No subject
Sun Sep 6 16:29:27 MDT 2009
SA_RIGHT_USER_ACCT_FLAGS_EXPIRY, which I am in the process of trying
to find out the semantics of. The source code apparently makes no
reference to it in any way to elucidate its meaning.
At this point I don't have much insight, the involved flags are things such=
as
#define SA_RIGHT_USER_ACCT_FLAGS_EXPIRY 0x00000010
#define SA_RIGHT_USER_SET_ATTRIBUTES 0x00000020
#define SA_RIGHT_USER_CHANGE_PASSWORD 0x00000040
#define SA_RIGHT_USER_SET_PASSWORD 0x00000080
and the granted security of 0xd04e4 seems unrelated and invariant with
any of the permissions exposed to the user (SeMachineAccountPrivilege,
etc.).
On Thu, Oct 1, 2009 at 1:06 PM, Nick Pappin <npappin at latahfcu.org> wrote:
> On Tue, Sep 29, 2009 at 5:04 PM, m <maglyx at gmail.com> wrote:
>>
>> I am pulling my hair out trying to figure out why trying to rename my
>> computer joined to a Samba domain (version 3.2.3) keeps failing with
>> "Access is Denied". In searching I found references to people with the
>> same problem where the answer was to set the "rename user script"
>> option in smb.conf, but I have done that (not forgetting to restart
>> Samba) and there is no difference, still the same error.
>>
>> My account permissions are set (making my account a member of a group
>> mapped to the Administrators group, as well as individually
>> individually granting =A0SeMachineAccountPrivilege and
>> SeAddUsersPrivilege). I added the same machine to the domain through
>> the Windows GUI and I can successfully issue a rename from the Samba
>> server-side, as in
>> =A0$ net rpc user rename fog$ hog$
>> =A0Enter m's password:
>> =A0Renamed user from fog$ to hog$
>> but attempting via the Windows GUI, System Properties|Computer
>> Name|Change... keeps failing with the "Access Is Denied" message box.
>>
>> Any clue what else could be missing or how to diagnose. I tried "log
>> level =3D 3" but found the output to be virtually indecipherable, no
>> obvious way to correlate any output with the rename operation in
>> question.
>>
>> To be sure, my rename user scipt line is
>> =A0rename user script =3D /usr/sbin/usermod --login=3D'%unew' '%uold'
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: =A0https://lists.samba.org/mailman/options/samba
>
> Are you still having the problem? If so can you try to do a rename from M=
y
> Computer -> Properties and pastebin the /var/log/samba/log.smbd file for =
the
> five minutes around when you do it. And can you pastebin your smb.conf.
>
> Nick
>
More information about the samba
mailing list