[Samba] Samba3 Limitations?

Carlos Eduardo Pedroza Santiviago carlos at pti.org.br
Fri Mar 18 14:29:39 GMT 2005


Gerald (Jerry) Carter (jerry at samba.org) escrito:
> Hash: SHA1
> Carlos Eduardo Pedroza Santiviago wrote:
> | - User Rights and Privileges: This is kinda new in latest
> | Samba release, 3.0.11, but doesn't implement yet
> | all NT4 funcionalities. Specifically here, they use the privileges
> | called "Log on as a service" and "Logon as a batch
> | job", and the others, too. I am not a NT4 master, but AFAIK,
> | this can be changed to local policies (in windows machines,
> | 2003 atm) insted of using the Domain ones. Am i right?
> Windows privileges are local to the machine on which they are assigned.
> The privlieges assigned on the Samba host have no relation to
> privileged on the local clients.

Yeah, but through "User Manager->Policies->User Rights". Aren't that rights
supposed to work with all domain computers?

> | - Local groups: AFAIK, NT4 Admins used them to ease the
> | administration of permissions ACLs, but how implement it
> | using Samba3+OpenLDAP? Or the only way is to change all
> | the local groups to domain groups and redo the acl stuff?
> | (the ntadmins will cry)
> Local groups on domain members ?  or domain local groups on
> the DC's.  I'm not sure exactly what you are asking for here.
> You can have domain local groups using the group mapping
> functionality, but IIRC domain local groups (in nt4) are only
> available between DC's.

Domain local groups, which could be created using User Manager? ("User->New
local group"). So samba implements that via group mapping (idmap with ldap


Carlos Eduardo Pedroza Santiviago - <carlos _AT_ pti.org.br>
Tel: 0xx45 5206359/6608 Visite: http://www.psl-trinacional.org

More information about the samba mailing list