I am running Samba4 4.1.11 on Slackware64 14.1, kernel 3.10.17. The host is configured as domain controller / Active Directory and for the most part works fine.
However, I would like domain users to be system administrators on their own workstations. It is quite a pain to log into their computers for simple things like updating installed software, or changing the workstation date/time. I really don't want to give out the domain administrator password!
In 'Active Directory Users and Computers' the user is a member of "Administrators":
Yet doing things like date/time setting, etc. prompts the user with the dialog "To continue, type an administrator password, and then click Yes."
When logged into this user's workstation as the Administrator and going to Control Panel > User Accounts > Manage User Accounts, the only user shown is the non-domain computer user (Domain 'holly' is the machine name).
What I would expect to see is User Name: hcarr, Domain: hprs.local, Group: Administrators. But of course, even the actual domain Administrator isn't listed here.
How can I accomplish this? Do I need to do something with a Group Policy? Add the user explicitly to the workstation with the hprs.local domain? There has to be a way to fix this.