Réf. : [Samba] Samba Beta 3 + LDAP: user in mapped group "Domain Admins" isn't a domain admin when he logs on

stephane.purnelle at corman.be stephane.purnelle at corman.be
Thu Jul 17 10:36:42 GMT 2003


You cannot add one attribute "memberuid" with comma separator.
You can add more than one attribute "memberUid"

example :
...
memberUid root
memberUid administrateur
memberUid administratror



-----------------------------------
Stéphane PURNELLE                         stephane.purnelle at corman.be
Service Informatique       Corman S.A.           Tel : 00 32 087/342467


                                                                                                                                                     
                    "" <g_goebel at vo.lu>                                                                                                              
                    Envoyé par :                                           Pour :  samba at lists.samba.org                                             
                    samba-bounces+stephane.purnelle=corman.be at lists        cc :                                                                      
                    .samba.org                                             Objet :      [Samba] Samba Beta 3 + LDAP: user in mapped group "Domain    
                                                                           Admins"      isn't a domain admin when he logs on                         
                                                                                                                                                     
                    17/07/03 12:21                                                                                                                   
                                                                                                                                                     
                                                                                                                                                     




Hi,

I have the group "root" and user "root" who is in the group "root".
I have successfuly mapped the unixgroup root to the ntgroup Domain Admins.
Command :
net groupmap add sid=S-1-...-512 unixgroup=root ntgroup="Domain Admins"
type=domain

I the LDAP directory samba added the objectclass sambaGroupMapping with the
appropriated attributes. Furthermore I have added the addribute "memberUid"
to
the element of the group "root". I have added a comma seperated list of the
who have to be in that group.

When I run "net groupmap list", I get the output :
Domain Admins (S-1-5-21-90685517-1016115244-2338707762-512) -> root

When I try to log on to the Windows machine, I am a normal user, who cannot

change the ip address for example.
The group "<DOMAINNAME>\Domain Admins" is in the group of the local
Administrators.

What's wrong ????

Thanks for any answer

Georges Goebel

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba







More information about the samba mailing list