我刚刚安装了 Ubuntu Server 22.04,并将其作为成员服务器加入到现有 AD。我遵循以下操作方法:https://wiki.samba.org/index.php/Setting_up_a_Share_Using_Windows_ACLs
一切都很好,直到我
net rpc rights grant "SAMDOM\Unix Admins" SeDiskOperatorPrivilege -U "SAMDOM\administrator"
失败如下:
net rpc rights grant "DOMAIN\Unix Admins" SeDiskOperatorPrivilege -U "DOMAIN\administrator"
Password for [DOMAIN\administrator]:
Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_INVALID_TOKEN我发现这个三年前已经解决的问题似乎是同一个问题,但是那个解决方案并没有什么区别(我已经有了 user.map 文件):Samba net rpc 权限授予 SeDiskOperatorPrivilege 失败
成员服务器smb.conf:
# Global parameters
[global]
log file = /var/log/samba/%m.log
log level = 1
max log size = 1000
realm = DOMAIN.TLD
security = ADS
server role = member server
username map = /etc/samba/user.map
workgroup = DOMAIN
idmap config * : range = 10000-9999999
idmap config * : backend = autorid
map acl inherit = Yes
vfs objects = acl_xattr
krb5.conf:
[libdefaults]
default_realm = DOMAIN.TLD
dns_lookup_realm = false
dns_lookup_kdc = true
用户.map:
!root = DOMAIN\Administrator DOMAIN\administrator
答案1
好的,将“min domain uid = 0”添加到 /etc/samba/smb.conf 并重新加载配置或重新启动 Samba。