[Samba] samba group rights problem (Domain Admins not working)

Jeroen Vriesman linuxificator at gmail.com
Fri Jul 18 11:06:31 GMT 2008


Hi list,

after upgrading our ldap server, the Domain Admins group doesn't work
anymore.

Members of the domain admins group don't have any special rights on the
workstations (for example, they cannot even change the date of a machine in
the
domain anymore).

When I lookup the group members I get:

root at hermes:/etc/samba# net rpc group members 'Domain Admins'
Password:
HIVOS.NL\root
HIVOS.NL\foctaaf
HIVOS.NL\lhilarides
HIVOS.NL\administrator
HIVOS.NL\executor
HIVOS.NL\fbodijn
HIVOS.NL\psomer
HIVOS.NL\jvriesman

And the rights of the group:
root at hermes:/etc/samba# net rpc rights list 'Domain Admins'
Password:
SeMachineAccountPrivilege
SeRemoteShutdownPrivilege
SePrintOperatorPrivilege
SeAddUsersPrivilege
SeDiskOperatorPrivilege

That seems ok, but when I lookup the rights of a member of the Domain Admins
group:

root at hermes:/etc/samba# net rpc rights list 'HIVOS.NL\jvriesman'
Password:
SeAddUsersPrivilege

root at hermes:/etc/samba# net rpc rights list 'HIVOS.NL\psomer'
Password:
<nothing here>

Any idea why members of the Domain Admin group do not get the rights of the
group?

cheers,
Jeroen.


More information about the samba mailing list