[samba] create account that can join machines but not admin access
on domain
Gerald (Jerry) Carter
jerry at samba.org
Mon Nov 29 15:06:15 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Daniel Wilson wrote:
| MaTT wrote:
|
|> Hi Daniel... this is from the Samba Docs... will help
|>
|> One of my junior staff needs the ability to add machines to the
|> Domain, but I do not want to give him root access. How can we do this?
|>
|> Users who are members of the Domain Admins group can add machines to
|> the Domain. This group is mapped to the UNIX group account called root
|> (or equivalent on wheel on some UNIX systems) that has a GID of 0.
|> This must be the primary GID of the account of the user who is a
|> member of the Windows Domain Admins account.
The docs are wrong here. You have to have a uid of 0. We're
working on fixing this limitation soon. Hang in there.
cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBqzrnIR7qMdg1EfYRAmPWAJ9wYm4xV6jqfgg0rBFS1gygUlx/XACfagv+
DlRPrCKAy9IFaVk4G7ABFh4=
=X8XF
-----END PGP SIGNATURE-----
More information about the samba
mailing list