On 07/12/15 16:51, Ole Traupe wrote:>
>>> drwxrwxr-x 2 root domain admins
>>> does not work an a member server without the user mapping or a bit
>>> different rights.
>>> So set Adminstrator:"domain admins" on this folder OR use
the user
>>> mapping.
>>
>> This would mean that you would have to give Administrator a
>> uidNumber, breaking the link between 'root' and
'Administrator'. Not
>> saying this is a bad idea, just that you should be aware of it.
>>
>> Rowland
>
> Just reading this accidentally and finding out that "id
Administrator"
> gives "id: Administrator: No such user" on all my machines,
including
> DCs, and member servers where I explicitly mapped Administrator to
> root. Looking into ADUC, it turns out that Administrator has a uid:
> "0". Does that mean that I did this at some point (can't
remember it).
> Any bad consequences, if I take NIS settings back for Administrator?
>
> Ole
>
>
There are two ways of mapping Administrator:
A) user a 'username map' line in smb.conf on a domain member, this will
point to a file similar to this:
!root = SAMDOM\Administrator SAMDOM\administrator
This will map the windows 'Administrator' to the Unix user
'root'
and you will be able to alter ACLs on Samba Unix
shares from windows.
B) Give Administrator a uidNumber, This would then make Administrator a
normal Unix user, so you would have to ensure that s/he had the required
permissions to change ACLs on a Samba Unix share from windows.
You pays your money and make your own choice which to use.
You can, at any time, remove anything that you have done to
Administrator and go back to Standard.
Rowland