[Samba] LDAP: Mixing local and LDAP-Users

Denis Witt denis.witt at concepts-and-training.de
Fri Sep 23 02:30:34 MDT 2011

Hi Felipe,

thanks for you reply.

> Once LDAP reports the user is present in the group, the system
> should do the rest. :)

I'll try that.

>> If this isn't possible, is there a way to map more than one
>> group to the rid=512 (ntgroup="Domain Admins")?

> That's also possible, you should use 'net groupmap'

I tried that already, but he keeps telling me that the ntgroup is 
already mapped (to another group).

At the moment, as a workaround, I created an LDAP-User and add him to 
the local Administrator group on every Win7 machine. So at least I can 
use LDAP to change the password, etc.


More information about the samba mailing list