[Samba] user/group issues

Matt Lung matt.lung at midwest-tool.com
Mon Jan 20 19:11:00 GMT 2003


I have a RH 7.1 box running samba-2.2.4-2 acting as a PDC to our LAN. 
 For the most part all our clients are 95/98 and NT 4.  

The problem I am experiencing is that when I want to add a Domain User 
to a local group on a Win2k box it gives me the error:

"unable to lookup user names for display."

Now, I can add myself (the one logged in) to the group on the Win2k box, 
but any other user I try to add gets that error message.  My user is a 
super user that is automatically given admin rights on the machine and 
it seems  I should be able to add more users than just me to the group 
just like on NT 4.  If I slide over to an NT 4 box and try the same 
thing... adding a Domain user to the local Power Users group other than 
my user it works just fine.  I can add as many as I please.   On the 
Win2k box if I have the Domain user log in one time and logoff I can 
then log in to the Domain as my superuser and add them to the group.  It 
seems to like the fact that they have logged into the workstation before 
I can add them.  On a side note... I have upgraded to samba-2.2.7 on a 
clone of that server and still have the same problems.  I would think if 
its not a problem doing it with NT 4 then you should be able to do the 
same in 2K.  Of course, thats not the case right now with my setup.  My 
question to anyone who can help me... is this this normal for 2K at the 
present time?  Or is there something else wrong that I need to fix?


Smb.conf output:

# Global parameters
        workgroup = XXX
        netbios name =
        server string = Samba PDC Server v.2.2.4
        encrypt passwords = Yes
        update encrypted = Yes
        min passwd length = 6
        passwd chat = *New*password* %n\n *Retype*new*password* %n\n 
        username map = /etc/samba/smbusers
        password level = 4
        unix password sync = Yes
        log file = /var/log/samba/log
        max log size = 0
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        domain admin group = @ntadm
        add user script = /usr/sbin/useradd -d /dev/null -g 100 -s 
/bin/false -M %u
        logon script = %U.bat
        logon drive = H:
        logon home = \\%N\%U\%u
        logon path =
        domain logons = Yes
        os level = 65
        preferred master = Yes
        domain master = Yes
        dns proxy = No
        wins support = Yes
        hide local users = Yes
        admin users = administrator
        printer admin = @ntadm

        comment = Home Directories
        read only = No
        browseable = No

        comment = Network Logon Service
        path = /home/netlogon
        invalid users = bin adm daemon lp sync shutdown halt mail news 
uucp operator games gopher ftp gdm postgres vacation named rebound
        guest ok = Yes
        browseable = No

More information about the samba mailing list