[Samba] Enforcing local profile doesn't let Home Directory mapping
Michael Heydon
michaelh at jaswin.com.au
Wed Aug 19 00:50:30 MDT 2009
Avinash Rao wrote:
> Also, is there a way i can control the file permission on the clients
> local harddrive from samba. For example, If a user A logs in to the
> samba domain, he will not have any access to the local hard drive, can
> we give permission from the samba, probably make that domain user a
> part of power users on the client machine.
>
Not directly, I use cpau in the login scripts to escalate to a domain
admin and as that user run a script which does things like add certain
domain groups to the local admins group. Just remember group membership
is worked out before the login scripts are run, so the user will have to
log out and back in for any changes to take affect.
It is a security risk (cpau doesn't encrypt the credentials, it uses
some secret encoding) so it isn't suitable for everyone, but it works
well for us.
*Michael Heydon - IT Administrator *
michaelh at jaswin.com.au <mailto:michaelh at jaswin.com.au>
More information about the samba
mailing list