[Samba] XP user priviledges with Samba
Jim Durham
jimd at nepinc.com
Thu Oct 3 17:14:01 GMT 2002
On Thursday 03 October 2002 11:39 am, Bradley W. Langhorst wrote:
> On Thu, 2002-10-03 at 11:31, Jim Durham wrote:
> > I've read the achives, but I'm not finding anything.
> >
> > On XP, I can give a local user admin priviledges on his/her
> > local machine when they are logged in to that machine
> > and not the domain.
> >
> > How do I do this when they are logged in to the domain,
> > with Samba as a PDC?
> >
> > Some programs need to create tmp files that they can not
> > if the the user does not have admin privs on his/her machine.
>
> in samba2 you need to add the domain user to the local admin group. You
> can map a unix group to Domain Admins or Domain Users groups and add
> that group to the local admins but you can't have more granularity than
> than.
>
> if you don't mind adding the user to local admin on each machine that is
> probably the cleanest solution.
>
> samba3 can handle arbitrary group mapping
>
A couple of questions:
I'm having trouble understanding terminology regarding the "group"
that you are referring to. Are you saying to create a new unix group
called "admins" and add the user to it? Or is this the local admin group
on the XP box?
Would you recommend upgrading to samba 3? I've got another issue
regarding BDC on a different subnet that doesn't seem to work properly
with XP and I'm wondering if samba 3 would handle that better. The
BDC gets its machine ID file and it's smbpasswd, etc/passwd, /etc/master.
passwd and the password databases from the master, but occasionally
you suddenly can't log in from the machines on the subnet where the
BDC lives. I think it's when the network latency between the main
site and the remote LAN is bad. Killing domain logons on the BDC fixes
it. Perhaps that is a reason to consider samba3?
Thanks,
Jim
More information about the samba
mailing list