[Samba] User lost domain admin privileges
Loren M. Lang
lorenl at alzatex.com
Fri Mar 23 16:15:24 MDT 2012
Recently, something broke in Samba, my user, lorenl, is no longer an
Administrator on any local workstations. I am the only administrator
for this network, and there's nothing I've done related to any Samba
configuration changes recently. On all workstations, I've checks that
DOMAIN\Domain Admins is listed in the Administrators group. I ran this
command from the Command Prompt and see lorenl listed:
net group /domain "Domain Admins"
But somehow when I log onto any workstation, I do not gain admin
privileges. Is there some way to ask Windows which groups my logon
session includes?
On the server, I have both a Primary Domain Controller running Samba
3.2.3-1ubuntu3.8 and a Backup Domain Controller running Samba
3.0.28a-1ubuntu4.17. Both have an LDAP server behind them running on
the same hardware. The BDC has an LDAP server which uses LDAP Sync
replication from the PDC's LDAP server. I have Domain Admins set up as
a Samba Group mapping to the UNIX group admins of which lorenl is also a
part of. There have been no significant changes to this set-up that I
am aware of since 2009 so I have no idea what broke recently.
--
Loren M. Lang
lorenl at alzatex.com
http://www.alzatex.com/
Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc
Fingerprint: 10A0 7AE2 DAF5 4780 888A 3FA4 DCEE BB39 7654 DE5B
More information about the samba
mailing list