[Samba] Re: DID ANYBODY HERE...
Beast
beast at setuid.com
Mon Aug 4 03:20:45 GMT 2003
Monday, August 4, 2003, 1:53:43 AM, paul wrote:
> Beast wrote:
>> Sorry to puuting all caps subject, but at least i get your
>> attentention right now :-)
>>
>> I just want to ask 1 (one) question to anybody here.
>>
>> Did you ever try samba 3.0b3 and having 'domain admins' global group
>> working on Win2000 client?
> YES!!
> hope that helps ;)
It was help me much, because i though the groupmap is just cosmetic on
this release and still not usable :-)
Glad to see that it works, it gives me confidence to try it more
harder.
May i know how you do it?
This is my environment :
RH9, samba 3.0b3, openldap 2.1.21
All accounts are on ldap
[root at potato root]# net groupmap list
Domain Admins (S-1-5-21-2897595519-3619093474-3625347041-512) -> root
[root at potato root]# getent passwd |grep administrator
administrator:x:0:0:Administrator:/home/administrator:/sbin/nologin
[root at potato root]# getent group |grep administrator
administrator:x:0:
[root at potato root]# pdbedit -Lv administrator
Unix username: administrator
NT username: administrator
Account Flags: [U ]
User SID: S-1-5-21-2897595519-3619093474-3625347041-1000
Primary Group SID: S-1-5-21-2897595519-3619093474-3625347041-1001
Full Name: Administrator
Home Directory:
HomeDir Drive:
Logon Script: logon.bat
Profile Path:
Domain: DJKT
Account desc:
...
With admin uid 0, i can use admin to add machine trust, but when login w2k
client can not recognized it as domain admin (ie. can not change IP
address on client machine etc.)
Tks.
--beast
More information about the samba
mailing list