[Samba] permission-problem for groups in samba 3.0.23

Karel Zeman karel.zeman at mat.ethz.ch
Fri Jul 28 09:58:13 GMT 2006

hi everybody,

after updating 3.0.13 to 3.0.23 some groups like "Domain Admins" do not 
have the permissions of the samba 3.0.13.

My question: How are the "special" rights (like Adminstrators, Doman 
Admins, etc in 3.0.13) defined in samba version 3.0.23?

net groupmap add ntgroup=winadmin UNIXgroup=winadmin
ntgroup winadmin should have "Domain Admins" rights.

"Domain Admins" was predefined in samba 3.0.13 but it is not in samba 3.0.23.
even "net groupmap add ntgroup="Domain Admins" UNIXgroup=winadmin" does not
solve the problem.

my migrating-procedure:
- copy smb.conf and smbpasswd, save "old" sid
- delete all caches and secrets.tdb
- create new secrets.tdb (setlocalsid <oldsid>)
- start samba 3.0.23
- net groupmap add.... (for all groups)
- net rpc info -Uroot%<password> and getlocalsid both return the correct 
sid (= oldsid)
- the only difference are rid's but either setting them to the old values 
doesn't help
i would very appreciate it if somebody could help me - thank you in advance,

More information about the samba mailing list