[Samba] Permission Denied

Rowland penny rpenny at samba.org
Mon Dec 7 19:54:27 UTC 2015

On 07/12/15 19:42, Ole Traupe wrote:
>>> If I do this (rely on the user map file containing "!root = 
>>> BPN\Administrator BPN\administrator"), should I expect "id 
>>> Administrator" to give anything?
>>> Ole
>> Only a Samba AD DC, you will not get anything from 'getent 
>> Administrator' on a Unix domain member, but remember, with the user 
>> map 'Administrator' becomes 'root' :-)
> Yes, and I can manage share permissions via ADUC due to the user mapping.
> But on the DCs I still get "No such user" (although I don't have any 
> appearent problem).
> Ole

Have you changed anything on the DCs ? Are the winbind nss links in 
place ? (not sure if this makes any difference, but I always create them)

if I run 'id Administrator', I get:

uid=0(root) gid=100(users) 
groups=0(root),100(users),3000004(SAMdom\Group Policy Creator 
Owners),3000006(SAMDOM\Enterprise Admins),3000008(SAMDOM\Domain 
Admins),3000007(SAMDOM\Schema Admins)

'getent password Administrator' returns:



More information about the samba mailing list