-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Adam Tauno Williams wrote:
| Both NT4 and AD have special ways to create a basic
| domain user, then add the specific permission to join
| workstations to the domain. Can your creativity
| provide that type of an implementation for Samba?
|
| Isn't
Gerald (Jerry) Carter wrote:
I posted an experimental patch last week that allows domains admins
(defined by the group mapping) to join machines to the domain.
Hi Jerry-
Um, OK I'll be the security bigot since you are spending time in this code
right now.
I see a utility ID being created by the
Both NT4 and AD have special ways to create a basic domain user, then add the
specific permission to join workstations to the domain. Can your creativity
provide that type of an implementation for Samba?
Isn't this privilages? You can muck about with them a bit with rpcclient but
they don't
At least with Samba 3 you can specify an account or group allowed to be root
within Samba's mind. For example...
[global]
## NT Domain Related ##
admin users = @domadmin
Sets the Linux domadmin group as allowed to join boxes to the domain.
Do not set root as an invalid user as