Dear all I have install samba + ldap and it is successfully joing the domain but problem is when i login in XP machine with Administrator account of samba i cannot change anything in XP even not system time so is it problem of privileges ?? $ cat ~/satish/url.txt http://www.linuxbug.org _____________________________________________________________________________________________________ --------------------------------- 5, 50, 500, 5000 - Store N number of mails in your inbox. Click here.
satish patel wrote:> Dear all > > I have install samba + ldap and it is successfully joing the domain but problem is when i login in XP machine with Administrator account of samba i cannot change anything in XP even not system time so is it problem of privileges ??Get a copy of MS's ifmember.exe and issue it with the /list switch while logged into Windows with a domain account. That will show you which groups you are a member of on the domain and local workstation. Likely you have something amiss in the group mapping area. I cover that sort of thing in my Samba presentation: "Samba 3 PDC for Windows Clients and Samba 3 Book Review" http://www.lueckdatasystems.com/pub/presentations/iccm2007.pdf Start on page 7 of the presentation. I do not use LDAP in this presentation, so the EXACT solution will be different in your case. -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/
satish patel wrote:> i have created root > account and map root account with Administrator /etc/samba/smbuser fileI have never heard of such a file... > i have created root account I have specifically avoided creating an account named root. Since Ubuntu which we are now using uses a sudo environment, seems a wise decision way back when. Still, I do not think that alone is your source of trouble.> and root UID=0 and memeber of Domain Admin group. but still when i am > login in XP client machine with root user in samba Domain i dont have > much privielges on XP machine even i can not change my XP client > machine System TimeDid you get a copy of ifmember.exe and run it with the /list option to see which local and domain groups you are a member of? What did it return? Are you a member of the local Administrators group or not? (Sounds like not.) satish patel wrote: > dear your URL PDF is damage so that could not open properly Works fine for us with both Linux and Windows and the Acrobat / Firefox for those platforms. -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/
satish patel wrote:> Dear thanx for cordinate wid me > > I send my example files what i going to tell when i > configure samba without LDAP then i am able to login in XP machine with > root with full privileges at that time my root user group of Domain > Admin Group ok.When you configure Samba without LDAP, then I think group mappings would end up referring to file: /var/lib/samba/group_mapping.tdb While configured as LDAP as the back end, it is necessary to map domain groups to local workstation groups, which can be done via: net groupmap add ... commands as illustrated on page 8 of the presentation I referred to. Otherwise you will only have the default information pre-populated when you prep the LDAP server for use with Samba. Thus I can understand why you get different results when you change database back-ends. Have you yet checked "ifmember.exe /list" and have it show what groups your test ID is actually a member of? -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/