Web lists-archives.com

Re: [Samba] error witch rsat




On Sun, 27 Jan 2019 13:07:06 +0100
marco pirola <mapirola81@xxxxxxxxx> wrote:

> Does'nt work if i used Administration and another user. Can i
> resolved this problem? I used the acl?
> 

I think I understand what is going on and it clearly shows why giving
'Administrator' a Unix ID is a bad idea ;-)

If you run:

getent passwd administrator

You will get something like this:

administrator:*:10500:10513::/home/administrator:/bin/bash

This clearly shows that 'Administrator' has the ID '10500', which means
it is a normal Unix user and can only do what a Normal Unix user can,
which isn't much ;-)

NOTE: this will only happen on a Samba AD DC or a Samba Unix domain
member using the winbind 'rid' backend.

You need to make 'Administrator' (from Samba's perspective) be able to
do things on Unix without asking for a password. There is only one user
that can do that: 'root'

To do this, you need to add something to the 'global' section of your
Unix domain members smb.conf file:

username map = /etc/samba/user.map

Create /etc/samba/user.map with this content:

!root = ROBINOOD\Administrator

Restart Samba and try again from Windows 10

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba