[Samba] Problem with RID,SID and usrmgr

[TSZ]

Hello,

First of all, I would like to say that this is my third attempt to make 
Samba working as PDC. On the very beginning I had a problem with machine 
account, but after group mapping and cleaning group maps, I was able to 
add it from command line - using smbpasswd (according to this point, I 
would like to ask: "machine" unix group is only allowed for machines? Am 
I not able to use my own like:smbmachines?).

Now I am fighting with usrmgr.exe. When I connect from domain member XP 
station as root and choice one of the listed users, I have recived sth 
like this in logs and usrmgr error:

[2006/05/27 15:41:29, 1] rpc_server/srv_util.c:get_domain_user_groups(298)
 get_domain_user_groups: primary gid of user [root] is not a Domain group !
 get_domain_user_groups: You should fix it, NT doesn't like that
[2006/05/27 15:41:29, 0] rpc_server/srv_util.c:get_alias_user_groups(206)
 get_alias_user_groups: gid of user root doesn't exist. Check your 
/etc/passwd and /etc/group files
[2006/05/27 15:41:29, 1] rpc_server/srv_util.c:get_domain_user_groups(298)
 get_domain_user_groups: primary gid of user [root] is not a Domain group !
 get_domain_user_groups: You should fix it, NT doesn't like that
[2006/05/27 15:41:30, 1] smbd/service.c:make_connection_snum(648)
 tws (192.168.0.102) connect to service root initially as user root 
(uid=0, gid=0) (pid 4492)
[2006/05/27 15:41:32, 0] rpc_server/srv_util.c:get_alias_user_groups(206)
 get_alias_user_groups: gid of user tomek doesn't exist. Check your 
/etc/passwd and /etc/group files
[2006/05/27 15:42:12, 1] smbd/service.c:close_cnum(836)
 tws (192.168.0.102) closed connection to service root

When I use command "net group", after entering root's smb password, I 
recive groups list(with double "Domain Admins") with "ads_connect: 
Transport end point is not connected" error.

Command: "net groupmap list" shows me also double "Domain Admins" 
entries and I am not able to delete both of them, only one of them. I've 
tried net groupmap delete,modify with SID,ntgroupname, also net groupmap 
cleanup, but it doesn't work.

So I think that the solution is somewhere connected with a proper 
defining of SID,RID or groupmaps.

Thank you,

This is my smb.conf(only general section):

#======================= Global Settings 
=====================================
[global]
   netbios name = Asterisk
   server string = Asterisk PDC
   workgroup = BB
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
      security = user
   local master = yes
   domain master = yes
   preferred master = yes
   domain logons = yes
   nt acl support = yes
   time server = yes
   wins support = yes
   dns proxy = no
   os level = 33
      logon drive =
   logon path = \\Asterisk\profiles\%U
   logon script = logoon.bat
      lm announce = yes
   lm interval = 120
   name resolve order = wins bcast
      max log size = 50
   log file = /var/log/samba/%m.log
   debug level = 1
      unix charset = ISO8859-2
   dos charset = CP852
      cups options = raw
   load printers = yes
   printcap name = cups
      available = no
   browseable = no
   directory mask = 0777
   force directory mode = 0555
   create mask = 0666
   force create mode = 0444
      printer admin = root
      passdb backend = tdbsam
   null passwords = no
   encrypt passwords = yes
   unix password sync = no
   hosts allow = 192.168.0. 127.
   interfaces = 192.168.0.5 127.0.0.1
   bind interfaces only = yes
   username map = /etc/samba/smbusers
   add user script = /usr/sbin/useradd -m %u
   delete user script = /usr/sbin/userdel -r %u
   add group script = /usr/sbin/groupadd %g
   add machine script = /usr/sbin/useradd -n -g machines -d
dev/null -s /bin/false %u