[Samba] net groupmap / domain admins problem - Amazon prize

Andrew Judge ajudge at grovenetworks.com
Thu Jan 8 15:50:10 GMT 2004 

samba-client-3.0.0-14.3E
samba-3.0.0-14.3E
samba-common-3.0.0-14.3E

>From RH En v.3 CD.  Do you think that it wouold be better to upgrade?

Andy

-----Original Message-----
From: John H Terpstra [mailto:jht at samba.org]
Sent: Thursday, January 08, 2004 10:44 AM
To: Andrew Judge
Cc: samba at lists.samba.org
Subject: RE: [Samba] net groupmap / domain admins problem - Amazon prize


On Thu, 8 Jan 2004, Andrew Judge wrote:

> One last part that I noticed - the kicker - eventhough the the netlogon
> scripts run, if I create a new user, it won't let me log in.  It's like
the
> account passwords were cached and now it has taken away the domain admin
> rights.

First, as I wrote in my last email, the Domain SID and that stored in
the group_mapping.tdb database MUST be consistent.

Second, what version of Samba are you running? If this is 3.0.1 please
update to 3.0.2pre1. There is a fix in 3.0.2pre1 for a bug you may have
tripped.

- John T.

>
> Andy
>
> -----Original Message-----
> From: samba-bounces+ajudge=grovenetworks.com at lists.samba.org
> [mailto:samba-bounces+ajudge=grovenetworks.com at lists.samba.org]On Behalf
> Of Andrew Judge
> Sent: Thursday, January 08, 2004 9:14 AM
> To: John H Terpstra
> Cc: samba at lists.samba.org
> Subject: RE: [Samba] net groupmap / domain admins problem - Amazon prize
>
>
> Also,
>
> my info is now - and it look like the last 3 digits are supposed to be
> different from the mmain part of the SID, but are not?  Should I try to
> modify the domain '*' SIDs?
>
> [root at fire2 root]# net getlocalsid
> SID for domain FPICSRV is: S-1-5-21-1206063004-3966108128-1487570950
>
> [root at fire2 root]# net groupmap list
> System Operators (S-1-5-32-549) -> -1
> Replicators (S-1-5-32-552) -> -1
> Guests (S-1-5-32-546) -> -1
> Domain Guests (S-1-5-21-3168668608-3928139368-1822977481-514) -> nobody
> Domain Admins (S-1-5-21-3168668608-3928139368-1822977481-512) -> root
> Power Users (S-1-5-32-547) -> -1
> Print Operators (S-1-5-32-550) -> -1
> Administrators (S-1-5-32-544) -> -1
> Account Operators (S-1-5-32-548) -> -1
> Domain Power Users (S-1-5-21-3168668608-3928139368-1822977481-2081) ->
> ntadmins
> Domain Users (S-1-5-21-3168668608-3928139368-1822977481-513) -> users
> Backup Operators (S-1-5-32-551) -> -1
> Users (S-1-5-32-545) -> -1
>
> Andy
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>

--
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list