NTW 4.0 Workstation Admin Rights
James S.Seymour
jseymour at LinxNet.com
Sun Nov 12 16:05:14 GMT 2000
jseymour at linxnet.com (Jim Seymour) wrote:
> "Roman, James (J.D.)" <jroman6 at ford.com> wrote:
> >
> > As best as I can tell, 2.0.7 only provides you with one option for
> this type
> > of administration. If you set the
> >
> > domain admin group = @unixgroupname
> > (make sure you have the @ sign)
> >
> > This will allow everyone who logs in to the workstations to have
> local admin
> > rights. ...
> [remainder snipped]
> >
Just to close-up this thread (maybe), here's what I found works:
1. Logged on as the *workstation* Admin account, gave the user
workstation Admin rights.
2. Logged on to the NT Domain account as the user, gave the user's
*domain* account workstation Admin rights.
This gives the user, whether logged on under the workstation "domain"
or the NT Domain, workstation Admin rights. Thus, server-based scripts
that set time, setup routing, etc. will work. A down-side to this is
that you have to do it for each user on each workstation.
I suppose the other option might be to go the "domain admin group"
route, create an "administrator" user, and somehow get this stuff to
execute on boot as a service, or whatever. I've done things like that
before, but don't recall exactly how I accomplished it.
Anyway, method #1 worked for me. Of course, there are workstation
security implications.
Regards,
Jim
--
Jim Seymour | PGP Public Key available at:
jseymour at jimsun.LinxNet.com | http://www.cam.ac.uk.pgp.net/pgpnet/wwwkeys.html
http://jimsun.LinxNet.com | http://www.trustcenter.de/cgi-bin/SearchCert.cgi
More information about the samba-ntdom
mailing list