GPO in xp always creates policy with Domain Admins 2
Matthieu Patou
mat at matws.net
Sat Jul 28 16:57:12 MDT 2012
On 07/28/2012 04:39 AM, steve wrote:
> Hi Everyone
>
> /usr/local/samba/var/locks/sysvol/hh3.site/Policies> ls -la
> total 32
> drwxrwx---+ 5 3000064 Domain Users 4096 Jul 28 10:19
> {702EB7C7-14C4-4BBB-BA8C-F85F3E7B854A}
> drwxrwx---+ 5 3000064 Domain Users 4096 Jul 28 10:32
> {BDFC28AB-5BB9-493E-9A9B-7CFA446DEF6B}
>
> For 3000064, get:
> wbinfo --sid-to-name=S-1-5-21-3605328179-531901682-1830711284-512
> MARINA\Domain Admins 2
>
> What is the 2 for?
Did you rename the domain admins to domain admins 2 ?
Can you do a ldb search like that:
./bin/ldbsearch -H ldap://ip_of_your_dc -Uadministrator '(CN=Domain
Admin*)' dn objectsid
This should list all the entries that have the CN starting with "Domain
Admin"
The other option is a small bug in wbinfo when doing sids to name, can
you try to run this command with valgrind ?
Matthieu.
More information about the samba-technical
mailing list