[Samba] access "claim types"
Andrew Bartlett
abartlet at samba.org
Wed Feb 15 07:56:01 UTC 2023
On Fri, 2023-02-10 at 07:50 +0100, Stefan G. Weichinger via samba
wrote:
> Their external windows admin tries to edit ACLs etc by accessing
> them
>
> from their DC, a Windows 2016 server.
>
>
>
> And in editing Security Settings he gets something like
>
>
>
> no connection to AD to access or check claim types
>
>
>
> (I translated this from the german error text ... not the exact
> english
>
> text)
>
>
>
> Any hints for me?
Claims are a Windows 2012R2 feature (currently being added to Samba's
AD DC, but that isn't important for this) that are a new type of ACL
element.
Unlike translating user SIDs to names, which is done via the file
server, I'm assuming from this message that the client is directly
connecting to the AD DC over LDAP to get the list of claim types, for
the GUI.
Perhaps there is a simple connection failure direct to the DC?
Andrew Bartlett
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba
Samba Development and Support, Catalyst.Net Limited
Catalyst.Net Ltd - a Catalyst IT group company - Expert Open Source
Solutions
More information about the samba
mailing list