Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Manage Shared Folder Permissions from Domain - Error with SeDiskOperatorPrivilege

Hybrid View

  1. #1

    Post Manage Shared Folder Permissions from Domain - Error with SeDiskOperatorPrivilege

    Hello,

    I ingressed my openSUSE into a Windows domain, and everything is working fine (using YAST w SSSD).

    So now I want to be able to manage my shares (subfolders) permissions using a DOMAIN/Adm account. To do that, I found out that I need to grant SeDiskOperatorPrivilege to it (right?).
    Problem is, with
    Code:
    net rpc rights grant "WINDOMAIN\Administrator" SeDiskOperatorPrivilege -U "WINDOMAIN\Administrador"
    I got
    Code:
    Connection failed: NT_STATUS_NO_LOGON_SERVER
    I searched for this error, but couldn't find a solution yet, since most of ppl were saying it was a DNS problem, but I'm into the domain, I can ping other machines by name, my DNS is the DNS server as well and I can even login with domain credentials....

    Any help would be apreciated.

  2. #2
    Join Date
    Feb 2010
    Location
    Germany
    Posts
    5,039

    Question Re: Manage Shared Folder Permissions from Domain - Error with SeDiskOperatorPrivilege

    Quote Originally Posted by None View Post
    I got
    Code:
    Connection failed: NT_STATUS_NO_LOGON_SERVER
    Hello and, welcome to this Forum.

    The error is indicating that, the ADS Logon Server can not be found.

    BTW, I note that, you've been using the archived Leap 15.0 documentation – For Leap 15.3 please use the documentation here – <https://doc.opensuse.org/>.

  3. #3

    Default Re: Manage Shared Folder Permissions from Domain - Error with SeDiskOperatorPrivilege

    Quote Originally Posted by dcurtisfra View Post
    Hello and, welcome to this Forum.

    The error is indicating that, the ADS Logon Server can not be found.

    BTW, I note that, you've been using the archived Leap 15.0 documentation – For Leap 15.3 please use the documentation here – <https://doc.opensuse.org/>.
    Hello! Thanks! Gonna use the updated docs.

    Yes, I can login with AD credentials:


    Running "klist" shows a valid ticket as well.

  4. #4
    Join Date
    Feb 2010
    Location
    Germany
    Posts
    5,039

    Question Re: Manage Shared Folder Permissions from Domain - Error with SeDiskOperatorPrivilege

    Quote Originally Posted by None View Post
    Yes, I can login with AD credentials:
    Yes, but, the login indicates an error – “The login directory doesn't exist” …
    • Which is possibly related to the “Active Domain Logon Server not found” error.

    Are you certain that, the server's IP address has been correctly set-up?
    • Also the IPv6 address …

  5. #5

    Default Re: Manage Shared Folder Permissions from Domain - Error with SeDiskOperatorPrivilege

    Quote Originally Posted by dcurtisfra View Post
    Yes, but, the login indicates an error – “The login directory doesn't exist” …
    Which is possibly related to the “Active Domain Logon Server not found” error.
    Are you certain that, the server's IP address has been correctly set-up?
    Also the IPv6 address …
    I thought this message was caused by not enabling "Create Home Directory" at SSSD settings. It's Ok to let if off, right?


    User Logon Management


    User Logon Management -> Auth Settings -> SSSD


    Network Settings



    Checked:

    • IPv4 = OK DHCP
    • IPv6 = disabled (I don't use it)


    • /etc/resolv.conf =
      search mydomainname.local
      nameserver 192.168.0.232
      (that's my DC/DNS)


    • IP addr =



    Where should I check for misconfiguration? Idk where to look other than these...

    Thanks.

  6. #6
    Join Date
    Feb 2010
    Location
    Germany
    Posts
    5,039

    Default Re: Manage Shared Folder Permissions from Domain - Error with SeDiskOperatorPrivilege

    Quote Originally Posted by None View Post
    User Logon Management -> Auth Settings -> SSSD
    The machine isn't a member of a Network Domain – the complete host name, including the Network Domain, isn't resolvable.

    BTW, AFAIK, attempting to use Windows 10 or later without IPv6 isn't a good idea …

  7. #7

    Default Re: Manage Shared Folder Permissions from Domain - Error with SeDiskOperatorPrivilege

    Quote Originally Posted by dcurtisfra View Post
    The machine isn't a member of a Network Domain – the complete host name, including the Network Domain, isn't resolvable.
    Right.. I left Domain, and tried to join again:

    "No DNS domain configured", but following the docs, I entered my DNS server IP at "Name Server 1" before joining... am i missing something?

    Quote Originally Posted by dcurtisfra View Post
    BTW, AFAIK, attempting to use Windows 10 or later without IPv6 isn't a good idea …
    It's because I only have an IPv4 DHCP server..

  8. #8
    Join Date
    Feb 2010
    Location
    Germany
    Posts
    5,039

    Default Re: Manage Shared Folder Permissions from Domain - Error with SeDiskOperatorPrivilege

    Quote Originally Posted by None View Post
    "No DNS domain configured", but following the docs, I entered my DNS server IP at "Name Server 1" before joining...
    The Server's IP address ain't a Domain.
    • The Domain Name Server must have a Domain Name configured pointing to the Domain where the Names are being served.

  9. #9

    Default Re: Manage Shared Folder Permissions from Domain - Error with SeDiskOperatorPrivilege

    Quote Originally Posted by dcurtisfra View Post
    The Server's IP address ain't a Domain.
    • The Domain Name Server must have a Domain Name configured pointing to the Domain where the Names are being served.
    So, new error

    /etc/resolv.conf
    search mydomain.local
    nameserver 192.168.0.232


    users auth


    btw I checked DNS server records and if the machine appeared on DC, just to be sure


    SeDiskOperatorPrivilege


    any idea what should I check for?

  10. #10

    Default Re: Manage Shared Folder Permissions from Domain - Error with SeDiskOperatorPrivilege

    Nope. Not working.

    Reinstalled the system, I did nothing but followed the docs (15.3). Joined domain succefully, IP, DNS server, domain name, domain controller, everything looks fine as far as I can tell, both on openSUSE and DC records.
    Can't login with domain creds, and sure can't grant permissions.

    Since I can't find a sollution, or if it's fixable at all, I think I'm done.
    Anyway, thanks for helping @dcurtisfra.

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •