[Samba] 3.6.23-25.el6_7 and 4.2.10 and "Domain Admins" are/not Admins?
Gavrilov Aleksey
gavrilov at info74.ru
Thu Oct 20 07:23:31 UTC 2016
hi
It can be so help
[global]
>---admin users = @nt_admins
if not then I need
1. root at pdc:~# testparm
2. root at pdc:~# ldapsearch -xLLL -H ldapi:/// -b
ou=groups,ou=arkhangelsk,dc=rugion,dc=ru
ldap suffix = ou=arkhangelsk,dc=rugion,dc=ru
ldap group suffix = ou=groups
3. try
log level = 10
max log size = 1000
and go through the authorization in windows pc
see the log of communication with the server PC.
usually here /var/log/samba/log.ip or /var/log/samba/log.name-pc
4. no harm will see errors in these files too
/var/log/samba/log.nmbd
/var/log/samba/log.smbd
On 20.10.2016 02:28, lejeczek via samba wrote:
> hi all
>
> I have two different Samba versions as PDC and BDC and depending on
> which one is "domain master" users which are domain admins are not
> recognized as such.
>
> Everything seems normal with 3.6.23-25.el6_7 as "domain master" but
> when I configure them so 4.2.10 is the master then I login to Win7
> fine but Windows tells me that the user is not an Admin and I need to
> supply credential (wherever it's necessary of course).
>
> Both Sambas are config-wise virtually identical, I only swap "domain
> master = yes" around.
>
> User backends are for both Sambas multi-master LDAP so these too
> should (I believe are) are identical for both servers.
>
> What could it be? Gee, some good hint could be a master-headache savior.
>
> many! thanks.
>
> L.
>
>
--
Sincerely, Gavrilov Aleksey
System Administrator
Ltd. "Hearst Shkulev Digital Rugion"
tel .: 8 (351) 729-94-90, ext. 345
mob. +7 999 581 7934
gavrilov at info74.ru
Chelyabinsk, st. Lesoparkovaya , 6, office 308
More information about the samba
mailing list