[Samba] Re: domain admin --> problem with secrets.tdb

Antoine Jacoutot ajacoutot at lphp.org
Mon Sep 15 15:14:56 GMT 2003

Antoine Jacoutot wrote:
> All my users sambaPrimaryGroupSID are set to 513. Now, I added some 
> users to the "domainadmins" group (with the memberUid attribute in LDAP) 
> but they do not get admin priviledges on NT workstations...
> What am I missing here ?
> I also added "@domainadmins" to the "user admins" parameter in smb.conf, 
> but it does not work.

OK, I found what was causing the problem. But it is not fine :(
Basically, I had some errors about samba not being able to connect to 
ldap because it was not root. In fact, what happened is that some samba 
functions didn't have the right to read secrets.tdb, so I chmod it to 
644 and now everything works great... except that 644 for secrets.tdb in 
NOT a fine setup.
I found some similar cases, googling, but all the bugzilla that were 
reported about it are in state FIXED... so I don't quite understand why 
I am seing this behaviour.


More information about the samba mailing list