similar to: Group Nesting

I am running 3.0.10-1.4E on RHEL4. The machine is a ADS member server. I would like to statically map the ADS group "Domain Admins" to the built in "wheel" group so all members of "Domain Admins" are in the "wheel" group. I have looked at the username map option, but I don't want a group of users mapped to a UID (this would defeat what I am trying to

section 13.3.2 of the HOWTO shows that i can add a user to a group with the following command: root# net rpc group addmem "MIDEARTH\Engineers" ajt -Uroot when i execute this command (replaced with my server specific values, of course), i get a NT_STATUS_NO_SUCH_USER error. i can verify that my user DOES exist and that he belongs to the posix group account. i can also verify that the

Sorry about the dumb question: Are the "BUILTIN\Administrators" and "BUILTIN\Users" local (nested) groups supposed to be populated with DOMAINNAME\Domain Administrators and DOMAINNAME\Domain Users (respectively) by default? If I download the Redhat Samba package, they are populated. Not so with a compiled version. I've had a helluva time populating BUILTIN\Administrators

hi list, is it possible with samba v3 and ldap backend to embedd a normal group like "normalgroup" in the group "Domain Administrators" to give members of the group "normalgroup" full administrative rights on workstations? i tried with "net groupmap addmem sid-of-normalgroup sid-of-domain-admins" and "net groupmap addmem sid-of-domain-admins

Hello, It seems that domain user can access share when they are specified in "valid list" but not when "valid list" use local group definition. First if added the domain user "duser" to the group "lgroup" in /etc/group Then i defined a samba share and add the domain user "duser in the "valid list" [lgroup] comment =

Hello, My nt admin made a group for my samba server called Share_Dfsroot_pvcs-cdw_C and added me as a member. I made a nested group on my side with net rpc group add ntcdw -L -Uxxxxx I then added the Share_Dfsroot... with net rpc group addmem ntcdw "DOMAIN+Share_Dfsroot..." -Uxxxxx net rpc group members ntcdw -Uxxxx shows: DOMAIN\Share_Dfsroot... so all looks good. I

I have compiled Samba 3.0.22 on Solaris 10 (sparc.) It has been configured as a PDC with a domain of, say, "SAMBADOMAIN." It has some predefined group mappings for the Administrators and "Domain Admins" group. These mappings were dropped in later versions of Samba. (I have been working with 3.0.24 as well. Unfortunately it doesn't seem to play nice with

Hi, I have a windows 7 machine withouth local administrator account. I need to create such an account. I can log in to the machine with a user on my samba domain. What do I need to do in order to get administrator access, or access to create an local administrator account? I have tried to do this: [root at float samba]# net rpc group addmem "Administrators" 'DOMAIN\username'

On Mon, Jul 13, 2020 at 1:26 PM Rowland penny via samba < samba at lists.samba.org> wrote: > On 13/07/2020 18:18, Douglas G. Oechsler wrote: > > > > Hello! > > > > Ok! I switch the IP inside Member AD > > > 127.0.0.1 localhost > > *> 10.1.1.16 * E-PLANO.ad.mydomain.br <http://E-PLANO.ad.mydomain.br> > > e-plano > > > >

Hi All, I'm trying to add a user to a group using /usr/local/samba/bin/net rpc group addmem room11 dunk -Uroot%password The user is added to the group as far as I can tell but the command returns NT_STATUS_ACCESS_DENIED This is on Solaris 10 (Sparc) and Samba 3.2.1, OS and Samba are both configured to lookup users and groups in LDAP. /usr/local/samba/bin/net rpc group members

Hi samba members, I've searched through google, the archives and RTFM but I can't figure this out. I've got a setup of two different offices with both their own samba PDC, wins, etc. Via OpenVPN i've set up an interdomain trust between the two domains (for now one way, but this will become two ways). One domain is called PSW with bluemoon as PDC, the other PSWINDWG with redmoon as

Hi all, have a samba4 server as AD member (security =ADS). I have no account with "Domain Admin" rights, only a normal account with delegated privilege to managing GPO and for domain join. I can not manage the printserver resp. upload the win drivers. The smb.conf option 'printer admin' is gone with v4. I asked already in irc on #samba and got the advice to "make any

Ubuntu 8.04 Server 64-bit Edition Samba 3.0.28a configured as PDC WinXP - SP2 clients I am following the instructions in http://www.samba.org/samba/docs/man/...#magicnetlogon to add domain users to the winxp clients Power Users group. Code: autopoweruser.sh #!/bin/bash /usr/bin/net rpc group addmem "Power Users" "DOMAIN_NAME\$1" \ -UAdministrator%secret

Hi samba-tool group addmembers stage user ERROR(exception): Failed to add members "user" to group "stage" - Unable to find "user". Operation cancelled. File "/usr/lib/python2.7/dist-packages/samba/netcmd/group.py", line 227, in run add_members_operation=True) File "/usr/lib/python2.7/dist-packages/samba/samdb.py", line 274, in

Greetings, I have Samba 4.4.7 running on several Sparc boxes running Solaris 9 as member servers in an Active Directory environment. (I do not control the AD configuration) I am able to connect to the servers using windows clients and smbclient - the problem I have run into is when I try to add domain users to local groups on the Samba servers I am told the users do not exist. As these

Hi, I've got Samba 3.5.6 (SerNet packages) running on Debian Lenny. User information is stored in LDAP via ldapsam:editposix. I changed both the host name and the workgroup name as I had to move the host to a new internal subnet. I noticed that a new sambaDomainName entry was created (containing a new sambaSID). Unfortunately, the Administrator user still contains both the old sambaSID and

Hi Everyone, I've been getting this error when trying to login from an XP box to a Samba 3 + LDAP PDC, but failed. [2006/03/15 17:48:12, 1] rpc_server/srv_netlog_nt.c:_net_sam_logon(766) _net_sam_logon: user Domain\user has user sid S-1-5-21-3570476861-1302945835-1904156257-3004 but group sid S-1-5-21-790863915-1833833965-864709722-513. The conflicting domain portions are not supported

I am attempting to set the SePrintOperatorPrivilege right on my RHEL 5.2 samba server and need some guidance. The samba box is currently joined to an AD forest in which I have a delegated OU, I do not have a Domain Admin account. Samba seems to want/need an Admin account in order to make changes to the server configuration such as rights. So the question is. Is there away to set a

I have setup samba 3 as a PDC for a set of computers that previously had Domain Users setup to run as local admins under XP, so that anyone that has logged into the domain has local admin access. Whats the best way to replicate this setup so that I don't have to go around to each computer and change the local security policy? Is there a way to assign users to the group domain users? or would

Hi, everyone, Just wondering if anyone had worked out how to assign a user as a Power User in domain context? I have tried: (1) setting the primary group SID to S-1-5-32-547 for that user (2) created a power users' group with the above SID with the user as a member. Setting the primary group SID to the admin group (RID 512) works but is an extremely non-preferred option. This is in a