On Thu, 2003-02-20 at 21:29, Ken Cross wrote: > Andrew: > > You've a valid point that the domain isn't checked (although it's > probably still correct for Enterprise Admins). > > The idea was to do it automatically. Adding Domain Admins to admin > users in smb.conf would have the correct results unless somebody forgets > to do it. This is especially true if the domain changes. Hence the > hack. > > Since we're trying to emulate a Windows environment, Windows admins > expect to have certain privileges. Is there a better way to do this > automatically?
Well, I assume your smb.conf file is automatically generated to some extent, so just extend that. (I assume you set 'workgroup' from some other interface, for example). However, NT admins do not have 'root' power over their system. That is reserved for 'System'. NT admins have their power due to ACLs and privileges. The privileges part is being worked on, but a more limited hack has been employed by other NAS vendors to give 'change ownership' permissions. The rest is up to what ACLs you set on your file system. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part