On Wed, 2005-10-19 at 00:05 -0400, Eric A. Hall wrote: > On 10/18/2005 9:26 AM, Gerald (Jerry) Carter wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Günter Gersdorf wrote: > > > > | Domain Admins are not allowed to modify the ldapsam > > | database via usrmgr. > > | lib/smbldap.c: smbldap_open: cannot access LDAP when not root.. > > | > > | Is this by design? > > > > Yes. It is by design. You have to assign the > > SeAddUsersPrivilege to the Domain Admins group. > > Where are the privs stored nowadays? I found lots of references to > privilege[s].tdb but nothing like that seems to exist anywhere. ---- on my systems, tdb's are stored in /var/cache/samba (RHEL)
if slocate is current, you should be able to find it easily enough... locate account_policy.tdb if slocate is not current, execute 'updatedb' first The SeAddUsersPrivilege was added somewhere around 3.0.14 - depends upon which version of samba you are using as to whether command is available. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
