[Samba] Few questions about members
L.P.H. van Belle
belle at bazuin.nl
Fri Jun 6 07:56:21 MDT 2014
forgot 2 things.
also change the ${SETNTDOM} to YOURDOMAIN
and kinit YourAdmin at REAL first.
>-----Oorspronkelijk bericht-----
>Van: belle at bazuin.nl [mailto:samba-bounces at lists.samba.org]
>Namens L.P.H. van Belle
>Verzonden: vrijdag 6 juni 2014 15:53
>Aan: samba at lists.samba.org
>CC: campbell at cnpapers.com
>Onderwerp: Re: [Samba] Few questions about members
>
>
>Did you set the privileges on the member server.
>
>here you have them.. if you get a denied when attempting to
>apply them.
>add the file /etc/samba/samba_usermapping
>!root = YOURDOMAIN\Administrator YOURDOMAIN\administrator
>
>If you Administrator is not "Administrator, then change that
>in the above line or add them also.
>
>and in smb.conf
> username map = /etc/samba/samba_usermapping
>
>reload samba
>and run :
>
>SETNTPASSWD="YourAdministratorPassword"
>
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeDiskOperatorPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeTakeOwnershipPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeBackupPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeRestorePrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeRemoteShutdownPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SePrintOperatorPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeAddUsersPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeDiskOperatorPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeSecurityPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeSystemtimePrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeShutdownPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeDebugPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeSystemEnvironmentPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeSystemProfilePrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeProfileSingleProcessPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeIncreaseBasePriorityPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeLoadDriverPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeCreatePagefilePrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeIncreaseQuotaPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeChangeNotifyPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeUndockPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeManageVolumePrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeImpersonatePrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeCreateGlobalPrivilege -UAdministrator
>echo ${SETNTPASSWD}| net rpc rights grant "${SETNTDOM}\Domain
>Admins" SeEnableDelegationPrivilege -UAdministrator
>
>Greetz,
>
>Louis
>
>
>
>>-----Oorspronkelijk bericht-----
>>Van: campbell at cnpapers.com
>>[mailto:samba-bounces at lists.samba.org] Namens Steve Campbell
>>Verzonden: vrijdag 6 juni 2014 15:09
>>Aan: samba at lists.samba.org
>>Onderwerp: Re: [Samba] Few questions about members
>>
>>
>>On 6/6/2014 8:47 AM, steve wrote:
>>> On Fri, 2014-06-06 at 08:35 -0400, Steve Campbell wrote:
>>>> On 6/5/2014 4:54 PM, steve wrote:
>>>>> On Thu, 2014-06-05 at 15:58 -0400, Steve Campbell wrote:
>>>>>
>>>>>>> /etc/hostname
>>>>>> No such file
>>>>> create it with:
>>>>> storage.ts.mystuff.com
>>>>>
>>>>> hostname -d
>>>>>
>>>>> Now try to read the shares.
>>>>>
>>>>>
>>>> Still no luck. Permission denied. Error code 5 in Microsoft
>>>> Administration tools.
>>>>
>>>> steve
>>> How are you accessing the shares? Is the ws also joined to
>>the domain?
>>> hostname -d
>>> ?
>>>
>>>
>>Yes the ws is in the domain. We're trying to use the Microsoft Active
>>Directory Manager for XP. We can see the member server in the
>>Users and
>>Computers. When we attempt to "manage" it, we're asked for a password
>>and then we get permission denied, error code 5.
>>
>>steve
>>--
>>To unsubscribe from this list go to the following URL and read the
>>instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list