[Samba] user to read replication status
Marcos Ariel Negrini
mnegrini at afip.gob.ar
Thu May 6 18:28:31 UTC 2021
Hello:
we are wanting to generate a user that has privileges to be able to
perform the following operation:
samba-tool drs showrepl -UUser
We have been trying different privileges, from full tree reading, to
schema administration, but we always get the following error:
ERROR(runtime): DsReplicaGetInfo of type 0 failed - (8453,
'WERR_DS_DRA_ACCESS_DENIED')
the only permission that obviously works is with domain administrator...
Can you think of any particular permission we should give it? I did not
find any info on this.
Regards
--
Marcos Ariel Negrini
AFIP - División Seguridad de Activos
Dirección de Seguridad de la Información
Paseo Colon 635 PB - CP 1063 - CABA
More information about the samba
mailing list