[Samba] Delegation of control failure for any built-in Security Principals
Sorin P.
psleo2003 at yahoo.com
Sun Jan 22 13:31:12 UTC 2023
Hi team.
I am trying to allocate some rights to users in Active Directory, by using the "Delegation of Control Wizard" from ADUC.
The steps I'm following were executed under the domain administrator user and are the following:
1. open ADUC and right click the top level OU (Ex. domain.org)
2. from the pop-up menu, select “Delegate Control…”
3. click next in the first page of the wizard (which is the "Welcome" page)
4. on the next page "Users or Groups", select the “Add” button, and type ‘SELF’ then ‘Check Names’.
5. I'm getting an error window with the following message:
"Windows cannot process the object with the name "SELF" because of the following error:
Name translation: Input name found, but not the associated output format.
After the error, I am unable to continue with the wizard to delegate tasks.The same error appears if I try to select any other built in security principals like: Everyone or SYSTEM, etc
The logs show nothing suspicious (with log level 10).
The only log entry which I've found and looked strange to me was this one:
gendb_search_v: CN=Self,CN=WellKnown Security Principals,CN=Configuration,DC=domain,DC=org NULL -> 1
Any ideas on what might be wrong?
The platform I'm using:
Software: Samba Version 4.17.4 (built from source)
OS: Debian GNU/Linux 11 (bullseye)
Architecture: aarch64
Kernel: 5.15.84-v8+
Thanks a lot.Sorin
More information about the samba
mailing list