[Samba] Security question
dharknes at umd.umich.edu
Mon Jun 7 15:40:32 GMT 2004
Samba 2.2 currently but I will be upgrading it to Samba 3.
On Jun 7, 2004, at 11:30 AM, Hamish wrote:
> What is your PDC running?
> Derek Harkness wrote:
>> In my environment we have a small department that manages servers and
>> the network, but we leave end user support to each department. So I
>> need away of allowing the IT person in each department to add
>> workstations, without giving them rights to shares, users, or
>> workstations in other departments. How are others handling this?
>> Would it be sufficient to add the limited number of users to the
>> Domain Administrators group and then delete the add and delete
>> entries out of the smb.conf. I'm assuming that domain admins would
>> no longer be able to do anything in the domain, and direct access the
>> smb.conf would be required.
>> Thanks so much,
>> On Jun 7, 2004, at 10:29 AM, Hamish wrote:
>>> Not sure how you would do it with samba as PDC, but you can add a
>>> GPO in > server2000 -
>>> allow users to join domain - userlist (this is not the exact wording)
>>> This will allow users to supply their own usernames etc for joining
>>> If you are using a samba PDC i remember there are some tools for GPO
>>> type stuff...
>>> Sorry a bit vague but it might help :)
>>> Derek Harkness wrote:
>>>> I've been googling for a while now and haven't found a decent
>>>> answer to this question.
>>>> How do I allow users to join the domain without handing out a
>>>> domain admin level account? Is there someway to limit what other
>>>> domain features this account has access to?
>> "This world is a comedy to those who think and a tragedy to those who
"This world is a comedy to those who think and a tragedy to those who
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040607/215cfc94/PGP.bin
More information about the samba