Hi, On 18-6-2019 12:57, Rowland penny via samba wrote:> I have just tried this as root and it worked for me: > > samba-tool domain backup online --server=dc4 --targetdir=/backup > -Urowland at samdom.example.com > > When I tried to run it as normal user, it threw an error because the > user wasn't allowed access to the backup dir, allowing the user access > cured this and it then worked: > > SAMDOM\rowland at dc4:/root$ samba-tool domain backup online --server=dc4 > --targetdir=/backup -Urowland at samdom.example.com > > I get asked for the users password before anything happens, I don't get > asked again.I can confirm that here. My question was really why it works for one user, and not for another. Both are Domain Admins, and it makes no difference if I use kerberos or NTLM. After upgrading next week, I'll try latest 4.10 and also the offline backup. MJ
On 18/06/2019 13:02, lists via samba wrote:> Hi, > > On 18-6-2019 12:57, Rowland penny via samba wrote: >> I have just tried this as root and it worked for me: >> >> samba-tool domain backup online --server=dc4 --targetdir=/backup >> -Urowland at samdom.example.com >> >> When I tried to run it as normal user, it threw an error because the >> user wasn't allowed access to the backup dir, allowing the user >> access cured this and it then worked: >> >> SAMDOM\rowland at dc4:/root$ samba-tool domain backup online >> --server=dc4 --targetdir=/backup -Urowland at samdom.example.com >> >> I get asked for the users password before anything happens, I don't >> get asked again. > > I can confirm that here. > > My question was really why it works for one user, and not for another. > Both are Domain Admins, and it makes no difference if I use kerberos > or NTLM. >My only thought is, are they both Unix domain users ? Rowland
Hi, On 18-6-2019 14:07, Rowland penny via samba wrote:> My only thought is, are they both Unix domain users ?This is on the DC, and no: This one works:> root at dc3:~# id myusername > id: ?myusername?: no such userand this one not:> root at dc3:~# id samba.backup > id: ?samba.backup?: no such userMJ
He MJ, Ah, my user does have an UID/GID assigned. Did you "copy" the administrator user or did you create a new user and gave him administrator rights. On my DC's. id username uid=10002(ADDOM\usernam) gid=10000(ADDOM\domain users) groups=10000(ADDOM\domain users),3000275(ADDOM\internet-proxy-manual).. And more. Where my Administratos reflex to: id administrator uid=0(root) gid=0(root) groups=0(root) Note the 10000 and 3000275 100xx are assigned GID's with RSAT while 3000275 (RID) does not have any GID assigned. On my domain members the RID number 3000275 is not shown or not used or im using pure windows ACL's These 3000xxx numbers are not used on linux filesystems, only in authentication/security against windows and/or the samba AD's> On 18-6-2019 MJ via samba wrote: > This is on the DC, and no: > > This one works: > > root at dc3:~# id myusername > > id: ?myusername?: no such userSeems that its not working ;-)> > and this one not: > > root at dc3:~# id samba.backup > > id: ?samba.backup?: no such user > > MJ > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >Greetz, Louis