[Samba] prevent "delete user script" to delete special Samba user
Gerald (Jerry) Carter
jerry at samba.org
Thu Jan 4 13:07:16 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Niels Peuyn wrote:
> Hello,
>
> OS: FreeBSD 6.1
> Samba: 3.0.23c
>
> What kind of exit code do the "delete user script" need, to
> prevent Samba from deleting a user in tdbsam database?
>
> I'm testing Windows "User Manager for Domain" (usrmgr.exe) and
> I'm trying to convince Samba to NOT delete special users like
> "administrator" etc.
>
> Whenever I delete such a user within User Manager for Domain
> the unix user is still in passwd, but the Samba user has been
> deleted.
The delete user script only manages the Unix account. The
passdb entry permissions are handled by the SeAddUsersPrivilege
(or connecting as root). There is no current per user security
descriptor that would give the kind of control you want without
modifying the source.
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFnPwEIR7qMdg1EfYRAsicAJ9kBXChm/SyT1xd7Xp+3FzkEZZRdACgniwq
Ok5P7VmOaYoGvMTDPBV0Mxw=
=6uNV
-----END PGP SIGNATURE-----
More information about the samba
mailing list