[Samba] Problems with administrator account
L.P.H. van Belle
belle at bazuin.nl
Mon Aug 10 07:18:53 UTC 2015
Never give Administrator an uid. !
Thats asking for problems.
>-----Oorspronkelijk bericht-----
>Van: samba [mailto:samba-bounces at lists.samba.org] Namens buhorojo
>Verzonden: zaterdag 8 augustus 2015 20:51
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] Problems with administrator account
>
>
>On 07/08/15 17:45, dashi fico wrote:
>> Yes, LAN is the workgroup name.
>>
>> I made a test, i removed all the ACL with setfacl -b mysharename
>>
>> [root at fileserv]# getfacl share/
>> # file: share/
>> # owner: root
>> # group: root
>> user::rwx
>> group::rwx
>> other::---
>>
>> Going to Windows side and Added "Domain Admins" in permission tab to
>> read/modify/total
>>
>>
>> Security Tab is denied even for my others account in domain
>Admins group
>>
>> looking again with getfacl, the acl didnt get modified....
>>
>> So i add them manually :
>>
>> [root at fileserv]# setfacl -R -m g:Domain\ Admins:rwx share
>> [root at fileserv]# getfacl share
>> # file: share
>> # owner: root
>> # group: root
>> user::rwx
>> group::rwx
>> group:domain\040admins:rwx
>> mask::rwx
>> other::---
>>
>> And now i gain access to the security tab with my Account, i
>can browse the
>> share too.
>>
>> But if i go back with the Administrator Account to the ADUC,
>security is
>> denied and he can't access the share "Access denied"
>Hi
>The mapping alone doesn't work. Add a uidNumber and gidNumber to
>Administrator.
>HTH
>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list