[Samba] Failed to set servicePrincipalNames 3.023rc3
Gerald (Jerry) Carter
jerry at samba.org
Mon Jul 3 14:42:19 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Henrik Zagerholm wrote:
> Just got a little curious on the "non-admin" part.
> I used the domain bultin Administrator account to join
> the domain. I know this account is member of both
> domain admin and enterprise admins.
> BTW Does this account need to set Primary Group to
> Domain Admins for it to work with Samba? MS States
> that you don't need to set the primary group if you
> don't use Macintosh or other POSIX clients... so maybe
> this one need to be set to Domain Admins? (It is
> Domain Users now..)
No. We don't worry about primary group membership.
The authorization check is done by AD anyways.
If you have ADSIedit installed, check the security
permissions for that account on the machine object.
I would expect the failure if you are restricted to
'validated writes' to dNSHostName and servicePrincipalName.
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba