Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[Samba] "net rpc" commands don’t work on Samba AD DC
772 views
Skip to first unread message
Alnis Morics via samba
Jan 29, 2017, 11:40:04 AM1/29/17
to
Hello,
I built Samba 4.5.4 on a FreeBSD 11.0 machine, and I’m trying to set up
an AD DC with a file share.
So I did this:
- enabled ACLs on my UFS2 filesystem (before compilation)
- successfully provisioned (rfc2307, internal DNS)
- tested local shares, DNS, Kerberos
- adjusted NTPd as suggested in Wiki
- added this to the global section of smb.conf:
template shell = /usr/sbin/nologin
template homedir = /home/%U
- changed these lines in /etc/nsswitch.conf:
passwd: files winbind
group: files winbind
- Made a symlink for NSS:
ln -s /usr/local/samba/lib/nss_winbind.so.1 /usr/local/lib/nss/
And winbindd seems to work. I can look up domain users:
# getent passwd Administrator
RW\administrator:*:0:20::/home/administrator:/usr/sbin/nologin
And change file ownerships to the domain users:
# touch testfile
# ll testfile
-rw-r--r-- 1 root wheel 0 Jan 28 19:25 testfile
# chown user1:"domain users" testfile
# ll testfile
-rw-r--r-- 1 RW\user1 staff 0 Jan 28 19:25 testfile
But when I try to grant Domain Admins a SeDiskOperatorPrivilege, I get this:
# net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
"RW\administrator"
Enter RW\administrator's password:
Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_UNSUCCESSFUL
I found out that other net rpc commands don’t work either, e.g.:
# net rpc rights list -U administrator
Enter administrator's password:
Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_UNSUCCESSFUL
The rpc service seems to be running:
# samba-tool testparm --parameter-name='server services'
s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd,
kcc, dnsupdate, dns
I tried to map the root user to the domain Administrator but nothing
changed.
When I raise the log level to 3, the session looks like this:
net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
"RW\administrator" -d 3
lp_load_ex: refreshing parameters
Initialising global parameters
Processing section "[global]"
Registered MSG_REQ_POOL_USAGE
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
lp_load_ex: refreshing parameters
Initialising global parameters
Processing section "[global]"
added interface rl0 ip=192.168.0.192 bcast=192.168.0.255
netmask=255.255.255.0
Enter RW\administrator's password:
Connecting to 127.0.0.1 at port 445
Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_UNSUCCESSFUL
failed to make ipc connection: NT_STATUS_UNSUCCESSFUL
return code = -1
Now, “sockstat -4” shows that smbd listens on port 445, all
interfaces/addresses:
...
root smbd 2316 47 tcp4 *:445 *:*
...
“failed to make ipc connection” has to do with the IPC$ share, right?
At least I can’t connect to it:
# smbclient //localhost/IPC$ -UAdministrator -c 'ls'
Enter Administrator's password:
tdb(/usr/local/samba/var/lock/gencache_notrans.tdb): tdb_lock failed on
list 129 ltype=3 (Invalid argument)
tdb(/usr/local/samba/var/lock/gencache_notrans.tdb): tdb_lock failed on
list 113 ltype=3 (Invalid argument)
tdb(/usr/local/samba/var/lock/gencache_notrans.tdb): tdb_lock failed on
list 113 ltype=3 (Invalid argument)
tdb(/usr/local/samba/var/lock/gencache_notrans.tdb): tdb_lock failed on
list 113 ltype=3 (Invalid argument)
Domain=[RW] OS=[Windows 6.1] Server=[Samba 4.5.4]
NT_STATUS_ACCESS_DENIED listing \*
#
By the way, I don’t receive these tdb_lock failure messages when
looking up shares as a regular user.
Any ideas why "net rpc" commands don’t work for me?
Thanks,
Alnis
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
I built Samba 4.5.4 on a FreeBSD 11.0 machine, and I’m trying to set up
an AD DC with a file share.
So I did this:
- enabled ACLs on my UFS2 filesystem (before compilation)
- successfully provisioned (rfc2307, internal DNS)
- tested local shares, DNS, Kerberos
- adjusted NTPd as suggested in Wiki
- added this to the global section of smb.conf:
template shell = /usr/sbin/nologin
template homedir = /home/%U
- changed these lines in /etc/nsswitch.conf:
passwd: files winbind
group: files winbind
- Made a symlink for NSS:
ln -s /usr/local/samba/lib/nss_winbind.so.1 /usr/local/lib/nss/
And winbindd seems to work. I can look up domain users:
# getent passwd Administrator
RW\administrator:*:0:20::/home/administrator:/usr/sbin/nologin
And change file ownerships to the domain users:
# touch testfile
# ll testfile
-rw-r--r-- 1 root wheel 0 Jan 28 19:25 testfile
# chown user1:"domain users" testfile
# ll testfile
-rw-r--r-- 1 RW\user1 staff 0 Jan 28 19:25 testfile
But when I try to grant Domain Admins a SeDiskOperatorPrivilege, I get this:
# net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
"RW\administrator"
Enter RW\administrator's password:
Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_UNSUCCESSFUL
I found out that other net rpc commands don’t work either, e.g.:
# net rpc rights list -U administrator
Enter administrator's password:
Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_UNSUCCESSFUL
The rpc service seems to be running:
# samba-tool testparm --parameter-name='server services'
s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd,
kcc, dnsupdate, dns
I tried to map the root user to the domain Administrator but nothing
changed.
When I raise the log level to 3, the session looks like this:
net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
"RW\administrator" -d 3
lp_load_ex: refreshing parameters
Initialising global parameters
Processing section "[global]"
Registered MSG_REQ_POOL_USAGE
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
lp_load_ex: refreshing parameters
Initialising global parameters
Processing section "[global]"
added interface rl0 ip=192.168.0.192 bcast=192.168.0.255
netmask=255.255.255.0
Enter RW\administrator's password:
Connecting to 127.0.0.1 at port 445
Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_UNSUCCESSFUL
failed to make ipc connection: NT_STATUS_UNSUCCESSFUL
return code = -1
Now, “sockstat -4” shows that smbd listens on port 445, all
interfaces/addresses:
...
root smbd 2316 47 tcp4 *:445 *:*
...
“failed to make ipc connection” has to do with the IPC$ share, right?
At least I can’t connect to it:
# smbclient //localhost/IPC$ -UAdministrator -c 'ls'
Enter Administrator's password:
tdb(/usr/local/samba/var/lock/gencache_notrans.tdb): tdb_lock failed on
list 129 ltype=3 (Invalid argument)
tdb(/usr/local/samba/var/lock/gencache_notrans.tdb): tdb_lock failed on
list 113 ltype=3 (Invalid argument)
tdb(/usr/local/samba/var/lock/gencache_notrans.tdb): tdb_lock failed on
list 113 ltype=3 (Invalid argument)
tdb(/usr/local/samba/var/lock/gencache_notrans.tdb): tdb_lock failed on
list 113 ltype=3 (Invalid argument)
Domain=[RW] OS=[Windows 6.1] Server=[Samba 4.5.4]
NT_STATUS_ACCESS_DENIED listing \*
#
By the way, I don’t receive these tdb_lock failure messages when
looking up shares as a regular user.
Any ideas why "net rpc" commands don’t work for me?
Thanks,
Alnis
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Marc Muehlfeld via samba
Jan 29, 2017, 11:50:02 AM1/29/17
to
Hello Alnis,
Am 29.01.2017 um 17:27 schrieb Alnis Morics via samba:
> But when I try to grant Domain Admins a SeDiskOperatorPrivilege, I get
> this:
>
> # net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
> "RW\administrator"
> Enter RW\administrator's password:
> Could not connect to server 127.0.0.1
> Connection failed: NT_STATUS_UNSUCCESSFUL
https://wiki.samba.org/index.php/Troubleshooting_Samba_Domain_Members#The_net_Command_Fails_to_Connect_to_the_127.0.0.1_IP_Address
Regards,
Marc
Am 29.01.2017 um 17:27 schrieb Alnis Morics via samba:
> But when I try to grant Domain Admins a SeDiskOperatorPrivilege, I get
> this:
>
> # net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
> "RW\administrator"
> Enter RW\administrator's password:
> Could not connect to server 127.0.0.1
> Connection failed: NT_STATUS_UNSUCCESSFUL
Regards,
Marc
Alnis Morics via samba
Jan 29, 2017, 12:40:03 PM1/29/17
to
On 01/29/2017 18:41, Marc Muehlfeld wrote:
> Hello Alnis,
>
> Am 29.01.2017 um 17:27 schrieb Alnis Morics via samba:
>> But when I try to grant Domain Admins a SeDiskOperatorPrivilege, I get
>> this:
>>
>> # net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
>> "RW\administrator"
>> Enter RW\administrator's password:
>> Could not connect to server 127.0.0.1
>> Connection failed: NT_STATUS_UNSUCCESSFUL
> https://wiki.samba.org/index.php/Troubleshooting_Samba_Domain_Members#The_net_Command_Fails_to_Connect_to_the_127.0.0.1_IP_Address
>
>
> Regards,
> Marc
>
Yes, I already tried that. The result is:
net rpc -I 192.168.0.192 rights list -U administrator
Enter administrator's password:
Could not connect to server 192.168.0.192
Connection failed: NT_STATUS_UNSUCCESSFUL
And, as I told, my smbd is listening on all addresses. And the error
message is a bit different: not NT_STATUS_CONNECTION_REFUSED, as in that
example, but NT_STATUS_UNSUCCESSFUL -- a generic one.
Alnis
Alnis Morics via samba
Jan 29, 2017, 2:00:04 PM1/29/17
to
>On 01/29/2017 18:41, Marc Muehlfeld wrote:
>
>
>> Hello Alnis,
>>
>> Am 29.01.2017 um 17:27 schrieb Alnis Morics via samba:
>>> But when I try to grant Domain Admins a SeDiskOperatorPrivilege, I get
>>> this:
>>>
>>> # net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
>>> "RW\administrator"
>>> Enter RW\administrator's password:
>>> Could not connect to server 127.0.0.1
>>> Connection failed: NT_STATUS_UNSUCCESSFUL
>>
https://wiki.samba.org/index.php/Troubleshooting_Samba_Domain_Members#The_net_Command_Fails_to_Connect_to_the_127.0.0.1_IP_Address
>>
>>
>> Regards,
>> Marc
>>
>>
>> Am 29.01.2017 um 17:27 schrieb Alnis Morics via samba:
>>> But when I try to grant Domain Admins a SeDiskOperatorPrivilege, I get
>>> this:
>>>
>>> # net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
>>> "RW\administrator"
>>> Enter RW\administrator's password:
>>> Could not connect to server 127.0.0.1
>>> Connection failed: NT_STATUS_UNSUCCESSFUL
>>
https://wiki.samba.org/index.php/Troubleshooting_Samba_Domain_Members#The_net_Command_Fails_to_Connect_to_the_127.0.0.1_IP_Address
>>
>>
>> Regards,
>> Marc
>>
>Thank you, Marc.
>
>Yes, I already tried that. The result is:
>
>net rpc -I 192.168.0.192 rights list -U administrator
>Enter administrator's password:
>Could not connect to server 192.168.0.192
>Connection failed: NT_STATUS_UNSUCCESSFUL
>
>And, as I told, my smbd is listening on all addresses. And the error
>message is a bit different: not NT_STATUS_CONNECTION_REFUSED, as in that
>example, but NT_STATUS_UNSUCCESSFUL -- a generic one.
>
>Alnis
Ok, if I raise the log level to 10, I get 7 more lines at the end:
>
>Yes, I already tried that. The result is:
>
>net rpc -I 192.168.0.192 rights list -U administrator
>Enter administrator's password:
>Could not connect to server 192.168.0.192
>Connection failed: NT_STATUS_UNSUCCESSFUL
>
>And, as I told, my smbd is listening on all addresses. And the error
>message is a bit different: not NT_STATUS_CONNECTION_REFUSED, as in that
>example, but NT_STATUS_UNSUCCESSFUL -- a generic one.
>
>Alnis
...
Could not connect to server 192.168.0.192
Connection failed: NT_STATUS_UNSUCCESSFUL
failed to make ipc connection: NT_STATUS_UNSUCCESSFUL
return code = -1
Opening cache file at /usr/local/samba/var/cache/gencache.tdb
failed to make ipc connection: NT_STATUS_UNSUCCESSFUL
return code = -1
Opening cache file at /usr/local/samba/var/lock/gencache_notrans.tdb
tdb(/usr/local/samba/var/lock/gencache_notrans.tdb):
allrecord_mutex_lock() failed: Invalid argument
Could not get allrecord lock on gencache_notrans.tdb: Locking error
Freeing parametrics:
#
Alnis
Alnis Morics via samba
Jan 30, 2017, 8:50:04 AM1/30/17
to
> >On 01/29/2017 18:41, Marc Muehlfeld wrote:
> >
> >
> >> Hello Alnis,
> >>
> >> Am 29.01.2017 um 17:27 schrieb Alnis Morics via samba:
> >>> But when I try to grant Domain Admins a SeDiskOperatorPrivilege,
I get
> >>> this:
> >>>
> >>> # net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
> >>> "RW\administrator"
> >>> Enter RW\administrator's password:
> >>> Could not connect to server 127.0.0.1
> >>> Connection failed: NT_STATUS_UNSUCCESSFUL
> >>
https://wiki.samba.org/index.php/Troubleshooting_Samba_Domain_Members#The_net_Command_Fails_to_Connect_to_the_127.0.0.1_IP_Address
> >>
> >>
> >> Regards,
> >> Marc
> >>
> >>
> >> Am 29.01.2017 um 17:27 schrieb Alnis Morics via samba:
> >>> But when I try to grant Domain Admins a SeDiskOperatorPrivilege,
I get
> >>> this:
> >>>
> >>> # net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
> >>> "RW\administrator"
> >>> Enter RW\administrator's password:
> >>> Could not connect to server 127.0.0.1
> >>> Connection failed: NT_STATUS_UNSUCCESSFUL
> >>
https://wiki.samba.org/index.php/Troubleshooting_Samba_Domain_Members#The_net_Command_Fails_to_Connect_to_the_127.0.0.1_IP_Address
> >>
> >>
> >> Regards,
> >> Marc
> >>
> >Thank you, Marc.
> >
> >Yes, I already tried that. The result is:
> >
> >net rpc -I 192.168.0.192 rights list -U administrator
> >Enter administrator's password:
> >Could not connect to server 192.168.0.192
> >Connection failed: NT_STATUS_UNSUCCESSFUL
> >
> >And, as I told, my smbd is listening on all addresses. And the error
> >message is a bit different: not NT_STATUS_CONNECTION_REFUSED, as in that
> >example, but NT_STATUS_UNSUCCESSFUL -- a generic one.
> >
> >Alnis
>
>Ok, if I raise the log level to 10, I get 7 more lines at the end:
>...
>Could not connect to server 192.168.0.192
> >
> >Yes, I already tried that. The result is:
> >
> >net rpc -I 192.168.0.192 rights list -U administrator
> >Enter administrator's password:
> >Could not connect to server 192.168.0.192
> >Connection failed: NT_STATUS_UNSUCCESSFUL
> >
> >And, as I told, my smbd is listening on all addresses. And the error
> >message is a bit different: not NT_STATUS_CONNECTION_REFUSED, as in that
> >example, but NT_STATUS_UNSUCCESSFUL -- a generic one.
> >
> >Alnis
>
>Ok, if I raise the log level to 10, I get 7 more lines at the end:
>...
>Connection failed: NT_STATUS_UNSUCCESSFUL
>failed to make ipc connection: NT_STATUS_UNSUCCESSFUL
>return code = -1
>failed to make ipc connection: NT_STATUS_UNSUCCESSFUL
>return code = -1
>Opening cache file at /usr/local/samba/var/cache/gencache.tdb
>Opening cache file at /usr/local/samba/var/lock/gencache_notrans.tdb
>tdb(/usr/local/samba/var/lock/gencache_notrans.tdb):
>allrecord_mutex_lock() failed: Invalid argument
>Could not get allrecord lock on gencache_notrans.tdb: Locking error
>Freeing parametrics:
>#
>
>Alnis
"allrecord_mutex_lock() failed: Invalid argument" looks like a C
>Opening cache file at /usr/local/samba/var/lock/gencache_notrans.tdb
>tdb(/usr/local/samba/var/lock/gencache_notrans.tdb):
>allrecord_mutex_lock() failed: Invalid argument
>Could not get allrecord lock on gencache_notrans.tdb: Locking error
>Freeing parametrics:
>#
>
>Alnis
interpretator's complaint. I thought maybe there's a conflict between
gcc and Clang of FreeBSD's base system. So I removed gcc and recompiled
Samba. But no, the errors are exactly the same.
I also have another FreeBSD machine (10.3) where some months ago I built
Samba 4.4.5 ADDC, and there "net rpc" commands work.
Alnis
Alnis Morics via samba
Feb 6, 2017, 3:10:03 AM2/6/17
to
>> >On 01/29/2017 18:41, Marc Muehlfeld wrote:
>> >
>> >
>> >> Hello Alnis,
>> >>
>> >> Am 29.01.2017 um 17:27 schrieb Alnis Morics via samba:
>> >>> But when I try to grant Domain Admins a SeDiskOperatorPrivilege,
I get
>> >>> this:
>> >>>
>> >>> # net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
>> >>> "RW\administrator"
>> >>> Enter RW\administrator's password:
>> >>> Could not connect to server 127.0.0.1
>> >>> Connection failed: NT_STATUS_UNSUCCESSFUL
>> >>
https://wiki.samba.org/index.php/Troubleshooting_Samba_Domain_Members#The_net_Command_Fails_to_Connect_to_the_127.0.0.1_IP_Address
>> >>
>> >>
>> >> Regards,
>> >> Marc
>> >>
>> >>
>> >> Am 29.01.2017 um 17:27 schrieb Alnis Morics via samba:
>> >>> But when I try to grant Domain Admins a SeDiskOperatorPrivilege,
I get
>> >>> this:
>> >>>
>> >>> # net rpc rights grant "RW\Domain Admins" SeDiskOperatorPrivilege -U
>> >>> "RW\administrator"
>> >>> Enter RW\administrator's password:
>> >>> Could not connect to server 127.0.0.1
>> >>> Connection failed: NT_STATUS_UNSUCCESSFUL
>> >>
https://wiki.samba.org/index.php/Troubleshooting_Samba_Domain_Members#The_net_Command_Fails_to_Connect_to_the_127.0.0.1_IP_Address
>> >>
>> >>
>> >> Regards,
>> >> Marc
>> >>
>> >Thank you, Marc.
>> >
>> >Yes, I already tried that. The result is:
>> >
>> >net rpc -I 192.168.0.192 rights list -U administrator
>> >Enter administrator's password:
>> >Could not connect to server 192.168.0.192
>> >Connection failed: NT_STATUS_UNSUCCESSFUL
>> >
>> >And, as I told, my smbd is listening on all addresses. And the error
>> >message is a bit different: not NT_STATUS_CONNECTION_REFUSED, as in
that
>> >example, but NT_STATUS_UNSUCCESSFUL -- a generic one.
>> >
>> >Alnis
>>
>>Ok, if I raise the log level to 10, I get 7 more lines at the end:
>>...
>>Could not connect to server 192.168.0.192
>> >
>> >Yes, I already tried that. The result is:
>> >
>> >net rpc -I 192.168.0.192 rights list -U administrator
>> >Enter administrator's password:
>> >Could not connect to server 192.168.0.192
>> >Connection failed: NT_STATUS_UNSUCCESSFUL
>> >
>> >And, as I told, my smbd is listening on all addresses. And the error
>> >message is a bit different: not NT_STATUS_CONNECTION_REFUSED, as in
that
>> >example, but NT_STATUS_UNSUCCESSFUL -- a generic one.
>> >
>> >Alnis
>>
>>Ok, if I raise the log level to 10, I get 7 more lines at the end:
>>...
>>Connection failed: NT_STATUS_UNSUCCESSFUL
>>failed to make ipc connection: NT_STATUS_UNSUCCESSFUL
>>return code = -1
>>failed to make ipc connection: NT_STATUS_UNSUCCESSFUL
>>return code = -1
>>Opening cache file at /usr/local/samba/var/cache/gencache.tdb
>>Opening cache file at /usr/local/samba/var/lock/gencache_notrans.tdb
>>tdb(/usr/local/samba/var/lock/gencache_notrans.tdb):
>>allrecord_mutex_lock() failed: Invalid argument
>>Could not get allrecord lock on gencache_notrans.tdb: Locking error
>>Freeing parametrics:
>>#
>>
>>Alnis
>
>"allrecord_mutex_lock() failed: Invalid argument" looks like a C
interpretator's complaint. I thought maybe there's a conflict between
gcc and Clang of FreeBSD's base system. So I removed gcc and recompiled
Samba. But no, the errors are exactly the same.
>
>I also have another FreeBSD machine (10.3) where some months ago I
built Samba 4.4.5 ADDC, and there "net rpc" commands work.
>
>Alnis
One more try.
>>Opening cache file at /usr/local/samba/var/lock/gencache_notrans.tdb
>>tdb(/usr/local/samba/var/lock/gencache_notrans.tdb):
>>allrecord_mutex_lock() failed: Invalid argument
>>Could not get allrecord lock on gencache_notrans.tdb: Locking error
>>Freeing parametrics:
>>#
>>
>>Alnis
>
>"allrecord_mutex_lock() failed: Invalid argument" looks like a C
interpretator's complaint. I thought maybe there's a conflict between
gcc and Clang of FreeBSD's base system. So I removed gcc and recompiled
Samba. But no, the errors are exactly the same.
>
>I also have another FreeBSD machine (10.3) where some months ago I
built Samba 4.4.5 ADDC, and there "net rpc" commands work.
>
>Alnis
I took Samba 4.4.9 tarball, built it, and now "net rpc" commands work as
expected, e.g.:
# net rpc rights list -U administrator
Enter administrator's password:
SeTakeOwnershipPrivilege Take ownership of files or other objects
SeBackupPrivilege Back up files and directories
SeRestorePrivilege Restore files and directories
SeRemoteShutdownPrivilege Force shutdown from a remote system
SePrintOperatorPrivilege Manage printers
SeAddUsersPrivilege Add users and groups to the domain
SeDiskOperatorPrivilege Manage disk shares
SeSecurityPrivilege System security
SeSystemtimePrivilege Set the system clock
SeShutdownPrivilege Shutdown the system
SeDebugPrivilege Debug processes
SeSystemEnvironmentPrivilege Modify system environment
SeSystemProfilePrivilege Profile the system
SeProfileSingleProcessPrivilege Profile one process
SeIncreaseBasePriorityPrivilege Increase base priority
SeLoadDriverPrivilege Load drivers
SeCreatePagefilePrivilege Create page files
SeIncreaseQuotaPrivilege Increase quota
SeChangeNotifyPrivilege Register for change notify
SeUndockPrivilege Undock devices
SeManageVolumePrivilege Manage system volumes
SeImpersonatePrivilege Impersonate users
SeCreateGlobalPrivilege Create global
SeEnableDelegationPrivilege Enable Delegation
Appears that 4.5.X introduce something that FreeBSD doesn't like, but
ok. I now proceeded with 4.4.9 to joining Windows clients and stopped at
another problem, but that's a separate topic.
Alnis
0 new messages