BACQUEZ escreveu:
>From : Edmundo Valle Neto
The point is, %anything is not recognised inside a script.
But, yes, adduser is a little different in Debian, it doesnt have "-M"
option, for example.
If you look at "Samba by Example" you will find something like that:
add machine script = /usr/sbin/useradd -s /bin/false/ -d /dev/null '%u'
"add machine script = /usr/sbin/useradd -s /bin/false/ -d /dev/null '%m'"
Work. But one thing : you must put this line in the first line of [global],
or the script will be done after the domain's enter try.
Thank you.
The order of the lines inside a section doesnt make difference.
And read that about %m:
http://lists.samba.org/archive/samba/2005-November/114366.html
Again, the history of the list is very usefull, and you should expect
correct information when you see something posted by any developer :)
This is the only work that must be done by the add machine script here,
the samba account will be created when the client is joined (with the
root account or any other account that have privileges to do that).
This is used to configure accounts other that root to join clients, for
example.
I will try this line today.
I dont understood what do you mean by "your share", but...
Share = domain.. sorry i twas a mistake.
If you dont
want to enter with a local administrator account to manage network
settings and domain join/unjoin, you can put the users inside the group
"Domain Administrators" that this group will be added to the local
administrators group of the machine when joined, well, it depends of how
did you created your default groups and SIDs. Or create a group in samba
put some users inside it an make this group belong to the local
administrator group in every machine, then the domain accounts will have
local administrative right in those workstations. Simple.
If i understand what you say, I have to create a group who I put the users.
But how can i attribute the local administrator for this group?
When you join a workstation in a domain you will must have a local
administrator account on that machine as the machine doesnt know of
domain accounts. About the group, you will not attribute anything, a
group (normally called Domain Administrators) with the right SID (that
is one of the "well known domain groups") is inserted automatically in
the "Administrators" group locally on the machine when joined into the
domain, or you can make it by hand with any group you want (putting that
group inside the "Administrators" group of the machine).
Edmundo Valle Neto
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
