Hi All, I added Linux machines to my AD domain (Windows 2000 native domain) and have the following problems / questions: 1 - How can I set the shell per user? (I know how to set per computer on the smb.conf "template shell = /bin/sh", I have few users that work on the same machine and use different shells) 2 - I noticed that if you logon as root, you can do SU to each user on the Active Directory, without providing password. How can block this or force to provide the user password? Thanks In Advanced! Nir B
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nir B wrote: | 1 - How can I set the shell per user? You can't currently unless the compat NSS service would allow you to override the shell for a given user. | 2 - I noticed that if you logon as root, you can do SU | to each user on the Active Directory, without | providing password. How can block this or force to | provide the user password? Fix the pam config for the su service. There's probably a pam_rootok.so entry if memory serves correctly. cheers, jerry ====================================================================Alleviating the pain of Windows(tm) ------- http://www.samba.org GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc "I never saved anything for the swim back." Ethan Hawk in Gattaca -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCgM/yIR7qMdg1EfYRAgo1AKDR/WDODEdzVooBhFvO5jtbuK86mwCfRyED QuPDcATZCFnd5i9ATge6adQ=R6X7 -----END PGP SIGNATURE-----