Samba Member Server Troubleshooting

This page will treat common problems when setting up or running a Samba AD Member server.

SeDiskOperatorPrivilege can't be set

You want to set SeDiskOperatorPrivilege on your member server to manage your share permissions but you get an error like this:

# net rpc rights grant 'SAMDOM\Domain Admins' SeDiskOperatorPrivilege -U'SAMDOM\administrator'
Enter SAMDOM\administrator's password:
Could not connect to server
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE

In this case you need to create a user mapping file (i.e. /etc/samba/ with the following content:

!root = SAMDOM\Administrator SAMDOM\administrator

After this you need to add a parameter to the [global] section of your smb.conf:

username map = /etc/samba/

Restart or reload samba and you will then be able to set SeDiskOperatorPrivilege with the administrator account:

# net rpc rights grant 'SAMDOM\Domain Admins' SeDiskOperatorPrivilege -U'SAMDOM\administrator'