[Samba] Administering a Linux domain member in a NT domain,
as a "Domain Admin"
Kevin Weslowski
kweslowski at mcnairbd.com
Fri Apr 30 17:15:08 GMT 2004
Hello,
After following the winbind-related steps in the SAMBA 3 howto, I was
able to achieve console logins on the Linux workstation by any domain
user; Great!
Now, I've come to the issue of expecting that a "Domain Admin" should be
able to administer the Linux workstation much like a "Domain Admin"
administers a Windows workstation on a domain. I've seen several
examples where the domain admin users are added to the "root" group for
the Linux workstation; the problem is, that most files/commands on the
(Fedora) Linux workstation are, by default, "usable" only by the root
user and not by the root group; i.e.
/etc/passwd has file permissions: -rw-r--r--
Therefore, the root user can write to it but the root group can't;
One thing I thought of was to run a script that updates the system so
that all files owned by root are changed so that the root group has the
same permissions as the root user for that file...but I don't think
that's a good solution because I'll probably have to run that script
every time I install something new.
Has anyone got suggestions/ideas/comments?
Kevin
More information about the samba
mailing list