[Samba] net groupmap / domain admins problem - Amazon prize

John H Terpstra jht at samba.org
Thu Jan 8 16:02:31 GMT 2004 

Andy,

I would suggest you first make sure that all SIDs are consistent. The
3.0.0 packages you have should work. We can look to updating if you need
to.


- John T.

On Thu, 8 Jan 2004, Andrew Judge wrote:

> samba-client-3.0.0-14.3E
> samba-3.0.0-14.3E
> samba-common-3.0.0-14.3E
>
> >From RH En v.3 CD.  Do you think that it wouold be better to upgrade?
>
> Andy
>
> -----Original Message-----
> From: John H Terpstra [mailto:jht at samba.org]
> Sent: Thursday, January 08, 2004 10:44 AM
> To: Andrew Judge
> Cc: samba at lists.samba.org
> Subject: RE: [Samba] net groupmap / domain admins problem - Amazon prize
>
>
> On Thu, 8 Jan 2004, Andrew Judge wrote:
>
> > One last part that I noticed - the kicker - eventhough the the netlogon
> > scripts run, if I create a new user, it won't let me log in.  It's like
> the
> > account passwords were cached and now it has taken away the domain admin
> > rights.
>
> First, as I wrote in my last email, the Domain SID and that stored in
> the group_mapping.tdb database MUST be consistent.
>
> Second, what version of Samba are you running? If this is 3.0.1 please
> update to 3.0.2pre1. There is a fix in 3.0.2pre1 for a bug you may have
> tripped.
>
> - John T.
>
> >
> > Andy
> >
> > -----Original Message-----
> > From: samba-bounces+ajudge=grovenetworks.com at lists.samba.org
> > [mailto:samba-bounces+ajudge=grovenetworks.com at lists.samba.org]On Behalf
> > Of Andrew Judge
> > Sent: Thursday, January 08, 2004 9:14 AM
> > To: John H Terpstra
> > Cc: samba at lists.samba.org
> > Subject: RE: [Samba] net groupmap / domain admins problem - Amazon prize
> >
> >
> > Also,
> >
> > my info is now - and it look like the last 3 digits are supposed to be
> > different from the mmain part of the SID, but are not?  Should I try to
> > modify the domain '*' SIDs?
> >
> > [root at fire2 root]# net getlocalsid
> > SID for domain FPICSRV is: S-1-5-21-1206063004-3966108128-1487570950
> >
> > [root at fire2 root]# net groupmap list
> > System Operators (S-1-5-32-549) -> -1
> > Replicators (S-1-5-32-552) -> -1
> > Guests (S-1-5-32-546) -> -1
> > Domain Guests (S-1-5-21-3168668608-3928139368-1822977481-514) -> nobody
> > Domain Admins (S-1-5-21-3168668608-3928139368-1822977481-512) -> root
> > Power Users (S-1-5-32-547) -> -1
> > Print Operators (S-1-5-32-550) -> -1
> > Administrators (S-1-5-32-544) -> -1
> > Account Operators (S-1-5-32-548) -> -1
> > Domain Power Users (S-1-5-21-3168668608-3928139368-1822977481-2081) ->
> > ntadmins
> > Domain Users (S-1-5-21-3168668608-3928139368-1822977481-513) -> users
> > Backup Operators (S-1-5-32-551) -> -1
> > Users (S-1-5-32-545) -> -1
> >
> > Andy
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> >
>
> --
> John H Terpstra
> Email: jht at samba.org
>
>

-- 
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list