[Samba] Root user shows up as "administrator"

L.P.H. van Belle belle at bazuin.nl
Wed Feb 17 08:22:59 UTC 2021

> The problem with that is, there doesn't seem to be a BUILTIN\Administrator

correct, thats exactly my point. 
ow, and now i see i wrote it wrong.. 

> root at dc4:~# wbinfo -n BUILTIN\\Administrator
> failed to call wbcLookupName: WBC_ERR_DOMAIN_NOT_FOUND
> Could not lookup name BUILTIN\Administrator

I would have expected to see, S-1-5-21-<machine>-500 
And in my opinion, this should be the one we should map. 
what i mean with "builtin\Administrator

The built-in domain, it contains groups that define roles on a local machine.  S-1-5-21-<machine>-500, By default, it is the only user account that is given full control over the system.
So this is the user we should use the map to root. 

in addition. 
BUILTIN_ADMINISTRATORS   S-1-5-32-544   The built-in group. 

After the initial installation of the operating system, the only member of the group is the Administrator account. When a computer joins a domain, the Domain Administrators group is added to the Administrators group. When a server becomes a domain controller, the Enterprise Administrators group also is added to the Administrators group.


And i see I "miss used" BUILTIN\Adminsitrator here.. sorry. 

just, how i see it is.. 

S-1-5-21-<machine>-500 should be mapped to User root. 
BUILTIN_ADMINISTRATORS should be mapped to Group root
BUILTIN_USERS 		should be mapped to Group users
BUILTIN_GUESTS		should be mapped to Group nobody

And resulting in, now its always ok, even if you are without the domain,
if the server isnt AD or domain joined and after its join, the domain groups
are member of the above builtin groups. 

Just my view on it. 



More information about the samba mailing list