[Samba] Samba3 Limitations?
Carlos Eduardo Pedroza Santiviago
carlos at pti.org.br
Fri Mar 18 14:29:39 GMT 2005
Hi,
Gerald (Jerry) Carter (jerry at samba.org) escrito:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Carlos Eduardo Pedroza Santiviago wrote:
>
> | - User Rights and Privileges: This is kinda new in latest
> | Samba release, 3.0.11, but doesn't implement yet
> | all NT4 funcionalities. Specifically here, they use the privileges
> | called "Log on as a service" and "Logon as a batch
> | job", and the others, too. I am not a NT4 master, but AFAIK,
> | this can be changed to local policies (in windows machines,
> | 2003 atm) insted of using the Domain ones. Am i right?
>
> Windows privileges are local to the machine on which they are assigned.
> The privlieges assigned on the Samba host have no relation to
> privileged on the local clients.
Yeah, but through "User Manager->Policies->User Rights". Aren't that rights
supposed to work with all domain computers?
>
> | - Local groups: AFAIK, NT4 Admins used them to ease the
> | administration of permissions ACLs, but how implement it
> | using Samba3+OpenLDAP? Or the only way is to change all
> | the local groups to domain groups and redo the acl stuff?
> | (the ntadmins will cry)
>
> Local groups on domain members ? or domain local groups on
> the DC's. I'm not sure exactly what you are asking for here.
> You can have domain local groups using the group mapping
> functionality, but IIRC domain local groups (in nt4) are only
> available between DC's.
Domain local groups, which could be created using User Manager? ("User->New
local group"). So samba implements that via group mapping (idmap with ldap
backend?)?
Thanks!
--
Carlos Eduardo Pedroza Santiviago - <carlos _AT_ pti.org.br>
Tel: 0xx45 5206359/6608 Visite: http://www.psl-trinacional.org
More information about the samba
mailing list