Re: [Samba] net ads join requires full domain admin account?
* [EMAIL PROTECTED] schrieb am 10.02.05 um 21:35 Uhr: Problem: I have an account that allows me to join an AD domain, this works fine from any win box. However it fails with ads_add_machine_acct (client_name): Insufficient access when I do a net ads join from a linux box. To get samba to join the domain, I have to use an account with full domain admin privs. (ie net ads join -Ufull_domain_admin) Is this expected behavior? I just wanted to confirm that. I saw the same while I was trying to add my Samba machine to an AD. -Marc -- °M3rlin- what is the legal age to buy alcoholic in england ? ° ° p5Ds13a06 you cant buy alcoholics ° ° p5Ds13a06 but if you wink the right way, ° ° some of them will follow you home for free ° -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net ads join requires full domain admin account?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marc Schiffbauer wrote: | Problem: I have an account that allows me to join | an AD domain, this works fine from any win box. However | it fails with ads_add_machine_acct (client_name): | Insufficient access when I do a net ads join from a linux | box. To get samba to join the domain, I have to use | an account with full domain admin privs. (ie net | ads join -Ufull_domain_admin) | | Is this expected behavior? | | I just wanted to confirm that. I saw the same while | I was trying to add my Samba machine to an AD. The acls on you machine object or parent OU in AD are wrong then. I can successfully join Samba boxes to an AD domain without being a domain admin. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCDNnSIR7qMdg1EfYRAm+NAJ4tTHU1ULsnf6VCIBUlUBRFNRFaNACfWDlj IXmrB82nkQ6LYqFxAW9w0IA= =oT/C -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net ads join requires full domain admin account?
Problem: I have an account that allows me to join an AD domain, this works fine from any win box. However it fails with ads_add_machine_acct (client_name): Insufficient access when I do a net ads join from a linux box. To get samba to join the domain, I have to use an account with full domain admin privs. (ie net ads join -Ufull_domain_admin) Is this expected behavior? The linux box is running Fedora Core 3, samba 3.0.10-1, krb 1.3.6-2 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
