[Samba] No full administrator-permissions on local
machines with samba 3 domain login
Andrew Bartlett
abartlet at samba.org
Wed Mar 10 21:11:49 GMT 2004
On Thu, 2004-03-11 at 01:27, RRuegner wrote:
> Beast schrieb:
>
> > * Joern Frenzel <frenzel at wave-computer.de> nulis:
> >
> >
> >>additonaly to my question. we can not add or change usres in the domain if
> >>we're loged in on a client (as domainadmin sure). and thats wht we want to
> >>do :-(
> >
> >
> >
> > What is pdbedit -Lv administrator says? esp. on primary group SID
> >
> >
> > --beast
> >
> Hi,
> i found the same Problem: group Administrators in win normally should be
> a part of Domain admins, so every member of domain admins should be in
> Administrators automaticly too, but i think this cant be done in unix
Correct. But that is being worked on. However, your implication is
incorrect. It is the windows client that expands the groups, so if you
are correctly a 'domain admin', then you automatically become part of
the 'local administrators'.
Make sure your group mapping is really correct.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040311/291082bc/attachment.bin
More information about the samba
mailing list