[Samba] net rpc SeDiskOperatorPrivilege failing for domain user
Andrew Bartlett
abartlet at samba.org
Thu Sep 23 23:05:53 MDT 2010
On Thu, 2010-09-23 at 09:26 -0400, suresh.kandukuru at emc.com wrote:
> Dear experts,
> I am having following problem on samba server side . please help me .
>
> 1) our device is running with samba server , in order to allow Microsoft windows mmc to change samba share permissions I am giving SeDiskOperatorPrivilege ( net rpc rights grant admin SeDiskOperatorPrivilege) privilege to samba users.
> This is working fine as long as our device is in standalone work group mode.
> -------
> The problem is my device does not know the domain users passwords. how to handle this situation?. How to give SeDiskOperatorPrivilege priviliege for the domain users from the device with domain administrator account.
You need to grant the rights to the builtin administrators group. If
everything is set up properly (and this may depend a little on what
version you Samba you are running, and if you use winbind etc), when the
domain admins log in to Samba, it will see that they are in the domain
administrators group and add it to the builtin administrators group.
You don't need to do this with 'net rpc' if you have access to the local
box - just use 'net sam rights'.
I hope this helps,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba/attachments/20100924/57983fde/attachment.pgp>
More information about the samba
mailing list