[Samba] Unable to set SeDiskOperatorPrivilege
Rowland penny
rpenny at samba.org
Fri Jan 15 10:32:39 UTC 2016
On 15/01/16 09:07, Henry McLaughlin wrote:
> root at aphrodite:/# net rpc rights list accounts -U'DOMAIN\administrator'
> Enter DOMAIN\administrator's password:
> BUILTIN\Print Operators
> No privileges assigned
>
> BUILTIN\Account Operators
> No privileges assigned
>
> BUILTIN\Backup Operators
> No privileges assigned
>
> BUILTIN\Server Operators
> No privileges assigned
>
> BUILTIN\Administrators
> SeMachineAccountPrivilege
> SeTakeOwnershipPrivilege
> SeBackupPrivilege
> SeRestorePrivilege
> SeRemoteShutdownPrivilege
> SePrintOperatorPrivilege
> SeAddUsersPrivilege
> SeDiskOperatorPrivilege
> SeSecurityPrivilege
> SeSystemtimePrivilege
> SeShutdownPrivilege
> SeDebugPrivilege
> SeSystemEnvironmentPrivilege
> SeSystemProfilePrivilege
> SeProfileSingleProcessPrivilege
> SeIncreaseBasePriorityPrivilege
> SeLoadDriverPrivilege
> SeCreatePagefilePrivilege
> SeIncreaseQuotaPrivilege
> SeChangeNotifyPrivilege
> SeUndockPrivilege
> SeManageVolumePrivilege
> SeImpersonatePrivilege
> SeCreateGlobalPrivilege
> SeEnableDelegationPrivilege
>
> Everyone
> No privileges assigned
>
> root at aphrodite:/# getent passwd administrator
> administrator:*:1904600500:1904600513:Administrator:/home/
> AD.DOMAIN.COM.AU/administrator:
>
> root at aphrodite:/# getent group "Domain Admins"
> domain admins:*:1904600512:administrator
>
> root at aphrodite:/# net rpc rights grant 'DOMAIN\Domain Admins'
> SeDiskOperatorPrivilege -U'DOMAIN\administrator'
> Enter DOMAIN\administrator's password:
> Failed to grant privileges for DOMAIN\Domain Admins
> (NT_STATUS_ACCESS_DENIED)
> root at aphrodite:/#
Have you by any chance given Administrator a uidNumber ?
Rowland
More information about the samba
mailing list