[Samba] SeDiskOperatorPrivilege - NT_STATUS_NO_SUCH_PRIVILEGE
Steffen Weißgerber
steffen at weiszgerber.de
Fri Oct 2 12:36:41 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I got it. Sorry, my fault. When calling 'net rpc ...' I addressed a
Server from the AD with the -I switch. Without this the privileges are
listed correct and die SeDiskOperatorPrivilege can be granted.
Regards
Steffen
Am 01.10.2015 um 15:59 schrieb Rowland Penny:
> On 01/10/15 14:32, Steffen Weißgerber wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Hmm why,
>>
>> the guy at
>> https://raymii.org/s/tutorials/SAMBA_Share_with_Active_Directory_Logi
n_o
>> n_Ubuntu_12.04.html
>> does exactly this.
>>
>> Also the manpage e.g. for smb.conf describes the config for a connect
ion
>> to an AD.
>>
>> And after granting file rights to the share via
>>
>> setfacl -m g:domänen-admins:rwx /var/samba/test
>>
>> I can mkdir and granting rights to other users/groups from the securi
ty
>> tab on a windows client.
>>
>> Maybe version 3.6 is not as full featured as the 4.x versions, but AD
>> integration should work.
>>
>> Is there a way to monitor/log the net rpc call to check the availabil
ty
>> of the SeDiskOperatorPrivilege on AD side?
>>
>>
>
> Your best bet would be to install the last freely available Sernet Sam
ba
> packages, this would get you version 4.2.4. Samba 3.6 is EOL (as is
> 4.0), so if you are hitting a bug (note: I am not saying you are) then
> you stand a chance of getting it fixed. If you don't want to do that,
> you could always upgrade to 14.04 and this would get you 4.1.6.
>
> Unless something very strange is going on, the SeDiskOperatorPrivilege
> should be available.
>
> Rowland
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iEYEARECAAYFAlYOelkACgkQCrEAdFsLhMfYKQCgrXA9TMRxtg8yHjo2lete9fJg
WxMAnAnwtJNxJejICRmtlkXMXCQ8eedC
=Axu/
-----END PGP SIGNATURE-----
More information about the samba
mailing list