[Samba] Why would "net rpc rights grant" fail ?
Rowland Penny
rowlandpenny at googlemail.com
Mon Apr 14 09:45:50 MDT 2014
On 14/04/14 16:35, Koenraad Lelong wrote:
> op 14-04-14 17:06, Rowland Penny schreef:
> ...
>>
>> I take it you did this for the classicupgrade and that they are no where
>> near /var/lib/samba ?
>>
> No, the temp-directory was : /home/administrator/samba
> This is the command, run from /home/administrator :
> samba-tool domain classicupgrade --use-xattrs=yes
> --realm=AD01.ACE-ELECTRONICS.BE --dns-backend=BIND9_DLZ --dbdir=samba
> samba/smb.conf
Cannot see any problems there ;-)
>
>>
>>>>
>>>> From what you have written, I think that you are trying to do all
>>>> this
>>>> on the new samba4 AD server, is this correct ?
>>>>
>>>
>>> Yes, it's on the new samba4 server.
>>>
>>
>> Well, all things being well, it should just work, but at the moment, it
>> is not recommended to use the Samba 4 server as a file server and I
>> believe that you do not need to run the privilige granting commands on
>> the samba4 server.
>>
>> If you install ldb-tools (this is on debian, it might be different on
>> your OS) and then run this command:
>>
>> ldbsearch -H /var/lib/samba/private/sam.ldb -b DC=example,DC=com -s sub
>> "(objectclass=*)" > /root/samba4.ldif
>>
>
> I dumped it and will study the contents, but are "samba-tool user
> list" and "samba-tool group list" using the same database ? That I
> already studied and all users and groups are there, although there are
> no group-memberships. According to the wiki this is expected.
>
Yes, the commands just run a search of AD for users or groups and dump
the results, I can understand why there are no group-memberships, on AD
there is just one way of setting these, but with ldap etc, there are
several ways.
Rowland
>>>
>> Either should work, but localhost should always be 127.0.0.1 and I
>> didn't know your servers ip ;-)
>
> That's a relief ;-)
>
> Thanks,
>
> Koenraad.
>
More information about the samba
mailing list