I have done this successfully with samba 2.2.8a and an LDAP backend with openldap. I had difficulty with the regular smbpasswd file in that I was unable to join. I haven't tried the regular smbpasswd backend in a while because I made the switch to ldap. Is there anything special I need to do with the plain old smbpasswd backend.
Have you done the same with samba 3? I'm looking for the equivalent for samba 3. I created a group called domain-admins, and mapped it with the net groupmap add command. The ntgroup name is "Domain Admins" and I manually set the rid to 512. If I add users to the group, but join the domain with the root account added via smbpasswd, the members of the group are recognized as domain admins. I still can't join the domain with an account from that group. Please help. Bob. "Jean-Rene Cormier" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > My smb.conf is pretty basic, I don't see anything else other than the > domain admin group that would change that behaviour. > > Here's part of my smb.conf: > > [global] > workgroup = DOMAIN > netbios name = SERVER > server string = SERVER > interfaces = 192.168.0.2 127.0.0.1 > bind interfaces only = Yes > encrypt passwords = Yes > passwd program = /usr/bin/passwd %u > username map = /etc/samba/private/usermap > unix password sync = Yes > log file = /var/log/samba/%m > socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE > > name resolve order = wins bcast hosts > domain admin group = root, admina, adminb > logon path = \\%N\profiles\%u > logon drive = I: > domain logons = Yes > os level = 35 > preferred master = Yes > local master = Yes > domain master = Yes > wins support = Yes > ldap server = 127.0.0.1 > ldap port = 389 > ldap suffix = "dc=domain,dc=com" > ldap admin dn = "uid=smbadmin,ou=People,dc=domain,dc=com" > ldap ssl = Yes > > Jean-Rene Cormier > > On Fri, 2003-10-31 at 11:36, werner maes wrote: > > I'm glad it works for you :-) > > can you give some configuration details of smb.conf? > > > > I have: domain admin group = root ldaptest. > > > > Werner > > > > At 11:27 31/10/2003, Jean-Rene Cormier wrote: > > >I just reformatted a computer and I joined it with my regular username > > >which doesn't have uid=0 and is not mapped to root either. I thought > > >that maybe it was because the machine account was already in LDAP so I > > >booted up another Windows in VMWare and removed it from the domain and > > >changed the computer name to one that wasn't already in LDAP and I was > > >able to join it with the same username. I'm using the "domain admin > > >group" and it seems to be working fine. Running on Samba 2.2.8a btw. > > > > > >Jean-Rene Cormier > > > > > >On Fri, 2003-10-31 at 10:37, Thiago Lima wrote: > > > > The user MUST be root, if you want to use another user map it to root in > > > > smbusers. > > > > > > > > > > > > regards. > > > > thiago. > > > > > > > > > > > > > I tried to add a computer to a Samba domain using another account > > > > > (testuser) than root. > > > > > I use LDAP for authentication and added the account > > > > > (testuser) with uid=0 > > > > > in ldap. If I use this account to add an computer to the > > > > > domain I get the > > > > > error: "Access is denied". > > > > > > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba