On Monday 03 July 2006 13:45, Steve A wrote: > This is part of a larger post that was maybe too complicated for me to get > the right answer, so I'm breaking it down and will do it bit by bit. > > Server is Samba-3 PDC, clients are NT4 & XP. > > I can join the domain using root credentials (so the add machine script > works), but not when using 'administrator'. > > unixuser 'administrator' has primary unixgroup 'ntadmins'. > 'ntadmins' is mapped to sambagroup 'Domain Admins'. > Samba 'administrator' has SID from <net getlocalsid>-500 > > I cannot join the domain using 'administrator' - I get error "The machine > account for this computer either does not exist or is anaccessible". But > if I change the unix uid/gid for 'administrator' - it works. > > So... > > 1. > To clarify, does Samba automatically map usernames in smbpasswd to > identical unix usernames? > > 2. > I was referred to the 'net' command to map some NT rights to NT groups. > However, when I type 'net rpc rights list accounts' there are no domain > groups listed, only 'BUILTIN\...' groups. Is this correct? Because I > would like to add the SeMachineAccountPrivilege to the > DOMAIN\Administrators group (if that's the right way to solve my problem). >
Suggest you read the chapter in the Samba3-HOWTO regarding User Rights and Privileges. The answer to your question is in there. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
