System Policy Problems

Jamie ffolliott jmeff at
Tue Feb 2 19:11:40 GMT 1999

> On Tue, 2 Feb 1999, Luke Kenneth Casson Leighton wrote:

> > We also have "writable = yes" on our system so we can edit the
> >logon script
> > and default user profile from a desktop, but that shouldn't be
> >necessary.
> this is a security risk, you can have ordinary users creating scripts for
> other users (including, say administrator).  bad idea.  if you must do
> this, have "write users = xxxx" where xxxx is an admin.

unix permissions don't allow users to write to that directory, but I see
your point.

will add "write list = uuuu, @gggg" (uuuu = an admin, gggg = an admin group)
to the netlogon share - thanks.


More information about the samba-ntdom mailing list