[Samba] Domain Admins don't have enough privileges
Bostjan Müller
neonatus at gmail.com
Mon Dec 27 13:56:53 GMT 2004
Hi everyone,
I am trying to create a couple users (not root) who would be in Domain
Admins group, and would have the permissions to add machine to domain.
I can confirm that locally (I used sudo without password) as any of
the users of ntadm group, and each and everyone of them can add a user
to the passwd file.
They are also local admins on NT/200X/XP machines when they log in on
windows side, but neither of them can add a machine to domain via the
windows GUI.
The only user that can do that is the user root.
I have googled a lot, and all I could find was the user has to be
Domain Admin, and he has to have the unix rights to add the machine
account.
Can someone please explain to me what else has to be done for this to work?
THX in advance,
Bostjan
--
buhdej evridej
More information about the samba
mailing list