mknissmbpwdtbl.sh
Benny Holmgren
bigfoot at astrakan.hgs.se
Fri May 15 15:06:15 GMT 1998
On Fri, 15 May 1998, Luke Kenneth Casson Leighton wrote:
> this look any good? totally clooless!
>
> nistbladm \
> -D access=og=rmcd,nw= -c \
the -D parameter specifies the default permission for the fields in this
table.
> -s : smbpasswd_tbl \
> name=S,nogw=r \
S means the field is searchable and nogw=w sets the permissions so that
everyone can read the column but nothing else. The default values are
overridden since the = operator is used.
> uid=S,nogw=r \
> user_rid=S,nogw=r \
> smb_grpid=,nw+r \
nw+r adds read permission for nobody & world to the defalt values. The
result will be owner=rmcd, group=rmcd, world=r, nobody=r
(rmcd means r=read, m=modify, c=create, d=delete)
the difference between nobody and world is that the principals with valid
credentials in NIS+ (ie, valid Secure RPC keys) is in the world group
while not even having valid credentials makes you a nobody.
> group_rid=,nw+r \
> acb=,nw+r \
> \
> lmpwd=C,nw=,g=r,o=rm \
> ntpwd=C,nw=,g=r,o=rm \
C tells that this is an encrypted field. nw= sets the persmission for
nobody and world to nothing, read permission for the group and read/modify
for the owner.
> \
> logon_t=,nw+r \
> logoff_t=,nw+r \
> kick_t=,nw+r \
> pwdlset_t=,nw+r \
> pwdlchg_t=,nw+r \
> pwdmchg_t=,nw+r \
> \
> full_name=,nw+r \
> home_dir=,nw+r \
> dir_drive=,nw+r \
> logon_script=,nw+r \
> profile_path=,nw+r \
> acct_desc=,nw+r \
> workstations=,nw+r \
> \
> hours=,nw+r \
> smbpasswd.org_dir.`nisdefaults -d`
>
> nisgrpadm -c smb.`nisdefaults -d`
>
> nischgrp smb.`nisdefaults -d` smbpasswd.org_dir.`nisdefaults -d`
>
Hope this helps
Cheers,
--
Benny Holmgren bigfoot at astrakan.hgs.se
Astrakan Computer Club tel. +46-(0)26-183573
Sweden "It's not about length, it's shoesize"
More information about the samba-technical
mailing list