[Samba] error witch rsat

Rowland Penny rpenny at samba.org
Sun Jan 27 13:42:20 UTC 2019


On Sun, 27 Jan 2019 13:07:06 +0100
marco pirola <mapirola81 at gmail.com> wrote:

> Does'nt work if i used Administration and another user. Can i
> resolved this problem? I used the acl?
> 

I think I understand what is going on and it clearly shows why giving
'Administrator' a Unix ID is a bad idea ;-)

If you run:

getent passwd administrator

You will get something like this:

administrator:*:10500:10513::/home/administrator:/bin/bash

This clearly shows that 'Administrator' has the ID '10500', which means
it is a normal Unix user and can only do what a Normal Unix user can,
which isn't much ;-)

NOTE: this will only happen on a Samba AD DC or a Samba Unix domain
member using the winbind 'rid' backend.

You need to make 'Administrator' (from Samba's perspective) be able to
do things on Unix without asking for a password. There is only one user
that can do that: 'root'

To do this, you need to add something to the 'global' section of your
Unix domain members smb.conf file:

username map = /etc/samba/user.map

Create /etc/samba/user.map with this content:

!root = ROBINOOD\Administrator

Restart Samba and try again from Windows 10

Rowland




More information about the samba mailing list