Web lists-archives.com

Re: [Samba] MMC issue




On Tue, 5 Dec 2017 11:11:33 -0700 (MST)
Mariusz80 via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Samba - General mailing list wrote
> > On Tue, 5 Dec 2017 10:37:02 -0700 (MST)
> > Mariusz80 via samba &lt;
> 
> > samba@.samba
> 
> > &gt; wrote:
> > 
> >> Hi
> >> I have a strange problem with Shared folders in MMC. While I try to
> >> connect to linux machine and list Open files or Sessions I got a
> >> message "You do not have permission to view the list of sessions
> >> from Windows clients". The problem exists only if I try to connect
> >> to linux machines (Windows Server is ok),
> >> and only for Administrator account. From other accounts with
> >> Administrator priviliges there is no problem at all.
> >> 
> >> In the logs there is:
> >> ../source3/rpc_server/srvsvc/srv_srvsvc_nt.c:1274(_srvsvc_NetFileEnum)
> >>   Enumerating files only allowed for administrators
> >> 
> >> Any advice?
> >> 
> >> Thanks
> >> Mariusz
> >> 
> >> 
> >> 
> >> --
> >> Sent from:
> >> http://samba.2283325.n4.nabble.com/Samba-General-f2403709.html
> >> 
> > 
> > How is Samba set up on the Linux machine ?
> > 
> > Rowland
> > 
> > -- 
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> 
> I did it according to:
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
> My smb.conf:
> [global]
>        security = ADS
>        workgroup = some
>        realm = some.domain.pl
> 	   
> 		allow trusted domains = Yes
> 		winbind use default domain = Yes
>         winbind nss info = rfc2307
>         winbind refresh tickets = Yes
> 
>        log file = /var/log/samba/%m.log
>        log level = 1
> 	
>        idmap config * : backend = tdb
>        idmap config * : range = 3000-7999
> 	
> 	idmap config some : backend = rid
> 	idmap config some: range = 10000-999999
> 
> 	winbind nss info = template
> 	template shell = /bin/bash
> 	template homedir = /home/%U
> 	username map = /etc/samba/user.map
> 	
> 	winbind enum users = yes
> 	winbind enum groups = yes
> 
> 	vfs objects = acl_xattr
>        map acl inherit = yes
>        store dos attributes = yes
> 

Does 'getent passwd Administrator' give any output ?

If it does, try adding this line to smb.conf:

username map = /etc/samba/user.map

Create the user.map:

nano /etc/samba/user.map

it should contain only:

!root = SAMDOM\Administrator SAMDOM\administrator Administrator
administrator

That is all on one line, replace 'SAMDOM' with your workgroup name and,
if required, change the '/etc/samba' path to the path to your smb.conf.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba