thr3ads.net - samba - [Samba] Migrate and Update (Samba 4.1 ADDC to Samba Latest Version on different Server). [Nov 2022]

If this information is useful, please help other people find it:
Share via:

Rowland Penny

2022-Nov-28 15:25 UTC

[Samba] Migrate and Update (Samba 4.1 ADDC to Samba Latest Version on different Server).

On 28/11/2022 15:18, Juan Ignacio wrote:> I am having some problems accessing the shares of the new member server.
> I can access the shares with my domain account but cannot access them 
> with the administrator account.

How are you trying to connect as Administrator ?

What is in your username map ?

You should have:

!root = OURDOMAIN\Administrator

This should then map Administrator to root when you connect from Windows.

Never use Administrator on a Linux machine, use root or sudo.

Rowland

Juan Ignacio

2022-Nov-28 15:39 UTC

head link

[Samba] Migrate and Update (Samba 4.1 ADDC to Samba Latest Version on different Server).

I'm on a windows client, logged in with the OURDOMAIN\administrator account.

The content of /etc/samba/user.map

!root = OURDOMAIN\Administrator

The smb.conf.

[global]
        log file = /var/log/samba/%m.log
        log level = 1
        realm = OURDOMAIN.ORG
        security = ADS
        server role = member server
        username map = /etc/samba/user.map
        workgroup = OURDOMAIN
        idmap config * : backend = tdb
        idmap config * : range = 3000-7999
        idmap config kennedy : backend = rid
        idmap config kennedy : range = 10000-9999999


On unix.

I checked the shares with smbclient and i got Invalid Token

root at memberdc:/etc/samba# smbclient -L \\\\10.20.1.55 -U administrator
Password for [KENNEDY\administrator]:
session setup failed: NT_STATUS_INVALID_TOKEN

if i do the same with other domain user i got the shares correctly.

 smbclient -L \\\\10.20.1.55 -U pepito
Password for [OURDOMAIN\pepito]:

        Sharename       Type      Comment
        ---------       ----      -------
        sharetest       Disk
        test            Disk
        IPC$            IPC       IPC Service (Samba 4.17.3-Debian)
SMB1 disabled -- no workgroup available


El lun, 28 nov 2022 a las 12:26, Rowland Penny via samba (<
samba at lists.samba.org>) escribi?:
>
>
> On 28/11/2022 15:18, Juan Ignacio wrote:
> > I am having some problems accessing the shares of the new member
server.
> > I can access the shares with my domain account but cannot access them
> > with the administrator account.
>
>
> How are you trying to connect as Administrator ?
>
> What is in your username map ?
>
> You should have:
>
> !root = OURDOMAIN\Administrator
>
> This should then map Administrator to root when you connect from Windows.
>
> Never use Administrator on a Linux machine, use root or sudo.
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

samba - Nov 2022 - Migrate and Update (Samba 4.1 ADDC to Samba Latest Version on different Server).

[Samba] Migrate and Update (Samba 4.1 ADDC to Samba Latest Version on different Server).

[Samba] Migrate and Update (Samba 4.1 ADDC to Samba Latest Version on different Server).