[Samba] Re: Cannot get DOMAIN ADMINS to work

Michael Lueck mlueck at lueckdatasystems.com
Fri Dec 10 14:35:06 GMT 2004


Heinrich Rebehn wrote:

The last handled first...

> PS: winbindd is not running. Do i need it?

As far as I can tell, this is to have Linux logins utilize the Samba security back end vs the Linux security. Some shops are forced to have AD as their master master master security... thus Unix/Linux 
boxes must look to that for authentication... thus winbindd.

Security... I'd suggest reviewing my KLUG presentation on Samba 3 PDC setup. It was developed for Win2K but WinXP is not that far off. I'd also suggest getting the M$ ifmember.exe tool and issue it 
with the /list option to better understand what is going on at the workstation side. It helped me debug security oddities.

ftp://ftp.lueckdatasystems.com/pub/presentations/klugsamba3pdc-bookreview.pdf

I specifically did NOT want domain admins to always be workstations admins, thus I break those ties. Your choice on how to handle that point.

-- 
Michael Lueck
Lueck Data Systems

Remove the upper case letters NOSPAM to contact me directly.



More information about the samba mailing list