Samba Member Server Troubleshooting
This page will treat common problems when setting up or running a Samba AD Member server.
SeDiskOperatorPrivilege can't be set
You want to set SeDiskOperatorPrivilege on your member server to manage your share permissions but you get an error like this:
# net rpc rights grant 'SAMDOM\Domain Admins' SeDiskOperatorPrivilege -U'SAMDOM\administrator' Enter SAMDOM\administrator's password: Could not connect to server 127.0.0.1 The username or password was not correct. Connection failed: NT_STATUS_LOGON_FAILURE
In this case you need to create a user mapping file (i.e. /etc/samba/user.map) with the following content:
!root = SAMDOM\Administrator SAMDOM\administrator
After this you need to add a parameter to the [global] section of your smb.conf:
username map = /etc/samba/user.map
Restart or reload samba and you will then be able to set SeDiskOperatorPrivilege with the administrator account:
# net rpc rights grant 'SAMDOM\Domain Admins' SeDiskOperatorPrivilege -U'SAMDOM\administrator'