[Samba] builtin groups are not mapped by winbind

Anderson Sampaio Mello anderson.sampaio.mello at gmail.com
Fri May 20 01:31:34 UTC 2022


Thanks for the reply Rowland.

But actually I want to map these groups to groups builtins, that's why I
reported such a problem.

The suggested command generates the same output as shown but the mapping is
not done for other BUILTIN user groups, only the groups
"BUILTIN\Administrators", "BUILTIN\Guests", "BUILTIN\Users" are mapped
automatically.

I would like to know why mapping is not done for BUILTIN groups:

"BUILTIN\Account Operators"
"BUILTIN\Server Operators"
"BUILTIN\Backup Operators"
"BUILTIN\Print Operators"
"BUILTIN\Replicator"

As is done for "BUILTIN\Administrators", "BUILTIN\Guests", "BUILTIN\Users" ?

If anything, it's that BUILTIN group mappings are created inside
group_mapping.tdb and not in winbindd_idmap.tdb

Em seg., 16 de mai. de 2022 às 05:03, Rowland Penny via samba <
samba at lists.samba.org> escreveu:

> On Fri, 2022-05-13 at 02:14 -0300, Anderson Sampaio Mello via samba
> wrote:
> > Hello samba team.
> >
> > I have a samba configured as a member server of a samba4 domain. This
> > member server is version 4.15.5
> >
> > The big problem is that the member server winbind does not generate
> > the
> > gids for some BUILTIN groups, for example:
> >
> > Account Operators
> > Server Operators
> > Backup Operators
> > Print Operators
>
> I wouldn't worry it, that doesn't work for myself on a Unix domain
> member, but these do:
>
> sudo wbinfo --name-to-sid="BUILTIN\Account Operators"
> S-1-5-32-548 SID_ALIAS (4)
>
> sudo wbinfo --name-to-sid="BUILTIN\Server Operators"
> S-1-5-32-549 SID_ALIAS (4)
>
> sudo wbinfo --name-to-sid="BUILTIN\Backup Operators"
> S-1-5-32-551 SID_ALIAS (4)
>
> sudo wbinfo --name-to-sid="BUILTIN\Print Operators"
> S-1-5-32-550 SID_ALIAS (4)
>
> And in reverse:
>
> sudo wbinfo --sid-to-name=S-1-5-32-548
> BUILTIN\account operators 4
>
> sudo wbinfo --sid-to-name=S-1-5-32-549
> BUILTIN\server operators 4
>
> sudo wbinfo --sid-to-name=S-1-5-32-551
> BUILTIN\backup operators 4
>
> sudo wbinfo --sid-to-name=S-1-5-32-550
> BUILTIN\print operators 4
>
> So the code knows who they are. :-)
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


More information about the samba mailing list