[Samba] How to join a domain without using root?
Steve A
gmane at rowyerboat.com
Mon Jul 3 18:45:49 GMT 2006
This is part of a larger post that was maybe too complicated for me to get
the right answer, so I'm breaking it down and will do it bit by bit.
Server is Samba-3 PDC, clients are NT4 & XP.
I can join the domain using root credentials (so the add machine script
works), but not when using 'administrator'.
unixuser 'administrator' has primary unixgroup 'ntadmins'.
'ntadmins' is mapped to sambagroup 'Domain Admins'.
Samba 'administrator' has SID from <net getlocalsid>-500
I cannot join the domain using 'administrator' - I get error "The machine
account for this computer either does not exist or is anaccessible". But if
I change the unix uid/gid for 'administrator' - it works.
So...
1.
To clarify, does Samba automatically map usernames in smbpasswd to identical
unix usernames?
2.
I was referred to the 'net' command to map some NT rights to NT groups.
However, when I type 'net rpc rights list accounts' there are no domain
groups listed, only 'BUILTIN\...' groups. Is this correct? Because I would
like to add the SeMachineAccountPrivilege to the DOMAIN\Administrators group
(if that's the right way to solve my problem).
Many thanks,
Steve :)
More information about the samba
mailing list