[Samba] workaround needed for Security Principals, and SID's mapping bug.
L.P.H. van Belle
belle at bazuin.nl
Fri Dec 2 10:00:53 UTC 2016
> Have you tried editing the runAs tag in the corresponding xml file
> SchedTask.xml or similar in the sysvol policy folder?
Hmm, no, not yet, i'll go test now.
I'll report later the result.
And yes, i can create a local also, that how i detected the sid/rid/id mapping problems.
But i cant go create 100 task localy, thats why i have GPO.
Greet,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Achim Gottinger
> via samba
> Verzonden: vrijdag 2 december 2016 10:54
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] workaround needed for Security Principals, and
> SID's mapping bug.
>
>
>
> Am 02.12.2016 um 09:34 schrieb L.P.H. van Belle via samba:
> > Exact, and at this point, im at also.
> >
> > Here, typing the username results in the windows event and errors out.
> > Did a lot of research and im 100% this is and missing mapping.
> > Typing does not works, i dont know if this is a windows thing or a samba
> thing. But i found several reports where in a windows 7+ with Server 2008
> also errors if you type the username.
> >
> > And thanks you for having a look..
> > you too Rowland.
> >
> > Which version samba are you gues running atm?
> >
> >
> >
> >
> >
> >> -----Oorspronkelijk bericht-----
> >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Achim
> Gottinger
> >> via samba
> >> Verzonden: vrijdag 2 december 2016 3:05
> >> Aan: samba at lists.samba.org
> >> Onderwerp: Re: [Samba] workaround needed for Security Principals, and
> >> SID's mapping bug.
> >>
> >>
> >>
> >> Am 02.12.2016 um 02:08 schrieb Achim Gottinger via samba:
> >>>
> >>> Am 02.12.2016 um 01:47 schrieb Achim Gottinger via samba:
> >>>>
> >>>> Am 01.12.2016 um 13:35 schrieb L.P.H. van Belle via samba:
> >>>>> Hai Rowland,
> >>>>>
> >>>>> This happens when im creating a "Scheduled task" ,
> >>>>> this task needs NT AUTHORITY\System but you need to select the
> >> account,
> >>>>> when you select the account a sid/rid mapping is done and this
> fails.
> >>>>> Resulting in the windows event id and error code.
> >>>>> While searching for that i found that i cant type the username.
> >>>>> You must select it.
> >>>>>
> >>>>> To
> >>> Tried this and it behaves the same way here. The builtin\SYSTEM
> >>> account shows up as DOMAINNAME\SYSTEM.
> >>>
> >>> But to run as the lokal SYSTEM account I think you must pick the
> >>> Server as search base and then choose the system account. Here this
> >>> leads to an fault and exit of the gpo manangement editor.
> >>>
> >> Here i can typ in the username. If that does not work for you you can
> >> edit the SchedTask.xml (or similar) file in the gpo folder direct.
> >>
> >> --
> >> To unsubscribe from this list go to the following URL and read the
> >> instructions: https://lists.samba.org/mailman/options/samba
> >
> I tested against a server running debian wheezy with sernet's samba
> package version 4.2.
> Using Windows 7 as an client I can edit the username field.
> Have you tried editing the runAs tag in the corresponding xml file
> SchedTask.xml or similar in the sysvol policy folder?
> On a sidenote if i create an task direct (not via gpo) i can select
> local system account and the builtin\system account. Both show up as
> nt-authority\system (localized).
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list