The Samba-Bugzilla – Bug 3233
usrmgr keeps user in domain admins group
Last modified: 2005-11-02 15:04:03 UTC
i have discovered following problem.
System suse 9.2 pdc samba 3.0.20b ldap.
a system user which was in the group Domain Admins ( as secondary group of
course ) , cannot be removed from the group, by usrmgr ( in real ldap the user
gets deleted ! )
If the user account gets deleted completly and recreated it is shown again in
the domain admins group.( which isnt so in ldap )
This seems to me as bug with usrmgr, which seem not to forget having a user in
Domain Admins Group. ( guessing about some caching? )
restarting smb nmb does not fix this.
There is no failure of function if i browse the delete and add accts with a ldap
the problem is linked to the david software specially to the david admin
david admin puts some reg key to the windows client which is used
to view the david services from the windows client on the smb server.
This is done via ssh, so here seems to be the problem when the user changes out
from the domain admins group, cause the ssh connect is still
done by the old ssh account, so there are two connects to the smb pdc ( smb, ssh
) with differnet accounts.
This seems to force usrmgr to show the user staying in the domain admins group ,
while this isnt true in ldap anymore.
After fixing the reg key to the right user account , showing of david services
in the david admin works again , and usrmgr shows the right
group entries again ( a reboot was done too ), so the failure went away.
I am not 100 % sure about this fix but the failure was solved.