[Samba] Reported group membership is different between domain member and Samba ADC
Rowland Penny
rpenny at samba.org
Fri Feb 14 15:36:49 UTC 2025
On Fri, 14 Feb 2025 10:03:33 -0500
"John R. Graham via samba" <samba at lists.samba.org> wrote:
> On my Linux domain members, group membership for my domain login is
> reported as:
>
> terra # id SAMDOM\\jgraham
> uid=11105(SAMDOM\jgraham) gid=10513(SAMDOM\domain users)
> groups=10513(SAMDOM\domain
> users),11105(SAMDOM\jgraham),11120(SAMDOM\wheel),3001(BUILTIN\users)
>
> (I filtered local groups to make the output less noisy.) But on the
> ADC the same command give different results:
>
> dc1 # id SAMDOM\\jgraham
> uid=11105(SAMDOM\jgraham) gid=10513(SAMDOM\domain users)
> groups=10513(SAMDOM\domain users),3000020,3000006(BUILTIN\users)
>
> The difference that's causing me an issue right now is the missing
> membership in the domain "wheel" group. How would I go about
> troubleshooting this?
>
> - John
The real question here is:
Why do you need a group called wheel ?
There isn't one in AD by default, nor on Debian, but redhat uses it,
but it is a local group and shouldn't be in AD.
Rowland
More information about the samba
mailing list