[Samba] Re: Users that can add computers to Domain

beast beast at ldap.or.id
Sat Dec 2 05:49:24 GMT 2006

timothy johnson wrote:
> Oh, this is the error I get in windows:
> Logon Failure: unknown user name or bad password.
> But this same user can logon, and gets admin rights when they do logon.
> On 12/1/06, timothy johnson <mr2bigjohnson at gmail.com> wrote:
>> What does samba look for when a user trys to add a computer to the 
>> domain?
>> I have tried everything I can think of. Putting the user in different
>> groups, set the users primary group to different groups. Nothing has 
>> come of
>> this. I have every else in samba working right now, except printers, but
>> since I havent tried that, nor do I know how I can benefit from using 
>> samba
>> for printing. Anyways any help in the right direction would help.

Add this to smb.conf:

   enable privileges = yes

and then run this on every DC:

   net rpc rights grant 'NTDOMAIN\myuser' SeMachineAccountPrivilege -U 


More information about the samba mailing list