First of all, try to re-join the machine to your domain. Add the machines to a local workgroup (you can assign any name to it), then, after a reboot, try to rejoin the machines to your domain. If this doesn't help, check user data in the LDAP database:
id <username> you should see something like this: uid=10001(administrator) gid=512(Domain Admins) groups=512(Domain Admins),513(Domain Users) Check if the gid is: 512 for Domain Administrators 513 for Domain Users 514 for Domain Guests This is very important, because Windows determines the primary group based on the group id (for example, if you log in to your domain as the "root" user, you won't get administrator privileges on the local computer, because the group ID for root is always zero). -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
