Authenticating NT Shares against Samba PDC users/groups
Jim Morris
Jim at Morris.net
Tue Mar 20 15:12:34 GMT 2001
Hello Augis,
Tuesday, March 20, 2001, 2:47:46 AM, you wrote:
A> Why you had to create new user group? You could simply pull out the
A> names from Samba.
Well, I seem to have trouble doing just that. If I select a group from
the Samba server on the NT box, I end up with an error that the
"account doesn't exist" or something like that. That's not the exact
error I get on NT - but as I'm not onsite at the moment, I cannot
reproduce it right now.
A> After this, you should establish permitions to share like : [your
A> group]; SYSTEM; Domain Admins - Full Controll and permitions for
A> directory SYSTEM; Domain Admins - Full Controll
Well, I don't WANT any of these users to be domain administrators. I
want a group of users with just "normal" user-level priveledges in the
domain. I want that group ("accounting" for example) to be able to
use the share in R/W mode, and users that are NOT in that group to not
even connect to the share on the NT box.
A> I think this is because you ommited SYSTEM account you are not able to
A> see any files.
I guess I'm not clear on how I am supposed to assign the SYSTEM
account here.... Okay - I'm on a Windows 2000 box right now, and I
see "SYSTEM" in the list for adding access rights to a share or file.
So I put the group I want (NOT "Domain admins" hopefully) and SYSTEM
in the list, and that should take care of it?
I'll have the guys onsite try that and see what happens.
Thanks.
--
Best regards,
Jim Morris mailto:Jim at Morris.net
More information about the samba-ntdom
mailing list