[Samba] SAMBA Login and Unrelated Failures

Jason A. Nunnelley jason at jasonn.com
Fri Aug 1 07:26:54 GMT 2008 

I'm having trouble with the access:

net -S localhost -U% rpc rights list accounts

BUILTIN\Administrators
SeMachineAccountPrivilege
SeTakeOwnershipPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeRemoteShutdownPrivilege
SePrintOperatorPrivilege
SeAddUsersPrivilege
SeDiskOperatorPrivilege

So, there's several features available to the build in Administrators group.

Are you saying this line in the smb.conf adds that status to a given user:

admin users = myuser

as in:

admin users = bobtheadminguy


tail -f /var/log/samba/log.wb-BUILTIN
[2008/08/01 01:43:00, 1] nsswitch/winbindd_util.c:trustdom_recv(230)
   Could not receive trustdoms
[2008/08/01 01:54:39, 0] 
nsswitch/winbindd_dual.c:async_request_timeout_handler(181)
   async_request_timeout_handler: child pid 4520 is not responding. 
Closing connection to it.
[2008/08/01 01:54:39, 1] nsswitch/winbindd_util.c:trustdom_recv(230)
   Could not receive trustdoms
[2008/08/01 02:16:31, 0] 
nsswitch/winbindd_dual.c:async_request_timeout_handler(181)
   async_request_timeout_handler: child pid 4766 is not responding. 
Closing connection to it.
[2008/08/01 02:16:31, 1] nsswitch/winbindd_util.c:trustdom_recv(230)
   Could not receive trustdoms

Upon deeper investigation, I'm seeing other errors.

Here's it appears I've got a failure in winbind.  I don't know what it's 
complaining about specifically, but obviously something isn't configured 
correctly.

Here's my config:

[global]
workgroup = MYGROUP
server string = Samba Server
netbios name = THEBOX
security = user
hosts allow = 192.168.1. 192.168.2. 127. 10.10.10.
log file = /var/log/samba/log.%m
max log size = 50
passdb backend = tdbsam
local master = yes
os level = 65
domain master = yes
preferred master = yes
domain logons = yes
wins support = yes
hide unreadable = yes
hide dot files = yes
; dns proxy = no
nt acl support = yes
inherit acls = yes
;    map acl inherit = yes
; enable privileges = yes
admin users = adminuser

Opinions welcome.


Right now, I can't seem to add a system as a "trusted machine," and it 
gives me the error that it can't find the name.  I assume this meant the 
user name I added on the line [admin users = adminuser].  Windows XP Pro 
just waits a bit and says it can't find the user -- like the user I've 
logged in with doesn't exist.  BTW, as long as I'm not trying to add the 
machine to the domain, I can view the share through Network Neiborhood. 
  It even asks for a u/p and logs me in.  I've not yet been able to test 
adding/removing files.

-- 


Jason A. Nunnelley
JasonN.com is my website - all opinions expressed were mine at some point.

More information about the samba mailing list