[Samba] What makes an account is DOMAIN ADMINISTRATOR?
Ryan Novosielski
novosirj at umdnj.edu
Sat Jul 26 16:40:44 GMT 2003
Has anyone successfully created a second UID 0 user and have it work? I
tried to do this, and I get errors that go something like "this is a
computer account, not a login account" or whatever that generic "something
went wrong" error message is during the domain join process.
Did you do anything special if you are someone that DOES have this
working?
---- _ _ _ _ ___ _ _ _
|Y#| | | |\/| | \ |\ | | | Ryan Novosielski - Jr. UNIX Systems Admin
|$&| |__| | | |__/ | \| _| | novosirj at umdnj.edu - 973/972.0922 (2-0922)
\__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630
On Fri, 25 Jul 2003, Felipe Alfaro Solana wrote:
> On Fri, 2003-07-25 at 12:41, Beast wrote:
>
> > > The easiest way is to create an "Administrator" user in Samba and assign
> > > it a UID of 0. Then, when joining your Windows machine to the domain,
> > > use that "Administrator" user.
> >
> > Tks felipe,
> > But why it needs to be root (or uid=0), is it because it needs to open
> > /etc/samba/smbpasswd?
> > What if i'm using ldap, can I use ordinary user and bind as
> > ldapmanager?
> >
> > This is required for me because I will use ldap backend but I don't
> > want to create root account in ldap which if it's compromised, it can
> > do anything to *all* workstation.
<snip>
> To secure you "Administrator" Samba user, assign it a UID of 0, a
> different password from your "root" unix user, and specify "/dev/null"
> as the home directory and login shell.
>
> Isn't this curious? :-)
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list