[Samba] Domain Users group howto...

John H Terpstra jht at Samba.Org
Mon May 16 20:06:14 GMT 2005 

On Monday 16 May 2005 13:30, Vincent Yonemitsu wrote:
> Cool, but I must be missing something. :)
>
> [root at localhost ~]# net rpc group addmem "Administrators" "Domain Users"
> -S crappyxpbox -Uadministrator%secret
> [2005/05/16 15:32:35, 0] param/loadparm.c:map_parameter(2465)
>   Unknown parameter encountered: "domain admin group"
> [2005/05/16 15:32:35, 0] param/loadparm.c:lp_do_parameter(3153)
>   Ignoring unknown parameter "domain admin group"
> Could not connect to server crappyxpbox
> The username or password was not correct.

What version of Samba are you using? The information I gave you is correct for 
3.0.14a (current stable).

In explanation of the syntax:

net rpc group addmem		= add a group membership
"Administrators"			= The local group "Administrators" on the target machine
"Domain Users"			= The domain global group on the Samba domain
-S crappyxpbox			= The target Windows client
-Uadministrator%secret	= The administrator account and it's password on the 
						target Windows client

>
> What is this for -Uadministrator%secret Is that to supply a local admin
> password.

Nope. It's the admin account and its password on the Windows client.

- John T.

> or does that to relate having already done this and I am not sure what
> this is doing either.
>
> > net rpc user add 'user_name' -Uroot%secret
> > net rpc password 'username' 'new_secret' -Uroot%not24get
>
> On May 16, 2005 03:13 PM, John H Terpstra <jht at Samba.Org> wrote:
> > On Monday 16 May 2005 12:43, Vincent Yonemitsu wrote:
> > > I have setup samba 3 as a PDC for a set of computers that previously
> > > had
> > > Domain Users setup to run as local admins under XP, so that anyone
> > > that
> > > has logged into the domain has local admin access. Whats the best
> > > way to
> > > replicate this setup so that I don't have to go around to each
> > > computer
> > > and change the local security policy?
> > >
> > > Is there a way to assign users to the group domain users?
> > > or would i just do something like
> > > net groupmap modify ntgroup="Domain Admins" unixgroup=smbusers
> >
> > net rpc group addmem "Administrators" "Domain Users" -S MAGGOT
> > -Uadministrator%secret
> >
> > Where MAGGOT is the remote Windows client. This can be done from the
> > Samba PDC
> > or BDC. It can be scripted.
> >
> > > and make everyone an user in smbusers?
> >
> > net rpc user add 'user_name' -Uroot%secret
> > net rpc password 'username' 'new_secret' -Uroot%not24get
> >
> > How does that sound? There will soon be a new chapter in the
> > Samba-HOWTO-Collection that documents use of the 'net' command for
> > local and
> > remote management.
> >
> > - John T.
> > --
> > John H Terpstra
> > Samba-Team Member
> > Phone: +1 (650) 580-8668
> >
> > Author:
> > The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
> > Samba-3 by Example, ISBN: 0131472216
> > Hardening Linux, ISBN: 0072254971
> > Other books in production.
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/listinfo/samba
>
> Vincent Yonemitsu
> Information Technology Services
> (905)639-3611 ext 153
> yonemitsuv at bpl.on.ca

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.

More information about the samba mailing list