Douglas G. Oechsler
2020-Jul-13 17:18 UTC
[Samba] net rpc rights grant fail to connect 127.0.0.1
Hello! Ok! I switch the IP inside Member AD> 127.0.0.1 localhost*> 10.1.1.16 * E-PLANO.ad.mydomain.br e-plano Only to clarify 10.1.1.16 - AD Member - File server 10.1.1.21 - Only AD-DC But, sorry! Follow the wiki https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs The command: # net rpc rights grant "SAMDOM\Unix Admins" SeDiskOperatorPrivilege -U "SAMDOM\administrator" Enter SAMDOM\administrator's password: To grant rights, need to do it on the ad-dc side directly? Thank you Em seg., 13 de jul. de 2020 ?s 12:17, Rowland penny via samba < samba at lists.samba.org> escreveu:> > > Now, if this is the member i would have expected something like this. > > > > /etc/hosts > > > > 127.0.0.1 localhost > > 10.1.1.16 E-PLANO.ad.mydomain.br e-plano > Yep, that is where the IP error is coming from. > > Rowland > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- *Douglas Giovani Oechsler* e-mail: doguibnu at gmail.com <douglasgiovani at oechsler.com.br> *Prudent?polis - PR*
Rowland penny
2020-Jul-13 17:26 UTC
[Samba] net rpc rights grant fail to connect 127.0.0.1
On 13/07/2020 18:18, Douglas G. Oechsler wrote:> > Hello! > > Ok! I switch the IP inside Member AD > > 127.0.0.1 localhost > *> 10.1.1.16 * E-PLANO.ad.mydomain.br <http://E-PLANO.ad.mydomain.br> > e-plano > > Only to clarify > 10.1.1.16 - AD Member - File server > 10.1.1.21 - Only AD-DC > > But, sorry! > Follow the wiki > https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs > > The command: > # net rpc rights grant "SAMDOM\Unix Admins" SeDiskOperatorPrivilege -U "SAMDOM\administrator" > Enter SAMDOM\administrator's password: > > To grant rights, need to do it on the ad-dc side directly? >Did you miss the orange box containing: You need to grant the |SeDiskOperatorPrivilege| privilege on the Samba server that holds the share. Rowland
Andrew Walker
2020-Jul-13 17:50 UTC
[Samba] net rpc rights grant fail to connect 127.0.0.1
On Mon, Jul 13, 2020 at 1:26 PM Rowland penny via samba < samba at lists.samba.org> wrote:> On 13/07/2020 18:18, Douglas G. Oechsler wrote: > > > > Hello! > > > > Ok! I switch the IP inside Member AD > > > 127.0.0.1 localhost > > *> 10.1.1.16 * E-PLANO.ad.mydomain.br <http://E-PLANO.ad.mydomain.br> > > e-plano > > > > Only to clarify > > 10.1.1.16 - AD Member - File server > > 10.1.1.21 - Only AD-DC > > > > But, sorry! > > Follow the wiki > > https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs > > > > The command: > > # net rpc rights grant "SAMDOM\Unix Admins" SeDiskOperatorPrivilege -U > "SAMDOM\administrator" > > Enter SAMDOM\administrator's password: > > > > To grant rights, need to do it on the ad-dc side directly? > > > Did you miss the orange box containing: > > You need to grant the |SeDiskOperatorPrivilege| privilege on the Samba > server that holds the share. > > Rowland >For cases where I want to allow an AD group other than Domain Admins to do this stuff (and not bother with "net rpc" commands), I find it somewhat easier to find the SID of the group and then add it as a foreign group of BUILTIN\Administrators on the samba server with the shares a-la "net groupmap addmem S-1-5-32-544 <sid of group>". This will make members of the group local admins with all the benefits and dangers associated with it.