Works fine here.  What group mapping do  have setup
-|  for TOPTEST\wksadd?
-|  
-|  
-|  
-|  
-|  
-|  
-|  cheers, jerry
-|  -----BEGIN PGP SIGNATURE-----
-|  Version: GnuPG v1.4.0 (GNU/Linux)
-|  Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-|  
-|  iD8DBQFDM/07IR7qMdg1EfYRAoQLAJ99Dn7FilutE7/M7dmnbcznvuXDbACgiya3
-|  tjlCiMVQ0OWJgVThsPLNBeI=
-|  =DQYM
-|  -----END PGP SIGNATURE-----
-|

More information about the samba mailing list