--- Dwn/samba-4.1.16/source3/rpcclient/cmd_samr.c	2015-01-26 15:11:16.439897554 +0100
+++ Dvp/samba-4.1.16/source3/rpcclient/cmd_samr.c	2015-01-26 15:08:32.584944064 +0100
@@ -1910,6 +1910,111 @@
 	return status;
 }
 
+static NTSTATUS cmd_samr_add_group_member(struct rpc_pipe_client *cli,
+                                          TALLOC_CTX *mem_ctx,
+                                          int argc, const char **argv)
+{
+	struct policy_handle connect_pol, domain_pol, group_pol;
+	struct dcerpc_binding_handle *b = cli->binding_handle;
+	struct lsa_String memb_name; 
+	uint32 grp_rid;
+	struct samr_Ids user_rid, name_types;
+	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
+	NTSTATUS status, result;
+
+	if (argc != 3 ) {
+		printf("Usage: %s rid membername\n", argv[0]);
+		return NT_STATUS_OK;
+	}	
+	
+	sscanf(argv[1], "%i", &grp_rid);
+	init_lsa_String(&memb_name, argv[2]);
+
+	/* Get sam policy handle */
+
+	status = rpccli_try_samr_connects(cli, mem_ctx,
+					  MAXIMUM_ALLOWED_ACCESS,
+					  &connect_pol);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto done;
+	}
+
+	/* Get domain policy handle */
+
+	status = dcerpc_samr_OpenDomain(b, mem_ctx,
+					&connect_pol,
+					access_mask,
+					&domain_sid,
+					&domain_pol,
+					&result);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto done;
+	}
+	if (!NT_STATUS_IS_OK(result)) {
+		status = result;
+		goto done;
+	}
+
+	/* Get Group handle */	
+	status = dcerpc_samr_OpenGroup(b, mem_ctx,
+					&domain_pol,
+					access_mask,
+					grp_rid,
+					&group_pol,
+					&result);
+
+	if (!NT_STATUS_IS_OK(status)) {
+		goto done;
+	}
+	if (!NT_STATUS_IS_OK(result)) {
+		status = result;
+		goto done;
+	}
+
+	/* Get User rid */
+	status = dcerpc_samr_LookupNames(b, mem_ctx, 
+					&domain_pol,
+					1,
+					&memb_name,
+					&user_rid,
+					&name_types,
+				   &result);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto done;
+	}
+	if (!NT_STATUS_IS_OK(result)) {
+		status = result;
+		goto done;
+	}
+	if (user_rid.count != 1) {
+		status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+		goto done;
+	}
+	if (name_types.count != 1) {
+		status = NT_STATUS_INVALID_NETWORK_RESPONSE;
+		goto done;
+	}
+	
+	/* Add a group member */
+	status = dcerpc_samr_AddGroupMember(b, mem_ctx,
+					&group_pol,
+					user_rid.ids[0],	
+					SE_GROUP_MANDATORY | SE_GROUP_MANDATORY | SE_GROUP_MANDATORY,
+					&result);
+	
+	if (!NT_STATUS_IS_OK(status)) {
+		goto done;
+	}
+	if (!NT_STATUS_IS_OK(result)) {
+		status = result;
+		goto done;
+	}
+
+	done:
+		return status;
+}
+
+
 /* Create domain group */
 
 static NTSTATUS cmd_samr_create_dom_group(struct rpc_pipe_client *cli,
@@ -3091,7 +3196,7 @@
 		ZERO_STRUCT(info.info21);
 
 		info.info21.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT |
-					     SAMR_FIELD_LM_PASSWORD_PRESENT;
+					     SAMR_FIELD_LM_PASSWORD_PRESENT | SAMR_FIELD_ACCT_FLAGS;
 		if (argc >= 5) {
 			info.info21.fields_present |= SAMR_FIELD_EXPIRED_FLAG;
 			info.info21.password_expired = password_expired;
@@ -3104,6 +3209,7 @@
 		info.info21.nt_password_set = true;
 		info.info21.nt_owf_password.length = 16;
 		info.info21.nt_owf_password.size = 16;
+		info.info21.acct_flags = ACB_NORMAL;
 
 		{
 			DATA_BLOB in,out;
@@ -3127,12 +3233,12 @@
 		ZERO_STRUCT(info.info23);
 
 		info.info23.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT |
-						  SAMR_FIELD_LM_PASSWORD_PRESENT;
+						  SAMR_FIELD_LM_PASSWORD_PRESENT | SAMR_FIELD_ACCT_FLAGS;
 		if (argc >= 5) {
 			info.info23.info.fields_present |= SAMR_FIELD_EXPIRED_FLAG;
 			info.info23.info.password_expired = password_expired;
 		}
-
+		info.info23.info.acct_flags = ACB_NORMAL;
 		info.info23.password = pwd_buf;
 
 		break;
@@ -3145,12 +3251,13 @@
 		ZERO_STRUCT(info.info25);
 
 		info.info25.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT |
-						  SAMR_FIELD_LM_PASSWORD_PRESENT;
+						  SAMR_FIELD_LM_PASSWORD_PRESENT |  SAMR_FIELD_ACCT_FLAGS;
 		if (argc >= 5) {
 			info.info25.info.fields_present |= SAMR_FIELD_EXPIRED_FLAG;
 			info.info25.info.password_expired = password_expired;
 		}
 
+		info.info25.info.acct_flags = ACB_NORMAL;
 		info.info25.password = pwd_buf_ex;
 
 		break;
@@ -3391,6 +3498,7 @@
 	{ "createdomuser",      RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_user,       NULL, &ndr_table_samr, NULL,	"Create domain user",      "" },
 	{ "createdomgroup",     RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_group,      NULL, &ndr_table_samr, NULL,	"Create domain group",     "" },
 	{ "createdomalias",     RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_alias,      NULL, &ndr_table_samr, NULL,	"Create domain alias",     "" },
+	{ "addgroupmember",       RPC_RTYPE_NTSTATUS, cmd_samr_add_group_member,    NULL, &ndr_table_samr, NULL,	"Add a member in group",     "" },
 	{ "samlookupnames",     RPC_RTYPE_NTSTATUS, cmd_samr_lookup_names,          NULL, &ndr_table_samr, NULL,	"Look up names",           "" },
 	{ "samlookuprids",      RPC_RTYPE_NTSTATUS, cmd_samr_lookup_rids,           NULL, &ndr_table_samr, NULL,	"Look up names",           "" },
 	{ "deletedomgroup",     RPC_RTYPE_NTSTATUS, cmd_samr_delete_dom_group,      NULL, &ndr_table_samr, NULL,	"Delete domain group",     "" },