[Samba] Domain Administrator problems

Julian Pilfold-Bagwell jpb at bordengrammar.kent.sch.uk
Wed Feb 6 14:06:05 GMT 2008

Hi All,

I have a tdbsam backend on Samba PDC and am trying to set a user up as a
domain admin. I read that instead of the old admin users line in
smb.conf you now use net groupmap to map unix groups to NT groups.

I have a user called toni in unix group admins and have run:

net groupmap add rid=512 ntgroup="Domain Admins" unixgroup=admins


net groupmap list gives:

Domain Admins (S-1-5-21-2201139836-2091317229-5964732158-512) -> admins

which is the correct sid for the domain, but doing domain admin like
things, e.g. gpedit, changing network settings etc., on an XP client
leads to warnings that toni is not an administrator.  

Is there something I've missed? Setup is Centos 5.1, Samba 3.0.25 and
smbusers maps root to administrators.



More information about the samba mailing list