[Samba] need of a user root in ldap ?
Markus Schabel
markus.schabel at tgm.ac.at
Tue Sep 16 14:42:13 GMT 2003
John H Terpstra wrote:
> On Tue, 16 Sep 2003, Antoine Jacoutot wrote:
>
>
>>Hi !
>>
>>Is there the need for a root account when using samba-3.0+ldap ?
>>I'm asking this because I cannot add XP workstations to the domain (I
>>made the registry changes), I get an "access denied". Under NT, there's
>>no problem, it does not even ask for a login/password as long as the
>>workstation account is created in samba. With XP, I use a user account
>>who is also part of the admins group, but as I said, I get an access denied.
>>Any idea ?
>
>
> Yes. The account you use to add machines has to have uid=0. ie: root.
Is this *really* needed if the machine accounts are stored in LDAP? For
writing /etc/passwd you need to be root, but for writing LDAP you
usually don't need to be root... You only need to have execute
permissions for the machine-add script...
As Andrew said, you have to be domain admin (that means ...-500 as SID),
but root??
regards Markus
More information about the samba
mailing list