Hi,
I am trying to setup Samba 3 as a PDC (no ldap yet) and I tried mapping the "Domain Admins" group to wheel. I assume this will allow me to use root to login into a Windows XP machine and gain Administrator privileges. Yes, I am able to login into the windows xp client correctly but I found out that the "root" account does not have administrator privileges. being relatively new this, I am unsure on how to troubleshoot this.
Here are some of my configurations:
groupmappings:
Code:
Domain Admins (S-1-5-21-311252733-1558059333-3896668254-1006) -> wheel
Human Resources (S-1-5-21-898213883-2134111175-3202905958-3011) -> hr
Production (S-1-5-21-898213883-2134111175-3202905958-3013) -> prod
Digital Imaging (S-1-5-21-898213883-2134111175-3202905958-3015) -> dip
IT Services (S-1-5-21-898213883-2134111175-3202905958-3007) -> its
Background (S-1-5-21-898213883-2134111175-3202905958-3019) -> flash
Domain Users (S-1-5-21-311252733-1558059333-3896668254-1005) -> domuser
Finance Services (S-1-5-21-898213883-2134111175-3202905958-3009) -> fs
Domain Guests (S-1-5-21-898213883-2134111175-3202905958-132069) -> nobody
Users (S-1-5-21-311252733-1558059333-3896668254-1002) -> users
Code:
global]
workgroup = TPDOMAIN
netbios name = TDPDCSRVR01
passdb backend = tdbsam
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*Password* %n\n *Re-enter*new*password*%n\n*Password*changed*
username map = /etc/smbusers
unix password sync = Yes
log level = 1
syslog = 1
log file = /var/log/samba/%m
max log size = 50
smb ports = 139
name resolve order = wins bcast hosts
printcap name = CUPS
show add printer wizard = No
add user script = pw useradd -m '%u'
delete user script = pw userdel -r '%u'
add group script = pw groupdel '%g'
add user to group script = pw usermod -G '%g' '%u'
add machine script = pw useradd '%u' -s /bin/nologin -d /tmp
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = X:
logon home = \\%L\%U
domain logons = Yes
preferred master = Yes
wins support = Yes
utmp = Yes
map acl inherit = Yes
printing = cups
cups options = Raw
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[netlogon]
comment = Profile Share
path = /var/lib/samba/netlogon
guest ok = Yes
locking = No
[Profiles]
comment = Profiles
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
[its]
comment = Information Technology Services
path = /data/its
/etc/smbusers
Code:
root = Administrator