[Samba] Security question
Hamish
captainmish at gmx.net
Mon Jun 7 15:30:36 GMT 2004
What is your PDC running?
Derek Harkness wrote:
> Thanks!
>
> In my environment we have a small department that manages servers and
> the network, but we leave end user support to each department. So I
> need away of allowing the IT person in each department to add
> workstations, without giving them rights to shares, users, or
> workstations in other departments. How are others handling this?
>
> Would it be sufficient to add the limited number of users to the
> Domain Administrators group and then delete the add and delete entries
> out of the smb.conf. I'm assuming that domain admins would no longer
> be able to do anything in the domain, and direct access the smb.conf
> would be required.
>
> Thanks so much,
> Derek
>
> On Jun 7, 2004, at 10:29 AM, Hamish wrote:
>
>> Not sure how you would do it with samba as PDC, but you can add a GPO
>> in > server2000 -
>> allow users to join domain - userlist (this is not the exact wording)
>> This will allow users to supply their own usernames etc for joining
>> If you are using a samba PDC i remember there are some tools for GPO
>> type stuff...
>> Sorry a bit vague but it might help :)
>>
>> Derek Harkness wrote:
>>
>>> I've been googling for a while now and haven't found a decent answer
>>> to this question.
>>>
>>> How do I allow users to join the domain without handing out a domain
>>> admin level account? Is there someway to limit what other domain
>>> features this account has access to?
>>>
>>> Thanks,
>>> Derek
>>
>>
>>
> "This world is a comedy to those who think and a tragedy to those who
> feel."
More information about the samba
mailing list