Topic: admin user no longer a Domain Admin + solution

[daytron]

I recently migrated a server from 7.0 on one box to 7.1 on another box. I used the dar2 contrib to do the backup on the 7.0 box and restored it on the 7.1 box.

Everything was fine until we noticed that logging in as admin on XP machines no longer gave us Domain Admin privileges. After debugging samba we realised the admin user simply wasn't being recognised as a Domain Admin by samba.

It appears to be a problem with the private user group "admin" which is by default mapped as "Domain Admins" - adding other users to this unix group did not elevate them to Domain Admins either.

using net groupmap to remap Domain Admins to any other unix group works fine. The workaround I used was to simply create a new unix group (via the panel) called domadm and set the description to "Domain Admins" which causes SME to remap the group automagically. I then just added admin tot he group and all works as expected.

Has anyone else had this problem? Have there been any changes 7.0 - 7.1 which may have got overwritten by my restore?

[stephen noble]

>Has anyone else had this problem?

yes, there are a number of related bugs
could you please add your findings to one of them

[daytron]

Can you point me in the right direction? I thought I did a very thorough search before posting here. I didn't consider it a bug due to the backup/restore possibly wiping out something important.

[stephen noble]

i think you correct this is different from the bugs i was thinking of
it's a good solution, i just don't know if it's a problem
although if it's not a bug with sme it is with dar

if it's in the bug tracker as a new bug the info is more easily found by the people who can fix the code

thanks

[crusader]

Is there a solution without creating a new admin group?
Maybe some sort of Updating samba?