[Samba] rpc command function failed! (NT_STATUS_ACCESS_DENIED)
trying to grant privileges - 3.0.23a
Paul Griffith
paulg at cs.yorku.ca
Tue Jul 25 19:40:11 GMT 2006
On Tue, Jul 25, 2006 at 12:37:43PM -0500, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Paul Griffith wrote:
> > Greetings,
> >
> > I am in the process of testing Samba 3.0.23a with our own passdb
> > plugin.
> ...
> > $ net -d 3 -S JAZZY rpc rights grant 'JAZZY\tech'
> > SeMachineAccountPrivilege
> ...
> > Failed to grant privileges for JAZZY\tech (NT_STATUS_ACCESS_DENIED)
> > rpc command function failed! (NT_STATUS_ACCESS_DENIED)
> > return code = 1
> > -----
> >
> > What could be causing this error? The only thing that
> > catches my eyes is the following....
> ...
> > lsa_io_sec_qos: length c does not match size 8
>
> I think you need to look at the server logs and not the
> client logs to debug this. I'm pretty sure this error message
> is not the problem though.
>
>
>
>
>
> cheers, jerry
> =====================================================================
I wonder if this is the cause of my problem. I see Samba is trying to
see if the group exists with a getsampwnam() call, but a check of
3.0.20a shows the same behaviour, and the same results (user does not
exist), but I can still assign rights.
Does 3.0.23a need a successfult lookup of a group name to assign
rights?
[2006/07/25 15:07:11, 5] pdb_udb.c:pdb_udb_getsampwnam(540)
pdb_udb_getsampwnam: search by name: [tech]
[2006/07/25 15:07:11, 5] pdb_udb.c:pdb_udb_getsampwnam(575)
pdb_udb_getsampwnam: search key: [tech:user]
[2006/07/25 15:07:11, 2] pdb_udb.c:udb_cmd(133)
udb_cmd: sending: udb get tech:user name
[2006/07/25 15:07:11, 2] pdb_udb.c:udb_cmd(144)
udb_cmd: result: error record tech:user does not exist
[2006/07/25 15:07:11, 0] pdb_udb.c:udb_to_sam(314)
udb_to_sam: record [tech:user] does not exist
[2006/07/25 15:07:11, 5] pdb_udb.c:pdb_udb_getsampwnam(580)
pdb_udb_getsampwnam: unable to locate user [tech]
Thanks
Paul
More information about the samba
mailing list