[Samba] net rpc SeDiskOperatorPrivilege failing for domain user

suresh.kandukuru at emc.com suresh.kandukuru at emc.com
Thu Sep 23 07:26:58 MDT 2010


Dear experts,
  I am having following problem on samba server side . please help me .

1) our device is running with samba server , in order to  allow Microsoft windows mmc  to change samba share permissions I am giving  SeDiskOperatorPrivilege  ( net rpc  rights  grant  admin SeDiskOperatorPrivilege) privilege to samba users.
This is working fine as  long as our device is in standalone work group mode.

2) it is giving the  below problem  when we move the device to some domain. I am  logging into device with domain administrator account  I know its password.
----------------
root at storage-2:/usr/local/samba/bin# ./net -U administrator -W emcsoho.local rpc rights  grant administrator
 SeDiskOperatorPrivilege


Enter administrator's password:
Successfully granted rights.
------------

for another domain user "users1"  it is failing with error NT_STATUS_ACCESS_DENIED.
--------
root at storage-2:/usr/local/samba/bin# ./net -U administrator -W emcsoho.local rpc rights  grant users1 SeDiskOperatorPrivilege
Enter administrator's password:
\Failed to grant privileges for users1 (NT_STATUS_ACCESS_DENIED)
-----------

The above command Is working fine when I use the net command with "users1" account
---------
root at storage-2:/usr/local/samba/bin# ./net -U users1 -W emcsoho.local rpc rights  grant users1 SeDiskOperatorPrivilege
Enter users1's password:
Successfully granted rights.
-------
The problem is my device does not know the domain users passwords. how to handle this situation?. How to give SeDiskOperatorPrivilege  priviliege for the domain users  from the device with domain administrator account.

Thanks
Suresh


More information about the samba mailing list