[Samba] domain admin
Alexander Goeres
agoeres at lieblinx.net
Wed Feb 18 18:17:32 GMT 2004
Am Mittwoch, 18. Februar 2004 18:28 schrieb garvald at bluemail.ch:
> i'm running samba-3.0.2 on a redhat 9 box with windows 2003. I've got a
> samba pdc up and running. I want a user to have domain admin privilidges.
> With samba 2.2.8a and windows 2000 this was easily accomplished with the
> following entry in [global]
>
> domain admin group = garvald
>
> this had the effect that garvald had full administrator rights upon logging
> into windows2000 through the samba pdc.
> This does not work with samba 3.0.2/windows2003
>
> this doesnt work either:
>
> [global]
> admin users = garvald
According to what I've understood, you can make a group the admin group and
you have to map this group to the nt group "domain admins"
Here's what my config looks like:
admin users = +root
the mapping was done with:
net groupmap add ntgroup="Domain Admins" unixgroup=root
And any admin user should be member of root and via pdbedit (in my case) also
a samba user.
>
> so, can someone tell me how i give a user full domain administrator
> priviledges through a samba 3.0.2 PDC on windows2003 ? i've been searching
> and trying for about 11 hours now...to no avail..
>
> thanks
> garvald
greetings
Alexander
--
Netzwerk- & Systemadministrator
-------------------------------------------
agoeres _at_ lieblinx.net
tel.: +49 (0)30 / 61 20 26 87
fax: +49 (0)30 / 61 20 26 89
-------------------------------------------
lieblinxNET
we do software
a Marwood & Thiele GbR
-------------------------------------------
reichenberger straße 125
10999 Berlin
http://lieblinx.net
-------------------------------------------
More information about the samba
mailing list