After I joined 2008r2 to samba3, the Domain Admins group was added to the local administrators group and Domain Users was add to Users, but any other group that is my ldap directory does not seem to be available when I search for them. You would expect to be able to login through remote desktop with the root account (should be in Domain Admins) but also this is not possible, it looks like the groups are empty on the 2008r2 server. Users can be selected without problems as DOMAIN\username and added to local groups. 1. Could this because of trust relationship type? Server has samba flags: [W ] 2. Problem with idmapping? Thanks in advance, Marc - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -. F1 Outsourcing Development Sp. z o.o. Poland t: +48 (0)124466845 f: +48 (0)124466843 e: marc at f1-outsourcing.eu