[Samba] Samba Beta 3 + LDAP: user in mapped group "Domain Admins" isn't a domain admin when he logs on

g_goebel at vo.lu g_goebel at vo.lu
Thu Jul 17 10:21:14 GMT 2003


I have the group "root" and user "root" who is in the group "root".
I have successfuly mapped the unixgroup root to the ntgroup Domain Admins.
Command : 
net groupmap add sid=S-1-...-512 unixgroup=root ntgroup="Domain Admins" type=domain

I the LDAP directory samba added the objectclass sambaGroupMapping with the
appropriated attributes. Furthermore I have added the addribute "memberUid" to
the element of the group "root". I have added a comma seperated list of the
who have to be in that group.

When I run "net groupmap list", I get the output :
Domain Admins (S-1-5-21-90685517-1016115244-2338707762-512) -> root

When I try to log on to the Windows machine, I am a normal user, who cannot 
change the ip address for example. 
The group "<DOMAINNAME>\Domain Admins" is in the group of the local Administrators.

What's wrong ????

Thanks for any answer

Georges Goebel

More information about the samba mailing list