Using current samba 3.0.23d package on debian etch. Joined AD, everything works but when doing something like: net rpc group add demo -L Could not connect to server 127.0.0.1 The username or password was not correct. Connection failed: NT_STATUS_LOGON_FAILURE or when doing: net rpc group add demo -L -U administrator Password: add alias failed: NT_STATUS_ACCESS_DENIED also at the same time log spits this out: [2007/01/15 22:24:54, 0] auth/auth_util.c:create_builtin_administrators(785) create_builtin_administrators: Failed to create Administrators [2007/01/15 22:24:54, 0] auth/auth_util.c:create_builtin_users(751) create_builtin_users: Failed to create Users I did some mappings, so running this: net groupmap list Domain Admins (S-1-5-21-2251837095-2786957548-4043407633-512) -> root Domain Guests (S-1-5-21-2251837095-2786957548-4043407633-514) -> nogroup Domain Users (S-1-5-21-2251837095-2786957548-4043407633-513) -> users I'm not using LDAP, only tdbsam. wbinfo -m shows only joined AD domain, should it show domain and local domain too? Also when doing getent group "domain users" does not list everyone, maybe only one user. Usually after reboot, it lists everyone but then after awhile the list becomes empty. Is it even possible to use nested groups(local groups) on samba when its in the ADS mode? Is it an issue with debian packages? Can anyone help? I'm trying to build ADS member file server without hustle of adding extra groups to AD, and manage permissions by using local groups on samba. Thanks, --Vlad
