2011/1/28 Juan Asensio Sánchez <[email protected]>: > We have configured 2 PDC Samba (v3.0.33, sambapdc1 and sambapdc2) > servers using LDAP (389 DS v1.2.5) as its database backend. If I run > "net rpc user -UXXXX" from theses servers I get all groups in LDAP. > These servers are working fine for a long time. > > Now I have configured a file server (not logon server, sambafs1), as a > member of the domain served by those servers (this with v3.3.8). I > have configured the LDAP client, so I can do "getent passwd" and > "getent group" and I see all objects from LDAP. Next, I have > configured Samba with this conf: (snip) > Next, I have joined the Samba FS in the domain, using the command "net > rpc join -UXXXXXX", without any errors. Now, If I run "net rpc group > -S sambafs1 -UXXXXX", I get no groups. Is this normal? As Samba can't > see any groups, I cannot assign privileges using "net rpc rights > grant", so users can manage shares from Windows using the add, change > and delete share commands.
This is an expected behavior. "net rpc group -S sambafs1 -UXXXXX" returns local groups defined on sambafs1, not domain groups. Recently (3.0.24 and after) no groups are defined by default. so you should get no (local) groups. > I cannot assign privileges using "net rpc rights grant" Do you use winbind? If not, you should create a local admin user: sambafs1# pdbedit -a root And try like: sambafs1# net rpc rights grant DOMAINNAME\\USERNAME SeAddUsersPrivilege -U sambafs1\\root --- TAKAHASHI Motonobu <[email protected]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
