[Samba] Administrator rights in Samba3?
geza at kzsdabas.sulinet.hu
Fri Oct 10 14:58:58 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Eivind Trondsen írta:
| Dear list
| What exactly does it take to give a user administrator rights in Samba3?
| I have a user who is in the Domain Admin group (which is mapped to a
| unix group) and who is also Domain Administrator (by having the last
| of the SID set to 500.
| He is still not allowed to add computers to the domain.
| What am I doing wrong?
As I know, because of the security of UNIX systems only users with
uid=0, typicaly called root are allowed to manipulate user accounts.
Because machine accounts also require a passwd (or LDAP corespondent)
entry, SAMBA follows this policy, so the only users alowed to ad
machines are those with uid=0, so you will need to have root in
smbpasswd or equivalent.
Another issue group SID must end in
512 to be Domain Admins in eyes of Windows!
513 to be Domain Users in eyes of Windows!
514 to be Domain Guests in eyes of Windows!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba