[Samba] Method for joining machines to PDC without using root

[Markus Schabel]

Alan Woodland wrote:
> Markus Schabel wrote:
> 
>> ___cliff rayman___ wrote:
>>
>>> currently, in order to join a win XP machine to a samba PDC, you
>>> have to use the root account (although you can use an smbpasswd
>>> and not the linux password).  is there any way to set up another
>>> account to do this one particular task (one without uid=0)?.
>>> if we have users in remote places, i do not want to have to go over
>>> to their work station just to log them on the the domain.  alsoi 
>>> don't want to
>>> give them a login and password that could compromise the system
>>> the samba is running on (linux).
>>
>>
>>
>> AFAICT it works with a non-root user if you use LDAP instead of
>> smbpasswd.
>>
>> <snip/>
>>
> 
> Im currently doing that with the new samba from cvs using smbgroupedit, 
> but it is possible with older sambas using (IIRC) domain admin group = 
> @groupname and having the users you want to be able to add machines to 
> the domain in that group. It does however make the user super user 
> equivilent when logged in through samba that way, but not super user on 
> the actual unix boxes.
> 
> Alan


I'm doing it with samba 2.2.7a. But I'd like something like "add 
computer group = valid-user", so that everybody with a user-account can
add his workstation to the domain (if the workstation's ip is logged as
active by the dhcp).

Probably it's possible to add computer-accounts via dhcp-log's (but I
think the problem here is that the DHCP-hostname could be different from
the NetBIOS-name.


-- 
Markus Schabel
+--------------------------------------------+
| TGM - Die Schule der Technik               |
| IT-Service                                 |
| A-1200 Wien, Wexstrasse 19-23              |
| Tel.: +43(1)33126/316 Fax: +43(1)33126/154 |
| eMail: markus.schabel at tgm.ac.at            |
+--------------------------------------------+