[Samba] SeDiskOperatorPrivilege - NT_STATUS_NO_SUCH_PRIVILEGE
Steffen Weißgerber
steffen at weiszgerber.de
Mon Sep 28 10:30:50 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
after configuring kerberos and winbind for authentication against an AD
(Window 2008 R2) and succesful launching getent passwd I followed the
instructions https://wiki.samba.org/index.php/Shares_with_Windows_ACLs
for granting the SeDiskOperatorPrivilege.
But I get a failure with a NT_STATUS_NO_SUCH_PRIVILEGE error.
net rpc rights list accounts -U'<Domain>\Administrator' -I<AD-host>
does not list the SeDiskOperatorPrivilege.
Why this is missing?
Nevertheless creating directories and granting access to these to
other AD accounts works well.
The global section of my smb.conf is as follows:
[global]
workgroup = DKDB
server string = Samba Test
security = ads
realm = DKDB.KN
winbind use default domain = yes
winbind refresh tickets = yes
max protocol = SMB2
hide unreadable = yes
idmap config * : backend = rid
idmap config * : range = 10000-20000
#syslog only = yes
disable netbios = yes
log file = /var/log/samba/log.%m
log level = 3
max log size = 50
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
Thanks
Steffen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iEYEARECAAYFAlYJFtoACgkQCrEAdFsLhMcDpACfUwrOhTV16672SoPvHRhpCSAV
K0QAnjJSD0Oz8bSmvCtw7CReoXNWZOrK
=DhYx
-----END PGP SIGNATURE-----
More information about the samba
mailing list