[Samba] machine account with w2k
brian at krusic.com
Thu Sep 9 15:36:24 GMT 2004
> The Domain Admin user "domadmin" must have the root-policies on the
> /etc/passwd like this:
This is incorrect as you should never have users with identical uids.
You should mod the entry in etc/group to add your domadmin user to the root
group. This gives it root privs.
> In my opinion it is not fine, because it is a security-hole,
Only someone of root or admin privs should be able to initially join domains
for if any one could, then a potential hacker to do so w/o admin/root privs
and attain further domain trust by doing so.
More information about the samba