Samba - General mailing list wrote> On Tue, 5 Dec 2017 10:37:02 -0700 (MST) > Mariusz80 via samba <> samba at .samba> > wrote: > >> Hi >> I have a strange problem with Shared folders in MMC. While I try to >> connect to linux machine and list Open files or Sessions I got a >> message "You do not have permission to view the list of sessions from >> Windows clients". The problem exists only if I try to connect to >> linux machines (Windows Server is ok), >> and only for Administrator account. From other accounts with >> Administrator priviliges there is no problem at all. >> >> In the logs there is: >> ../source3/rpc_server/srvsvc/srv_srvsvc_nt.c:1274(_srvsvc_NetFileEnum) >> Enumerating files only allowed for administrators >> >> Any advice? >> >> Thanks >> Mariusz >> >> >> >> -- >> Sent from: >> http://samba.2283325.n4.nabble.com/Samba-General-f2403709.html >> > > How is Samba set up on the Linux machine ? > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/sambaI did it according to: https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member My smb.conf: [global] security = ADS workgroup = some realm = some.domain.pl allow trusted domains = Yes winbind use default domain = Yes winbind nss info = rfc2307 winbind refresh tickets = Yes log file = /var/log/samba/%m.log log level = 1 idmap config * : backend = tdb idmap config * : range = 3000-7999 idmap config some : backend = rid idmap config some: range = 10000-999999 winbind nss info = template template shell = /bin/bash template homedir = /home/%U username map = /etc/samba/user.map winbind enum users = yes winbind enum groups = yes vfs objects = acl_xattr map acl inherit = yes store dos attributes = yes Mariusz -- Sent from: http://samba.2283325.n4.nabble.com/Samba-General-f2403709.html
On Tue, 5 Dec 2017 11:11:33 -0700 (MST) Mariusz80 via samba <samba at lists.samba.org> wrote:> Samba - General mailing list wrote > > On Tue, 5 Dec 2017 10:37:02 -0700 (MST) > > Mariusz80 via samba < > > > samba at .samba > > > > wrote: > > > >> Hi > >> I have a strange problem with Shared folders in MMC. While I try to > >> connect to linux machine and list Open files or Sessions I got a > >> message "You do not have permission to view the list of sessions > >> from Windows clients". The problem exists only if I try to connect > >> to linux machines (Windows Server is ok), > >> and only for Administrator account. From other accounts with > >> Administrator priviliges there is no problem at all. > >> > >> In the logs there is: > >> ../source3/rpc_server/srvsvc/srv_srvsvc_nt.c:1274(_srvsvc_NetFileEnum) > >> Enumerating files only allowed for administrators > >> > >> Any advice? > >> > >> Thanks > >> Mariusz > >> > >> > >> > >> -- > >> Sent from: > >> http://samba.2283325.n4.nabble.com/Samba-General-f2403709.html > >> > > > > How is Samba set up on the Linux machine ? > > > > Rowland > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba > > I did it according to: > https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member > My smb.conf: > [global] > security = ADS > workgroup = some > realm = some.domain.pl > > allow trusted domains = Yes > winbind use default domain = Yes > winbind nss info = rfc2307 > winbind refresh tickets = Yes > > log file = /var/log/samba/%m.log > log level = 1 > > idmap config * : backend = tdb > idmap config * : range = 3000-7999 > > idmap config some : backend = rid > idmap config some: range = 10000-999999 > > winbind nss info = template > template shell = /bin/bash > template homedir = /home/%U > username map = /etc/samba/user.map > > winbind enum users = yes > winbind enum groups = yes > > vfs objects = acl_xattr > map acl inherit = yes > store dos attributes = yes >Does 'getent passwd Administrator' give any output ? If it does, try adding this line to smb.conf: username map = /etc/samba/user.map Create the user.map: nano /etc/samba/user.map it should contain only: !root = SAMDOM\Administrator SAMDOM\administrator Administrator administrator That is all on one line, replace 'SAMDOM' with your workgroup name and, if required, change the '/etc/samba' path to the path to your smb.conf. Rowland
Samba - General mailing list wrote> On Tue, 5 Dec 2017 11:11:33 -0700 (MST) > Mariusz80 via samba <> samba at .samba> > wrote: > >> Samba - General mailing list wrote >> > On Tue, 5 Dec 2017 10:37:02 -0700 (MST) >> > Mariusz80 via samba < >> >> > samba at .samba >> >> > > wrote: >> > >> >> Hi >> >> I have a strange problem with Shared folders in MMC. While I try to >> >> connect to linux machine and list Open files or Sessions I got a >> >> message "You do not have permission to view the list of sessions >> >> from Windows clients". The problem exists only if I try to connect >> >> to linux machines (Windows Server is ok), >> >> and only for Administrator account. From other accounts with >> >> Administrator priviliges there is no problem at all. >> >> >> >> In the logs there is: >> >> ../source3/rpc_server/srvsvc/srv_srvsvc_nt.c:1274(_srvsvc_NetFileEnum) >> >> Enumerating files only allowed for administrators >> >> >> >> Any advice? >> >> >> >> Thanks >> >> Mariusz >> >> >> >> >> >> >> >> -- >> >> Sent from: >> >> http://samba.2283325.n4.nabble.com/Samba-General-f2403709.html >> >> >> > >> > How is Samba set up on the Linux machine ? >> > >> > Rowland >> > >> > -- >> > To unsubscribe from this list go to the following URL and read the >> > instructions: https://lists.samba.org/mailman/options/samba >> >> I did it according to: >> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member >> My smb.conf: >> [global] >> security = ADS >> workgroup = some >> realm = some.domain.pl >> >> allow trusted domains = Yes >> winbind use default domain = Yes >> winbind nss info = rfc2307 >> winbind refresh tickets = Yes >> >> log file = /var/log/samba/%m.log >> log level = 1 >> >> idmap config * : backend = tdb >> idmap config * : range = 3000-7999 >> >> idmap config some : backend = rid >> idmap config some: range = 10000-999999 >> >> winbind nss info = template >> template shell = /bin/bash >> template homedir = /home/%U >> username map = /etc/samba/user.map >> >> winbind enum users = yes >> winbind enum groups = yes >> >> vfs objects = acl_xattr >> map acl inherit = yes >> store dos attributes = yes >> > > Does 'getent passwd Administrator' give any output ? > > If it does, try adding this line to smb.conf: > > username map = /etc/samba/user.map > > Create the user.map: > > nano /etc/samba/user.map > > it should contain only: > > !root = SAMDOM\Administrator SAMDOM\administrator Administrator > administrator > > That is all on one line, replace 'SAMDOM' with your workgroup name and, > if required, change the '/etc/samba' path to the path to your smb.conf. > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/sambagetent passwd Administrator administrator:*:10500:10513::/home/administrator:/bin/bash smb.conf already contains user.map Mariusz -- Sent from: http://samba.2283325.n4.nabble.com/Samba-General-f2403709.html