[Samba] Joining Domain: ACCESS DENIED (granted: 0x00000201; required: 0x00000010)
Martin Juhl
mj at casalogic.dk
Sat Feb 27 21:28:26 UTC 2016
Hi guys
When trying to join a Samba NT4 domain (running on Samba v4), using a FreeIPA server as a backend, I get an Access is Denied on my Windows 7 machine...
Log files shows:
ACCESS DENIED (granted: 0x00000201; required: 0x00000010)
i'm trying to use the user "mj" to do the join:
[root at bart ~]# id mj
uid=1935800001(mj) gid=1935800001(mj) grupper=1935800001(mj),1935800004(vpn),1935800000(admins),1935800008(ntadmins)
[root at bart ~]# net groupmap list
Domain Users (S-1-5-21-3189138339-1730592290-4215248117-513) -> ntusers
Domain Admins (S-1-5-21-3189138339-1730592290-4215248117-512) -> ntadmins
Domain Guests (S-1-5-21-3189138339-1730592290-4215248117-514) -> nobody
Config:
[global]
workgroup = BOLLS
netbios name = BART
realm = BOLLS.LAN
kerberos method = dedicated keytab
dedicated keytab file = FILE:/etc/samba/samba.keytab
create krb5 conf = no
security = user
domain master = yes
domain logons = yes
log level = 3
max log size = 100000
log file = /var/log/samba/log.%m
passdb backend = ipasam:ldaps://lisa.bolls.lan
disable spoolss = yes
ldapsam:trusted = yes
ldap ssl = off
ldap suffix = dc=bolls,dc=lan
ldap user suffix = cn=users,cn=accounts
ldap group suffix = cn=groups,cn=accounts
ldap machine suffix = cn=computers,cn=accounts
rpc_server:epmapper = external
rpc_server:lsarpc = external
rpc_server:lsass = external
rpc_server:lsasd = external
rpc_server:samr = external
rpc_server:netlogon = external
rpc_server:tcpip = yes
rpc_daemon:epmd = fork
rpc_daemon:lsasd = fork
logon path = \\%L\Profiles\%U
logon drive = H:
logon home = \\%L\%U
What am I missing????
Regards
Martin
More information about the samba
mailing list