Hi,

We have a Windows Domain and a few Linux boxes on which we have
installed Samba and set them up so people can log in using their
windows domain logins using winbind etc.

All is working fine EXCPECT for the group memberships.

I have a windows user who is a member of the "Domain Admins" group and
I want them to have root privilegdes on the UNIX box.

I added a group mapping using the command net groupmap add
ntgroup="Domain Admins" unixgroup=root type=d but that just added
another group called "Domain admins" which could be seen by running

[root@xxx ~]# net groupmap list | grep Domain Domain Users
(S-1-5-21-2057633969-1929386834-1244778803-513) -> -1 Domain Admins
(S-1-5-21-2057633969-1929386834-1244778803-1001) -> root Domain Admins
(S-1-5-21-2057633969-1929386834-1244778803-512) -> -1 Domain Guests
(S-1-5-21-2057633969-1929386834-1244778803-514) -> -1

so I tried
net groupmap set "Domain Admins" "root" -D which was better and gave
the output Domain Users (S-1-5-21-2057633969-1929386834-1244778803-513)
-> -1 Domain Admins (S-1-5-21-2057633969-1929386834-1244778803-512) ->
root Domain Guests (S-1-5-21-2057633969-1929386834-1244778803-514) ->
-1

But any users that are in the "Domain Admins" group do not get root
prviledges when logging into the unix box

Is what I am doing supported i.e. is that what group mappings are for?

Phil.