[Samba] Non-root accounts cannot join the Samba PDC:s domain
Gerald (Jerry) Carter
jerry at samba.org
Sat Aug 26 01:17:52 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
BJörn Lindqvist wrote:
> Thank you, it works! With some caveats. I had
> to turn permissions on in samba.conf, then
> the net rpc rights grant syntax seem to be
> "unstable." This doesn't work:
>
> net rpc rights grant username SeMachineAccountPrivilege
You have to fully qualify names. That's not an unstable
syntax....
> Instead of username you are supposed to use
> some DOMAIN/username syntax I haven't figured out.
> Howerver, I was able to allow everyone
> to join the domain with:
>
> net rpc rights grant Everybody SeMachineAccountPrivilege
This is a security hole. I really would recommend
against this. It's about the same as 'guest account = root'.
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE76FAIR7qMdg1EfYRAuFoAJ9/KxpGIlrqUBNxqgHJ9IW3AIjgmwCg07IN
/zX1KejGMTGcF+2aT/msYdU=
=x+zo
-----END PGP SIGNATURE-----
More information about the samba
mailing list