become domain admin

Ralf Thater Ralf.Thater at
Fri Nov 19 11:31:25 GMT 1999


I (try to) use Samba21-prealpha (downloaded on 15.11.)
as PDC on HP-UX 10.20 with NT clients.

One question:
How I can configure an account as a domain admin?
Regarding NTDOM-FAQ I add in

  3 group map entries:
   domain group map = /usr/local/samba/lib/ :
        adm="Domain Admins"
   local group map  = /usr/local/samba/lib/
   domain user map  = /usr/local/samba/lib/

Local UNIX groups "adm" and "wheel" contains "user01".

Join my NT Client to samba domain "SAMBADOM"; OK
Logon as SAMBADOM\Administrator or SAMBADOM\user01:
In Logfile: log.{client_name}
[1999/11/19 11:17:38, 0] smbd/uid.c:(370)
  ERROR: become root depth is non zero
[1999/11/19 11:17:38, 0] smbd/uid.c:(390)
  ERROR: unbecome root depth is 0
what happens?

Become local Admin seems OK.

Become domain Admin failed:  WHY ??
 The NT Reskit tool: "ifmember /list"   returns:
        User is a member of group SAMBADOM\xyz.
        User is a member of group \Everyone.
        User is a member of group BUILTIN\Administrators.
        User is a member of group SAMBADOM\Domain Admins.
        User is a member of group NT AUTHORITY\INTERACTIVE.
        User is a member of group NT AUTHORITY\Authenticated Users.

  Domain tools don't work:
  poledit-New Policy-Add User-Browse-List Names From "SAMBADOM" :
        "Unable to browse the selected domain because the following
         occured. Not enough storage is available to process this
        "Not enough storage is available to process this command"
        seems ok  ???

There should no recource problem on my NT Client because I can
administer our other (native) NT domain.

When I use Properties of any (NTFS) file:
        shows all UNIX groups, expect "adm" and "wheel"
        shows also group "Domain Admins", select Members...
                listed Members of UNIX group "adm",
                    INCLUDING "user01",  OK

Any ideas's ?

Thanks in advance, Ralf

More information about the samba-ntdom mailing list