Error with SeDiskOperatorPrivilege - NT_STATUS_NO_LOGON_SERVER

None_

New Member
Credits
41
Hello!

I ingressed my openSUSE into a Windows domain, and everything seems to be working: I'm able to login with adm credentials¹, I can ping servers by their names, and my shares are acessible in the network (with 777).

So now I want to be able to manage my shares (subfolders) permissions using a DOMAIN/Adm account. To do that, I found out that I need to grant SeDiskOperatorPrivilege.
The problem is, when i do net rpc rights grant "DOMAIN\Admins" SeDiskOperatorPrivilege -U "DOMAIN\Administrador , I got:
Code:
Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_NO_LOGON_SERVERS
I used SSSD to join the Domain, (YaST -> Security and Users -> User and Group Management)
1633619050949.png


1 -
Someone pointed out that when I logon with a domain user into the server, this message about the directory is related to the problem:
1633619151675.png

although I thought it was about not enabling "Create Home Directory" in the SSSD settings...

I checked:
IPv4 = DHCP
IPv6 = disabled (I don't use it)
/etc/resolv.conf =
Code:
search mydomainname.local
nameserver 192.168.0.232
232 = my DC/DNS

So, if someone can help me find out what is the problem or misconfiguration, I'll really apreciate.

Thanks!
 


None_

New Member
Credits
41
alright, tried to leave/join Domain again, and got this:
1633629034501.png

But looking at Network Config and /etc/resolv.conf, the DNS IP is there as nameserver...
 

tpstech

New Member
Credits
6
I am struggling with the same error, although somewhat different config. What is strange is that, just as you say, many things work. I am running Ubuntu 20.04.
 

jpnilson

Member
Credits
485
I am struggling with the same error, although somewhat different config. What is strange is that, just as you say, many things work. I am running Ubuntu 20.04.
With 20.04.3 you can automatically configure to connect with your domain controller at installation. You will need to have an account with enough administrative authority to join the domain. A lot easier than configuring from scratch. When you login with a valid domain user your system should create a home directory for the user. Also note that your domain account will not be a part of sudoers by default. You will have to configure sudoers for the individual user of you can configure a group on your domain controller to control sudoers with a group. I did the latter and can basically drop configuration into sudoers once and can make any changes to who has access by dropping in or removing a user from the group on the domain controller.
 

jpnilson

Member
Credits
485
Hello!

I ingressed my openSUSE into a Windows domain, and everything seems to be working: I'm able to login with adm credentials¹, I can ping servers by their names, and my shares are acessible in the network (with 777).

So now I want to be able to manage my shares (subfolders) permissions using a DOMAIN/Adm account. To do that, I found out that I need to grant SeDiskOperatorPrivilege.
The problem is, when i do net rpc rights grant "DOMAIN\Admins" SeDiskOperatorPrivilege -U "DOMAIN\Administrador , I got:
Code:
Could not connect to server 127.0.0.1
Connection failed: NT_STATUS_NO_LOGON_SERVERS
I used SSSD to join the Domain, (YaST -> Security and Users -> User and Group Management)
View attachment 10474

1 -
Someone pointed out that when I logon with a domain user into the server, this message about the directory is related to the problem:
View attachment 10475
although I thought it was about not enabling "Create Home Directory" in the SSSD settings...

I checked:
IPv4 = DHCP
IPv6 = disabled (I don't use it)
/etc/resolv.conf =
Code:
search mydomainname.local
nameserver 192.168.0.232
232 = my DC/DNS

So, if someone can help me find out what is the problem or misconfiguration, I'll really apreciate.

Thanks!
I'm not sure what is going on but I don't think you were able to successfully join that machine to the domain. The directory does not exist message is just that you were not denied I don't think it exists. Your terminal prompt looks like what I would expect if you were logged in locally. It also looks like the change to another directory is part of your bash configuration. The directory structure also looks wrong. If you have access to the domain controller I would check you computer, group and user entries are configured correctly.
 
Last edited:

None_

New Member
Credits
41
I am struggling with the same error, although somewhat different config. What is strange is that, just as you say, many things work. I am running Ubuntu 20.04.
If you find a fix, please post it here. I'll update you as well.

I'm not sure what is going on but I don't think you were able to successfully join that machine to the domain. The directory does not exist message is just that you were not denied I don't think it exists. Your terminal prompt looks like what I would expect if you were logged in locally. It also looks like the change to another directory is part of your bash configuration. The directory structure also looks wrong. If you have access to the domain controller I would check you computer, group and user entries are configured correctly.
So, I checked everything again, managed to successfully join domain (without warnings at least):

1633783450027.png


I checked DNS server records and if the machine appeared on DC, just to be sure...

SeDiskOperatorPrivilege now gives:
1633784312004.png


Funny enough, I can't login with domain creds anymore. I think I'll try to reinstall everything ):
 

None_

New Member
Credits
41
Nope. Not working.

Reinstalled the system, I did nothing but followed the docs (15.3). Joined domain succefully, IP, DNS server, domain name, domain controller, everything looks fine as far as I can tell, both on openSUSE and DC records.
Can't login with domain creds, and sure can't grant permissions (NT_STATUS_CONNECTION_REFUSED).

Since I can't find a sollution, or if it's fixable at all, I think I'm done...
Anyway, thanks for helping @jpnilson, and good luck @tpstech.
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Staff online

Members online


Latest posts

Top