$%#@&^% I forgot to delete the profile. It works. Now I should be able to make a new "Domain Power Users" group with "net groupmap add". How does one find a new sid or can I just increment the last number used like so:
[EMAIL PROTECTED] profiles]# net groupmap list System Operators (S-1-5-32-549) -> -1 Domain Guests (S-1-5-21-1135672234-1853056381-2991119365-514) -> -1 Replicators (S-1-5-32-552) -> -1 Guests (S-1-5-32-546) -> -1 Power Users (S-1-5-32-547) -> -1 Print Operators (S-1-5-32-550) -> -1 Domain Users (S-1-5-21-1135672234-1853056381-2991119365-513) -> -1 Administrators (S-1-5-32-544) -> -1 Account Operators (S-1-5-32-548) -> -1 Backup Operators (S-1-5-32-551) -> -1 Users (S-1-5-32-545) -> users Domain Admins (S-1-5-21-1135672234-1853056381-2991119365-512) -> dadmin Since S-1-5-21-1135672234-1853056381-2991119365-514 is the last number displayed I could use: S-1-5-21-1135672234-1853056381-2991119365-515 Also how does one remove a mapping from a local unixgroup? It seems once mapped, I can only ever assign it to a new group or delete the ntgroup and start again. On Thu, 2003-07-24 at 13:18, Jason C. Waters wrote: > Did you try it after deleting the profile? > > George Farris wrote: > > >Well interestingly enough it only works if I make pwruser (which is > >mapped to "Domain Users") be the primary group of the user. This is > >confusing because with the user I have set up for a Domain Admin > >(unixgroup dadmin) dadmin is not it's primary group. > > > >Any thoughts? > > > >On Thu, 2003-07-24 at 12:22, Felipe Alfaro Solana wrote: > > > > > >>On Thu, 2003-07-24 at 18:31, George Farris wrote: > >> > >> > >>>I have also struggled with this problem. It seems one can map a domain > >>>group such as Domain Admins and have it take effect on the workstation > >>>but Power Users is, I think, a local group and it doesn't work even > >>>though one can map a unix group to it. > >>> > >>>So how can one add users to a Power User group and have it take effect > >>>like Domain Admins? > >>> > >>> > >>On Windows, the "Power Users" is a local group, that is, it's members > >>are not stored on a domain controller, but on the local SAM of the > >>machine. Thus, if for an specific machine you want to make all Domain > >>Users to be Power Users, you'll need to use Windows administration tools > >>and *manually* add the "Domain Users" global group to the "Power Users" > >>local group of the machine. > >> > >> -- George Farris [EMAIL PROTECTED] Computer Support Cowichan. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
