[prev in list] [next in list] [prev in thread] [next in thread]
List: samba
Subject: Re: [Samba] Only root can use net command, because of permissions of secrets.tdb
From: Andrew Bartlett via samba <samba () lists ! samba ! org>
Date: 2018-10-30 0:47:09
Message-ID: 1540860429.23891.111.camel () samba ! org
[Download RAW message or body]
On Mon, 2018-10-29 at 16:50 -0700, Deft Developer via samba wrote:
> It seems that I can only run "net ads" commands as sudo, otherwise I get an
> error:
>
> Failed to open /var/lib/samba/private/secrets.tdb
>
> This is because secrets.tbd has the permissions 700.
>
> This is the case even for listing users with the machine account:
>
> net ads user -P
>
> Is this the normal behavior? Is there a correct way to configure so that
> ordinary users can use net without sudo?
>
Correct, -P means to read the machine account from secrets.tdb, so this
is a privileged operation and so needs root permissions.
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
https://catalyst.net.nz/services/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic