Hi All, Anybody could tell me why the user who is able to join a machine into the domain has to has uid=0. is it possible to has more administrators?
William E Jojo
2011-Jan-10 12:05 UTC
[Samba] why the domain administrator has to has uid 0?
Look at: net rpc rights grant username SeMachineAccountPrivilege This will add users to the account_policy.tdb file with join rights in that domain. When you upgrade or move to another machine, be sure to bring this file along. Be sure to read Chapter 15 in the Samba HOWTO-Collection for more information. Cheers, Bill ----- Original Message -----> From: "sisu ." <npillao at hotmail.com> > To: samba at lists.samba.org > Sent: Monday, January 10, 2011 6:50:11 AM > Subject: [Samba] why the domain administrator has to has uid 0? > Hi All, > > Anybody could tell me why the user who is able to join a machine into > the domain has to has uid=0. is it possible to has more > administrators? > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba
Bruce Richardson
2011-Jan-10 12:28 UTC
[Samba] why the domain administrator has to has uid 0?
On Mon, Jan 10, 2011 at 07:05:54AM -0500, William E Jojo wrote:> > Look at: > > net rpc rights grant username SeMachineAccountPrivilege > > This will add users to the account_policy.tdb file with join rights in that domain. When you upgrade or move to another machine, be sure to bring this file along.For those of us using an LDAP backend on our Samba domains, this is the kind of setting which should be stored in LDAP as well. Is there any support for that at the moment? -- Bruce I must admit that the existence of Disneyland (which I know is real) proves that we are not living in Judea in AD 50. -- Philip K. Dick
TAKAHASHI Motonobu
2011-Jan-10 12:58 UTC
[Samba] why the domain administrator has to has uid 0?
>> Hi All, >> >> Anybody could tell me why the user who is able to join a machine into >> the domain has to has uid=0. is it possible to has more >> administrators?2011/1/10 William E Jojo <w.jojo at hvcc.edu>:> Look at: > > net rpc rights grant username SeMachineAccountPrivilege > > This will add users to the account_policy.tdb file with join rights in that domain. When you upgrade or move to another machine, be sure to bring this file along.If you do not want to use user rights, ----- [ipc$] admin users = admin, admin2, ... ----- or simply ----- [global] admin users = admin, admin2, ... ----- should work. --- TAKAHASHI Motonobu <monyo at samba.gr.jp>
Christ Schlacta
2011-Jan-10 18:41 UTC
[Samba] why the domain administrator has to has uid 0?
On 1/10/2011 03:50, sisu . wrote:> Hi All, > > Anybody could tell me why the user who is able to join a machine into the domain has to has uid=0. is it possible to has more administrators? >you can add administrators to a group Administrators, and they can then add users to the domain