"Greg Kuchyt" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > If the user 'root' is added to samba/ldap and assigned to the "Domain > Admins" domain group, then 'root' is allowed domain administrator access > as it should be. If you create a new user account, say 'blinky', and add > 'blinky' to the "Domain Admins" group, 'blinky' does not have full > Domain Admin access. For example, 'blinky' cannot use the "USRMGR.EXE" > administration tool, while root can without any problem. However, > 'blinky' CAN remove a machine from the domain, but not add. > -- > Greg >
It sounds as it has to do with the Linux privileges. Try this: When you create a Samba user, the equivalent account is created in the /etc/passwd file. Add the Linux user account to the Linux root group. This will give the user root previliges. Here is some info. from the Samba How To: There is no safe way to provide access on a UNIX/Linux system without providing root level privilege. Provision of root privileges can be done wither by logging onto the Domain as the user root, or by permitting particular users to use a UNIX account that is a member of the UNIX group that has a GID=0 as the primary group in the /etc/passwd database. Users of such accounts can use tools like the NT4 Domain User Manager, and the NT4 Domain Server Manager to manage user and group accounts as well as Domain Member server and client accounts. This level of privilege is also needed to manage share level ACLs. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
