[Samba] XP user priviledges with Samba

Jim Durham jimd at nepinc.com
Thu Oct 3 17:14:01 GMT 2002


On Thursday 03 October 2002 11:39 am, Bradley W. Langhorst wrote:
> On Thu, 2002-10-03 at 11:31, Jim Durham wrote:
> > I've read the achives, but I'm not finding anything.
> >
> > On XP, I can give a local user admin priviledges on his/her
> > local machine when they are logged in to that machine
> > and not the domain.
> >
> > How do I do this when they are logged in to the domain,
> > with Samba as a PDC?
> >
> > Some programs need to create tmp files that they can not
> > if the the user does not have admin privs on his/her machine.
>
> in samba2 you need to add the domain user to the local admin group.  You
> can map a unix group to Domain Admins or Domain Users groups and add
> that group to the local admins but you can't have more granularity than
> than.
>
> if you don't mind adding the user to local admin on each machine that is
> probably the cleanest solution.
>
> samba3 can handle arbitrary group mapping
>

A couple of questions: 
  I'm having trouble understanding terminology regarding the "group"
  that you are referring to. Are you saying to create a new unix group
 called "admins" and add the user to it? Or is this the local admin group
 on the XP box?

  Would you recommend upgrading to samba 3? I've got another issue
  regarding BDC on a different subnet that doesn't seem to work properly
  with XP and I'm wondering if samba 3 would handle that better. The
  BDC gets its machine ID file and it's smbpasswd, etc/passwd, /etc/master.
 passwd and the password databases from the master, but occasionally
  you suddenly can't log in from the machines on the subnet where the
  BDC lives. I think it's when the network latency between the main
  site and the remote LAN is bad. Killing domain logons on the BDC fixes
  it. Perhaps that  is a reason to consider samba3?

Thanks,
Jim




More information about the samba mailing list