[Samba] Not seeing the expected group memberships with ifmember.exe
/list
Michael Lueck
mlueck at lueckdatasystems.com
Fri Jun 1 18:13:40 GMT 2007
We have bumped into a most odd problem.
Server:
Debian Etch and their Samba 3.0.24-2
Client:
WinXP SP2, MSI v3, all hot fixes
The following settings are in place on the server:
#!/bin/bash
#
# initGrps.sh
# Map Windows Domain Groups to UNIX groups
net groupmap add ntgroup="Domain Admins" unixgroup=domadmin rid=512 type=d
net groupmap add ntgroup="Domain Users" unixgroup=domusers rid=513 type=d
net groupmap add ntgroup="Domain Guests" unixgroup=domguest rid=514 type=d
# Create some Domain Groups to administer local security
net groupmap add ntgroup=ntadmins unixgroup=ntadmins type=d
net groupmap add ntgroup=ntpwrusr unixgroup=ntpwrusr type=d
net groupmap add ntgroup=ntusers unixgroup=ntusers type=d
net groupmap add ntgroup=ntguests unixgroup=ntguests type=d
When we join the domain, we run roughly the following script:
REM JoinDomain.cmd
NETDOM.EXE JOIN %ComputerName% /Domain:LDS-DEMO /UserD:ldsinst /PasswordD:password
REM Remove domain to local group mapping done by NETDOM
NET LOCALGROUP "Users" "LDS-DEMO\Domain Users" /DEL
NET LOCALGROUP "Administrators" "LDS-DEMO\Domain Admins" /DEL
REM Add domain to local group mapping
NET LOCALGROUP "Administrators" "LDS-DEMO\ntadmins" /ADD
NET LOCALGROUP "Power Users" "LDS-DEMO\ntpwrusr" /ADD
NET LOCALGROUP "Users" "LDS-DEMO\ntusers" /ADD
NET LOCALGROUP "Guests" "LDS-DEMO\ntguests" /ADD
What is specifically missing in "ifmember /list" are:
LDS-DEMO\Domains Admins
LDS-DEMO\ntadmins
We are at least getting membership to:
LDS-DEMO\Domain Users
<><><><><><><><><>
What steps should we try as we try to track down this case of missing group memberships?
--
Michael Lueck
Lueck Data Systems
http://www.lueckdatasystems.com/
More information about the samba
mailing list