[Samba] SePrintOperatorPrivilege NT_STATUS_LOGON_FAILURE
calm.job89448 at fastmail.com
calm.job89448 at fastmail.com
Wed Jun 5 10:46:11 UTC 2024
Hi everyone,
I seem to have come to a dead end, so here I am, turning to you, asking for your expertise. :)
Whenever I try
net rpc rights grant 'MYDOMAIN\grp_it_members' SePrintOperatorPrivilege -U'MYDOMAIN\admin'
I get this error:
Password for [MYDOMAIN\admin]:
Could not connect to server 127.0.0.1
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE
Password is correct, I tried other users as well, with the same result.
Here's the relevant part of the smb.conf:
[global]
security = ADS
workgroup = MYDOMAIN
realm = MYDOMAIN.WORK
server role = member server
log file = /var/log/samba/%m.log
bind interfaces only = yes
# Please substitute your own physical cards here:
interfaces = lo ens18
# Enable Group Policy application in winbind,
apply group policies = yes
# winbind config:
winbind use default domain = yes
# The following options are only useful for testing. Comment out in production.
# winbind enum users = yes
# winbind enum groups = yes
# Map Administrator to root
username map = /etc/samba/user.map
min domain uid = 0
# Kerberos
winbind refresh tickets = Yes
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
I found this in the Samba-Wiki:
https://wiki.samba.org/index.php/Samba_Member_Server_Troubleshooting
and made sure user.map and smb.conf are correct.
Joining worked fine, I can ping the DC browse users and groups ... only this doesn't work.
Any ideas?!
Thanks so much in advance,
khalid
More information about the samba
mailing list