Réf. : [Samba] Samba Beta 3 + LDAP: user in mapped group "Domain Admins" isn't a domain admin when he logs on
stephane.purnelle at corman.be
stephane.purnelle at corman.be
Thu Jul 17 10:36:42 GMT 2003
You cannot add one attribute "memberuid" with comma separator.
You can add more than one attribute "memberUid"
example :
...
memberUid root
memberUid administrateur
memberUid administratror
-----------------------------------
Stéphane PURNELLE stephane.purnelle at corman.be
Service Informatique Corman S.A. Tel : 00 32 087/342467
"" <g_goebel at vo.lu>
Envoyé par : Pour : samba at lists.samba.org
samba-bounces+stephane.purnelle=corman.be at lists cc :
.samba.org Objet : [Samba] Samba Beta 3 + LDAP: user in mapped group "Domain
Admins" isn't a domain admin when he logs on
17/07/03 12:21
Hi,
I have the group "root" and user "root" who is in the group "root".
I have successfuly mapped the unixgroup root to the ntgroup Domain Admins.
Command :
net groupmap add sid=S-1-...-512 unixgroup=root ntgroup="Domain Admins"
type=domain
I the LDAP directory samba added the objectclass sambaGroupMapping with the
appropriated attributes. Furthermore I have added the addribute "memberUid"
to
the element of the group "root". I have added a comma seperated list of the
who have to be in that group.
When I run "net groupmap list", I get the output :
Domain Admins (S-1-5-21-90685517-1016115244-2338707762-512) -> root
When I try to log on to the Windows machine, I am a normal user, who cannot
change the ip address for example.
The group "<DOMAINNAME>\Domain Admins" is in the group of the local
Administrators.
What's wrong ????
Thanks for any answer
Georges Goebel
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list