I’ve followed numerous instructions to map my ad group to my local group, but I don’t see anything doing what I need.
In short, I want the “Domain Admins” AD group to be in the wheel group so I’ve run
# net groupmap add ntgroup="Domain Admins" unixgroup=wheel rid=512 type=d
but I don’t see any changes in /etc/group (not certain if I’m supposed to). Nor does anyone who logs in w/ a domain admin account have rights that an account in the wheel group does.
wbinfo -u gives me a list of users in my domain, in domain\username format
wbingo -g gives me a list of groups in my domain in domain\group format
I connected to AD using the yast/Windows Domain Membership service, and checked the three boxes when it was asked.
Do I need to adjust anything in my /etc/pam.d/login file? I tried adding
auth sufficient pam_winbind.so and
password sufficient pam_winbind.so, but that didn’t help either. I’ve also added %domain\ admins ALL = ALL to visudo, no change.
I’m using Samba 3.6.3-0.33.35.1-3062
Thanks for any help you can provide