[samba] create account that can join machines but not admin access on domain

Gerald (Jerry) Carter jerry at samba.org
Mon Nov 29 15:06:15 GMT 2004

Hash: SHA1

Daniel Wilson wrote:
| MaTT wrote:
|> Hi Daniel... this is from the Samba Docs... will help
|>  One of my junior staff needs the ability to add machines to the
|> Domain, but I do not want to give him root access. How can we do this?
|> Users who are members of the Domain Admins group can add machines to
|> the Domain. This group is mapped to the UNIX group account called root
|> (or equivalent on wheel on some UNIX systems) that has a GID of 0.
|> This must be the primary GID of the account of the user who is a
|> member of the Windows Domain Admins account.

The docs are wrong here.  You have to have a uid of 0.  We're
working on fixing this limitation soon.  Hang in there.

cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org


More information about the samba mailing list