Hi everyone,
My Problem is the following:
Users in the Domain Admins group (512) seem not to authenticate at local windows machines with admin rights.
Distribution: CentOS
Kernel: 2.6.18-308.20.1.el5
Systeme: OpenLDAP slapd 2.3.43, Samba version 3.5.10-0.110.el5_8
# net groupmap list
Domain Admins (S-1-5-21-3285246029-973205485-3622274768-512) -> samba_domain_admins
Domain Users (S-1-5-21-3285246029-973205485-3622274768-513) -> samba_domain_users
Domain Guests (S-1-5-21-3285246029-973205485-3622274768-514) -> samba_domain_guests
Domain Computers (S-1-5-21-3285246029-973205485-3622274768-515) -> samba_domain_computers
Administrators (S-1-5-21-3285246029-973205485-3622274768-544) -> samba_administrator
Account Operators (S-1-5-21-3285246029-973205485-3622274768-548) -> samba_account_operators
Print Operators (S-1-5-21-3285246029-973205485-3622274768-550) -> samba_print_operators
Backup Operators (S-1-5-21-3285246029-973205485-3622274768-551) -> samba_backup_operators
Replicators (S-1-5-21-3285246029-973205485-3622274768-552) -> samba_replicators
Additionally here are some screenshots from our Apache Directory Browser with the user accounts backup and root and the group Domain Admins.
backup
root
samba_domain_admins
If you need further confuration, please ask me.
I would be really happy if we could solve this issue.