[Samba] Few questions on configuring Samba as a PDC
jstone1999 at gmail.com
Fri Sep 26 19:34:31 GMT 2008
I'm not sure about your response but I research it shortly.
In regards to John's response, I did change it slightly (I am trying to not
net groupmap add ntgroup="Domain Admins" unixgroup=domainadmins
net groupmap add ntgroup="Domain Users" unixgroup=domainusers
net groupmap add ntgroup="Domain Guests" unixgroup=nogroup
I have then added two people into the domainadmins group (which I created)
and 1 person into the domainusers group. The users on the domainadmins
group can connect to the domain (if I use the root user to add them which I
want to change) but they cannot save their profiles.
I belive this is due to the permissions on the folders:
rwxrwxr-x 2 root domainusers 4096 2008-09-25 12:43 netlogon
drwxrwxr-x 3 root domainusers 4096 2008-09-26 01:40 profiles
I could see how it would work if I kept things as they are as domain admins
would be in the root group and would have access to the folder but since I
am tryig to not use the root group I am at a loss how to set the permissions
on these folders.
I haven't been able to try the user that is in the domainusers group as that
use runs Kubuntu and I'm not sure how to add a Linux machine onto the
Thanks for both your responses! Again, the main goal is to setup a PDC with
roaming profiles without the use of the root account or root group.
On Fri, Sep 26, 2008 at 11:18 AM, David Markey <admin at dmarkey.com> wrote:
> net rpc rights grant <username> SeMachineAccountPrivilege
> On Fri, Sep 26, 2008 at 7:11 PM, John Drescher <drescherjm at gmail.com>wrote:
>> On Fri, Sep 26, 2008 at 1:59 PM, Jesse Stone <jstone1999 at gmail.com>
>> > Please don't flame me. I did attempt to search before posting this
>> > (through Gmail), if there's a better way, please let me know!
>> > I followed this article for implementing a Samba PDC:
>> > http://www.howtoforge.com/samba_setup_ubuntu_5.10_p4
>> > Question 1) The only accout that appears to be able to add an account
>> > the domain is the root account. There must be a way to change that to a
>> > standard account. I'm using Ubuntu and do not use the root account for
>> > anything.
>> > I've tried changing "root = Administrator" in /etc/samba/smbusers to
>> > "otheruser = Administrator" but that doesn't seem to do it.
>> Did you do this:
>> net groupmap modify ntgroup="Domain Admins" unixgroup=root
>> net groupmap modify ntgroup="Domain Users" unixgroup=users
>> net groupmap modify ntgroup="Domain Guests" unixgroup=nogroup
>> And assign users to the Domain Admins group?
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba