[Samba] administrator's unix attributes is missing
adam_xu at adagene.com.cn
adam_xu at adagene.com.cn
Fri Apr 20 12:34:43 UTC 2018
Hi,Rowland. I have do the testing again in another test env. this time I got the "administrator" in the linux domain member using “getent passwd". maybe I made some mistake in previous test. And after that I excute the command:
net rpc rights grant "NTBAOBEI\Domain Admins" SeDiskOperatorPrivilege -U "NTBAOBEI\administrator"
it showed:
Enter NTBAOBEI\administrator's password:
Successfully granted rights.
I didn't set the unix primary group in smb.conf, so whatever I set the primary group in RSAT doesn't affect anything, right?
I can manage the shares using administrator account in my windows client. everything works OK. I think when we meet "SeDiskOperatorPrivilege can't be set", maybe no need to create a user map like the wiki below?
https://wiki.samba.org/index.php/Samba_Member_Server_Troubleshooting
This is only my personal opinion.
yours Adam
From: Rowland Penny via samba
Date: 2018-04-20 17:48
To: samba at lists.samba.org
Subject: Re: [Samba] administrator's unix attributes is missing
On Fri, 20 Apr 2018 17:18:52 +0800
"adam_xu at adagene.com.cn" <adam_xu at adagene.com.cn> wrote:
> Hello, Rowland. what I set in RSAT is:
> nis domain "ntbaobei"
> uid "10000"
> login shell "/sbin/nologin"
> home dir "/home/Administrator"
> primary group "domain admins"
>
Congratulations, you just turned 'Administrator' into a normal user as
far as Unix is concerned. Also you have changed Administrators
primary group from Domain Users
> I never used user map beacuse everything worked ok before. I knew the
> "root" user can granting the SeDiskOperatorPrivilege Privilege. Is
> there any changelog in samba 4.7.7 that disallow setting the
> administrator's unix attributes ?
There are no changes that I know of
>
> just curious, everything works ok in my production env.
If it works for, it is just that I wouldn't do it. ;-)
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list