On Sat, 27 Sep 2003, Chris Smith wrote: > A "net groupmap list" show 2 each of "Domain Admins" and "Domain Guests" as > marked below with ** and *** respectively. > > System Operators (S-1-5-32-549) -> -1 > Replicators (S-1-5-32-552) -> -1 > Guests (S-1-5-32-546) -> -1 > Power Users (S-1-5-32-547) -> -1 > Print Operators (S-1-5-32-550) -> -1 > Administrators (S-1-5-32-544) -> -1 > **Domain Admins (S-1-5-21-1068423669-2868761170-579274183-512) -> -1 > Account Operators (S-1-5-32-548) -> -1 > ***Domain Guests (S-1-5-21-1068423669-2868761170-579274183-514) -> -1 > Domain Users (S-1-5-21-1068423669-2868761170-579274183-513) -> users > **Domain Admins (S-1-5-21-2884117546-2866258145-1073336595-512) -> -1 > Backup Operators (S-1-5-32-551) -> -1 > Users (S-1-5-32-545) -> -1 > ***Domain Guests (S-1-5-21-2884117546-2866258145-1073336595-514) -> -1 > > A "net groupmap delete ntgroup="Domain Admins"" looks like it works: > "Sucessfully removed Domain Admins from the mapping db" but yet the multiples > remain. Is this normal and if not what can or should be done.
It looks here as if you changed either the domain name or the machine name of your Samba server. That will result in the duplicate entries you see here. To correct this, stop Samba, delete the group_mapping.tdb file. Then restart Samba and do not forget to map your Domain groups to valid UNIX groups. The Domain Admins group (RID=512) should be mapped to root (GID=0) so that you have true equivalency of administrative rights in both Windows and UNIX environments. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
