[Samba] understanding users mapping
fdelval at rojatex.com
fdelval at rojatex.com
Thu Feb 3 04:27:05 MST 2011
Hello all,
Im Fran, and im from Spain.
Im currently using an english book to setup my samba server, and im having
problems understanding it.
I explain my problem.
I dont want to use root to join clients to the domain; i prefer creating a
plain user.
Ok, so, the steps i follow are:
net groupmap add unixgroup=srvadmins ntgroup="Server Admins"
net groupmap add ntgroup="Domain Admins" unixgroup=dmnadmins rid=512 type=d
net rpc rights grant 'ORA\Server Admins' seMachineAccountPrivilege
Now, users: "root", "dmnadmin"(from dmnadmins group) and "srvadmin" (from
srvadmins group) can add machines to domain.
So i wonder, why srvadmins group is needed to be granted privileges?
I tryed to lower dmnadmins privileges by revoking
semachineaccountprivilege privilege, but didnt worked, and it user managed
to add a machine to the domain correctly.
Ok, so, is this really usefull? why do i need 3 kind of users to be able
to join to the domain?
should i really stick to using root to join clients?
thank you
--
Fran Del Val
Dpto de informática.
Rojatex S.L.
More information about the samba
mailing list