[Samba] Can't create users with RSAT - "An error occurred. Contact you system administrator"

Andreas Hauffe andreas.hauffe at tu-dresden.de
Mon Feb 2 13:00:16 MST 2015 

Am Montag, 2. Februar 2015, 17:44:53 schrieb Marc Muehlfeld:
> Hello Andreas,
> 
> Am 02.02.2015 um 13:00 schrieb Andreas Hauffe:
> > I set up a new AD with the Sernet Samba 4.1 packages. I did the
> > provisioning with "samba-tool domain provision --use-rfc2307
> > --interactive". I checked the dc, ldap, kerberos and dns services under
> > linux. Everything seems to work fine.
> > 
> > Then I join a Windows 8.1 Enterprise running in as VM to the domain and
> > login as administrator of the domain. When I install the RSAT and try to
> > create a domain user I'm getting the error "An error occurred. Contact
> > you system administrator". But I'm able to create groups and OUs.
> > Under Linux the user creating is working. If I set the UNIX attributes for
> > the group, I'm getting the hint "Execution denied" (translated from
> > German).
> I tried it in my test environment (4.1.16 self-compiled) from ADUC on
> W8.1: Works without problems. Which account do you use to create the new
> user and in which container? The Domain Admin has all required
> permissions, of course.
> 
> 
> What does the Samba logfile says in the moment you receive the error?
> Maybe you have to increase the log level.
> 
> 
> Regards,
> Marc

Hello,

at first thanks for your answer. I tried exactly the same with a WIndows 7 
Professional and it is working without any problem. So perhaps it's not a 
samba or DC problem. But it seems that I'm not the only one 
http://wiki.snet.at/samba_4_rsat

I did everything on a clean Active Directory with no extra users. So I used 
the administrator account and tried to create the users. I tried to create the 
new users in the "Users" container and inside newly created containers.


smb.conf 

[global]
        workgroup = ILR
        realm = ILR.MW.TU-DRESDEN.DE
        netbios name = MLRDC1
        server role = active directory domain controller
        dns forwarder = 141.30.66.135
        idmap_ldb:use rfc2307 = yes

[netlogon]
        path = /var/lib/samba/sysvol/ilr.mw.tu-dresden.de/scripts
        read only = No

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No

krb5.conf

[libdefaults]
        default_realm = ILR.MW.TU-DRESDEN.DE
        dns_lookup_realm = false
        dns_lookup_kdc = true

interfaces

allow-hotplug eth0                                                                                                                                                               
iface eth0 inet static                                                                                                                                                           
        address 141.30.156.32                                                                                                                                                    
        netmask 255.255.255.0                                                                                                                                                    
        network 141.30.156.0                                                                                                                                                     
        broadcast 141.30.156.255                                                                                                                                                 
        gateway 141.30.156.1
        dns-nameservers 127.0.0.1                                                                                                                                                
        dns-search ilr.mw.tu-dresden.de



-- 
Viele Grüße
Andreas Hauffe

More information about the samba mailing list