Bug 4344 - net rpc rights list should give group rights
net rpc rights list should give group rights
Status: RESOLVED WONTFIX
Product: Samba 3.0
Classification: Unclassified
Component: net utility
3.0.22
Other Windows XP
: P3 normal
: none
Assigned To: Jim McDonough
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2007-01-17 06:01 UTC by muzzol
Modified: 2007-01-17 06:54 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description muzzol 2007-01-17 06:01:47 UTC
domainadmins is mapped to "Domain Admins":

# net groupmap list
Domain Admins (S-1-5-21-3563243952-628324515-3062283235-512) -> domainadmins
Domain Users (S-1-5-21-3563243952-628324515-3062283235-513) -> domainusers
Domain Guests (S-1-5-21-3563243952-628324515-3062283235-514) -> domainguests

smbadmin belongs to domainadmins.
domainadmins have some privileges:

# net -U smbadmin rpc rights list domainadmins
Password:
SeRemoteShutdownPrivilege

but listing on smbadmin only shows privileges specifically set to smbadmin:

# net -U smbadmin rpc rights list smbadmin
Password:
SeDiskOperatorPrivilege


so, when listing users privileges this command should list also privileges of all groups he belongs, for example:

# net -U smbadmin rpc rights list smbadmin
Password:
SeDiskOperatorPrivilege
SeRemoteShutdownPrivilege (group domainadmins)
SeBackupPrivilege (group domainbackups)
Comment 1 Gerald (Jerry) Carter 2007-01-17 06:54:36 UTC
The command works as expected.  The rights are added to the 
user's token at login time.