[Samba] need of a user root in ldap ?

John H Terpstra jht at samba.org
Tue Sep 16 14:45:01 GMT 2003

On Tue, 16 Sep 2003, Markus Schabel wrote:

> John H Terpstra wrote:
> > On Tue, 16 Sep 2003, Antoine Jacoutot wrote:
> >
> >
> >>Hi !
> >>
> >>Is there the need for a root account when using samba-3.0+ldap ?
> >>I'm asking this because I cannot add XP workstations to the domain (I
> >>made the registry changes), I get an "access denied". Under NT, there's
> >>no problem, it does not even ask for a login/password as long as the
> >>workstation account is created in samba. With XP, I use a user account
> >>who is also part of the admins group, but as I said, I get an access denied.
> >>Any idea ?
> >
> >
> > Yes. The account you use to add machines has to have uid=0. ie: root.
> Is this *really* needed if the machine accounts are stored in LDAP? For
> writing /etc/passwd you need to be root, but for writing LDAP you
> usually don't need to be root... You only need to have execute
> permissions for the machine-add script...
> As Andrew said, you have to be domain admin (that means ...-500 as SID),
> but root??

As Andrew says, "Try it, why ask?" Let us know ow it goes.

- John T.
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list