Smb multi-sessions, samba3.0.2pre1
j.lu at tiesse.com
Wed Jan 21 11:04:26 GMT 2004
> On Wed, 2004-01-21 at 01:54, Jianliang Lu wrote:
> Using 'admin users' to get around the 'ldap as not root' issue is the
> wrong fix. The real thing we need to do is properly implement the
> required ACLs etc, so that we don't need such ugly hacks.
> Andrew Bartlett
The problem is that the smbldap-tools need the uid=0 to run. When I use
usrmgr to create a new user I'll get a access denied in run "add user
script"(smbldap-useradd.pl) if the user has not uid=0. If we deal with "add
scripts" using uid=0 may overcome this problem (only for ldap backend).
Another problem is for nested group. If a user would have privileges to
manager users (like create new user) it must be a member of builtin
group "Administrators" or "Account operators", but I don't know if a
globalgroup (like "Domain Admins") could be a member of such group to have
My question is: how can we do to have the users which have uid not 0 and have
the privileges to manage the user account using "User Manager for Domain"?
TieSse s.p.a. Ivrea (To) - Italy
j.lu at tiesse.com luj at libero.it
More information about the samba-technical