[Samba] Local Administrators (group) and delegation in AD
Rowland Penny
rowlandpenny241155 at gmail.com
Tue Nov 3 08:48:30 UTC 2015
On 03/11/15 08:10, Davor Vusir wrote:
>
>
> No, Davor. That won't work. The delegated user account is not member
> of 'AD\Domain Admins' which is member of the group
> 'SERVER\Administrators'. You have to use the username map to be able
> to add the first AD-group or account to 'SERVER\Administrators'.
>
No, Davor, you don't have to use a username map, as long as you have
samba-tool on your client (which means it has to be a Unix client).
samba-tool group addmembers Domain\ Admins testunixgroup -H
ldap://192.168.0.2 -UAdministrator
192.168.0.2 is the DC
Rowland
More information about the samba
mailing list