[Samba] builtin groups are not mapped by winbind

Rowland Penny rpenny at samba.org
Fri May 20 08:31:22 UTC 2022

On Fri, 2022-05-20 at 09:53 +0200, L. van Belle via samba wrote:
> Good morning people around the world.. 
> @rowland, This script isnt running anymore, can you check/verify it. 
> https://raw.githubusercontent.com/thctlo/samba4/master/samba-check-SePrivile
> ges.sh 
> Can you have a check in it also.  
> This smells like a bug.. 
> All mentioned groups exists.. in the AD as Builtin\GroupNames and
> should how
> with above script. 
> net rpc rights list privileges SeBackupPrivilege
> -UADDOM\\Administrator
> -S$(hostname -f)
> Enter ADDOM\Administrator's password:
> Could not connect to server server.internal.hostname.tld
> Connection failed: NT_STATUS_INVALID_TOKEN
> If its all good. I get *( tested on a old old samba version 4.6.16.) 
> SeBackupPrivilege:
>   BUILTIN\Administrators
> So, I think there is more going on here.. 

I see what you mean, it doesn't work for myself, I will get back to


More information about the samba mailing list