[Samba] Samba4 as AD member & local rights problem...

Thomas Besser thomas.besser at kit.edu
Thu Sep 19 08:27:09 MDT 2013

Hi all,

have a samba4 server as AD member (security =ADS). I have no account 
with "Domain Admin" rights, only a normal account with delegated 
privilege to managing GPO and for domain join.

I can not manage the printserver resp. upload the win drivers. The 
smb.conf option 'printer admin' is gone with v4.

I asked already in irc on #samba and got the advice to "make any user 
member of the local administrators group", but got stuck how to do this.

Also I tried to grant the SePrintOperatorPrivilege to a normal domain 
user. Got also stuck.

Every time the net command wants the 'root' password, but root is 
unknown in the AD environment:

net rpc group addmem "SAMBASERVER\Administrators"
Enter root's password:
Could not connect to server
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE

Any hints what I'm doing wrong? Somebody out there who solved this 
problem with samba4?

I don't want to switch back to samba3 to get the 'printer admin' 
configuration option.


More information about the samba mailing list