I'm desperately looking for an answer here...
I've been fighting all week-end with samba-3.0 and there's still something I can't do...
Basically: how can I add some of my users to the Domain admin group ?
I use FreeBSD-5.1+samba3.0RC3. My group maps: Admins du domaine (S-1-5-21-xxxx-512) -> domainadmins Utilisa. du domaine (S-1-5-21-xxxx-513) -> domainusers Invites du domaine (S-1-5-21-xxxx-514) -> domainguests Ordinateurs du domaine (S-1-5-21-xxxx-515) -> domaincomputers
All my users sambaPrimaryGroupSID are set to 513. Now, I added some users to the "domainadmins" group (with the memberUid attribute in LDAP) but they do not get admin priviledges on NT workstations...
What am I missing here ?
I also added "@domainadmins" to the "user admins" parameter in smb.conf, but it does not work.
Any tips would be really appreciated :)
Thanks.
Here is an LDIF file export of one of my users and the domainadmins group:
dn: uid=ajacoutot, ou=utilisateurs, dc=dioranews,dc=com sambaLMPassword: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx sambaPrimaryGroupSID: S-1-5-21-xxxxxxxxxxxxxxxxxxxxxxxxxxxx-513 displayName: Antoine Jacoutot sambaLogonScript: user.bat objectClass: account objectClass: posixAccount objectClass: sambaSamAccount userPassword:: xxxxxxxxxxxxxxxxxxxxxxxxxxxxx sambaHomeDrive: Z: uid: ajacoutot uidNumber: 10000 cn: ajacoutot sambaPwdLastSet: 1063621091 sambaAcctFlags: [U ] loginShell: /bin/csh sambaProfilePath: \\TESTBOX\ajacoutot\profile gidNumber: 513 sambaPwdMustChange: 1065435491 sambaNTPassword: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx sambaPwdCanChange: 1063621091 gecos: Antoine Jacoutot sambaSID: S-1-5-21-xxxxxxxxxxxxxxxxxxxxxxxx-21000 description: Utilisateur Dioranews homeDirectory: /exports/home/ajacoutot sambaHomePath: \\TESTBOX\ajacoutot
dn: cn=domainadmins, ou=groupes, dc=dioranews,dc=com sambaSID: S-1-5-21-xxxxxxxxxxxxxxxxxxxxxxxx-512 gidNumber: 512 displayName: Admins du domaine sambaGroupType: 2 memberUid: ajacoutot objectClass: posixGroup objectClass: top objectClass: sambaGroupMapping cn: domainadmins
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
