moving from NT-Server to Samba
Paul J Collins
pjdc at eircom.net
Tue Jul 18 17:27:33 GMT 2000
>>>>> "Peter" == Peter Samuelson <peter at cadcamlab.org> writes:
Peter> I'm betting this is a consequence of profile permissions.
Peter> You see, user profiles actually store account permissions
Peter> (of who is allowed to use the profile) *inside* the file,
Peter> rather than just relying on the file permissions. Not only
Peter> that, but they store this info using the user SID, not the
Peter> username, so when you switch to a different domain (the
Peter> Samba domain), you get different users.
Er, not quite. A profile is a tree of files & directories (whose
ownership and permissions are significant); one of these files is
NTUSER.DAT. That file is a registry hive, and the ACLs on the keys in
it of course refer to the owner's SID. You can work on Registry ACLs
using REGEDT32; you have to mount the hives on some existing part of
the Registry in order to work on them.
However, your suggestion sounds like a lot less hassle.
Paul.
--
Paul Collins <pjdc at eircom.net> - - - - - - - [ A&P,a&f ]
GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD
PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C
"Where? Where is the town? Now it's nothing but flowers!"
More information about the samba-ntdom
mailing list