Displaying 19 results from an estimated 19 matches for "unixadmins".
Did you mean:
unixadmin
2015 Oct 29
3
Local Administrators (group) and delegation in AD
...ld be grateful if you could share your thoughts.
>>
>> /Davor
>>
>
> How about this:
>
> ssh into the DC, either as root or as a user that can use sudo (you
> can use kerberos, but I am not going into that here)
>
> Create the group:
> samba-tool group add unixadmins --gid-number=GID_NUMBER
> --nis-domain=NIS_DOMAIN
>
> Add the group to Administrators:
> samba-tool group addmembers Administrators unixadmins
>
> Add the required users to unixadmins, they should get the same rights
> as if they were directly members of Administrators.
>...
2008 Apr 23
1
nested groups not working with sudo and winbind
Howdy folks,
I'm having an issue with sudo not recognizing nested groups
via AD and winbind. I have an AD group called UnixAdmins and
when I ad and AD account *directly* into this group, I am able
to use sudo just fine as it is in the sudoers. *but* say I
have a nested group in UnixAdmins like CustomerUsers or whatnot
it won't recognize. Now, I also restrict access via pam.d systems-auth
to UnixAdmins, so I know that part...
2015 Oct 29
2
Local Administrators (group) and delegation in AD
...gt;>>>
>>>>
>>> How about this:
>>>
>>> ssh into the DC, either as root or as a user that can use sudo (you can
>>> use kerberos, but I am not going into that here)
>>>
>>> Create the group:
>>> samba-tool group add unixadmins --gid-number=GID_NUMBER
>>> --nis-domain=NIS_DOMAIN
>>>
>>> Add the group to Administrators:
>>> samba-tool group addmembers Administrators unixadmins
>>>
>>> Add the required users to unixadmins, they should get the same rights as
>>>...
2015 Oct 29
0
Local Administrators (group) and delegation in AD
....
>>>
>>> /Davor
>>>
>>>
>> How about this:
>>
>> ssh into the DC, either as root or as a user that can use sudo (you can
>> use kerberos, but I am not going into that here)
>>
>> Create the group:
>> samba-tool group add unixadmins --gid-number=GID_NUMBER
>> --nis-domain=NIS_DOMAIN
>>
>> Add the group to Administrators:
>> samba-tool group addmembers Administrators unixadmins
>>
>> Add the required users to unixadmins, they should get the same rights as
>> if they were directly member...
2015 Oct 30
2
Local Administrators (group) and delegation in AD
...>>>
>>>>> ssh into the DC, either as root or as a user that can use sudo
>>>>> (you can
>>>>> use kerberos, but I am not going into that here)
>>>>>
>>>>> Create the group:
>>>>> samba-tool group add unixadmins --gid-number=GID_NUMBER
>>>>> --nis-domain=NIS_DOMAIN
>>>>>
>>>>> Add the group to Administrators:
>>>>> samba-tool group addmembers Administrators unixadmins
>>>>>
>>>>> Add the required users to unixadmins,...
2015 Oct 29
0
Local Administrators (group) and delegation in AD
...gt; How about this:
>>>>
>>>> ssh into the DC, either as root or as a user that can use sudo (you
>>>> can
>>>> use kerberos, but I am not going into that here)
>>>>
>>>> Create the group:
>>>> samba-tool group add unixadmins --gid-number=GID_NUMBER
>>>> --nis-domain=NIS_DOMAIN
>>>>
>>>> Add the group to Administrators:
>>>> samba-tool group addmembers Administrators unixadmins
>>>>
>>>> Add the required users to unixadmins, they should get the same...
2015 Oct 29
4
Local Administrators (group) and delegation in AD
On 2015-10-29 09:52, Rowland Penny wrote:
> On 29/10/15 08:34, Davor Vusir wrote:
>> Hi all!
>>
>> We have got many delegations in our AD. To add a certain
>> administrator group to the local Administrators group you can use GPO
>> for Windowsservers. As Samba does not understand GPO I have initially
>> used the "username map" feature to add a
2015 Nov 03
0
Local Administrators (group) and delegation in AD
...;>>> ssh into the DC, either as root or as a user that can use sudo
>>>>>> (you can
>>>>>> use kerberos, but I am not going into that here)
>>>>>>
>>>>>> Create the group:
>>>>>> samba-tool group add unixadmins --gid-number=GID_NUMBER
>>>>>> --nis-domain=NIS_DOMAIN
>>>>>>
>>>>>> Add the group to Administrators:
>>>>>> samba-tool group addmembers Administrators unixadmins
>>>>>>
>>>>>> Add the requir...
2015 Oct 29
0
Local Administrators (group) and delegation in AD
...t way than what I have described.
>
> I would be grateful if you could share your thoughts.
>
> /Davor
>
How about this:
ssh into the DC, either as root or as a user that can use sudo (you can
use kerberos, but I am not going into that here)
Create the group:
samba-tool group add unixadmins --gid-number=GID_NUMBER
--nis-domain=NIS_DOMAIN
Add the group to Administrators:
samba-tool group addmembers Administrators unixadmins
Add the required users to unixadmins, they should get the same rights as
if they were directly members of Administrators.
samba-tool group addmembers unixadmins...
2009 Apr 21
1
realizing virtual ssh_authorized_key
...managehome => true,
}
@ssh_authorized_key { "seph-2008":
ensure => present,
key => "...",
type => "ssh-dss",
name => "seph@macbook-2008",
user => seph,
}
}
class user::unixadmins inherits user::virtual {
realize(
User["seph"],
ssh_authorized_key["seph-2008"],
)
}
node test {
include user::unixadmins
}
I correctly get the user seph, but not the ssh authorized key. If I
switch to a real ssh_authorized_key by removing the @,...
2011 Mar 30
8
trouble with my virtual user setup
...?H1",
uid => "8050",
comment => "Lucy Moore",
gid => "100",
home => "/home/lmoore",
ensure => "present",
shell => "/usr/bin/bash",
managehome => true,
}
}
# unixadmins.pp
#
# Realize the members of the Unix team and include any contractors
class virtual_users::unixadmins inherits virtual_users::virtual {
# Realize our team members
realize(
Group["users"],
)
realize(
User["lmoore"],
)
}
#init.pp
#virtual...
2018 Feb 02
2
Samba 4.6.2 does not inherit setgid bit (anymore)
...tting_up_a_Share_Using_POSIX_ACLs
>
>
> # chmod 700 /u01/test
> # chown root:root /u01/test
> # setfacl -m group::--- /u01/test
> # setfacl -m default:group::--- /u01/test
> # setfacl -m other::--- /u01/test
> # setfacl -m default:other::--- /u01/test
> # setfacl -m group:unixadmins:rwx /u01/test
> # setfacl -m default:group:unixadmins:rwx /u01/test
>
>
> smb.conf
>
> [test]
> comment = test
> path = /u01/test
> read only = No
> inherit acls = yes
>
>
> Dale
2007 Nov 21
3
Users w/o acl access appear to be subscribed to public folders (1.1b8)
I noticed this today, I had a user outside of our department test out
dovecot. They were using squirrelmail and I noticed that dovecot thinks
this user is subscribed to ALL public folders even though a dovecot
ACL prevents all access. I'm pretty sure access is still denied.
I was able to reproduce this with a guest account I added:
l lsub "" "#shared/decs/%"
* LSUB
2007 Oct 27
2
Segfault when opening a public folder, dovecot 1.1 beta4
I was trying to debug this with gdb, but I'm not sure how to make
env MAIL=maildir:~/Maildir MAIL_PLUGINS=acl ACL=vfile gdb /tmp/imap
understand the #shared/decs namespace from below so I can SELECT it.
I have a number of maildirs under #ahared/decs, I tried opening at least
2 of them but dovecot gives sig 11 without a direct error about the problem.
I don't think this was exactly the
2018 Jan 30
1
Samba 4.6.2 does not inherit setgid bit (anymore)
Hi Vincent,
have you found a solution that makes "force directory mode = 2770" able
to apply to new created folders ?
I have a similar problem:
if I set by hand (eg. chmod 2770) the folder A and then I try to create
an X element into that folder through samba I get the result needed (
group of X become overriden from parent folder A ) but the problem is
that the new element X not
2018 Feb 05
0
Samba 4.6.2 does not inherit setgid bit (anymore)
...t;>
>>
>> # chmod 700 /u01/test
>> # chown root:root /u01/test
>> # setfacl -m group::--- /u01/test
>> # setfacl -m default:group::--- /u01/test
>> # setfacl -m other::--- /u01/test
>> # setfacl -m default:other::--- /u01/test
>> # setfacl -m group:unixadmins:rwx /u01/test
>> # setfacl -m default:group:unixadmins:rwx /u01/test
>>
>>
>> smb.conf
>>
>> [test]
>> comment = test
>> path = /u01/test
>> read only = No
>> inherit acls = yes
>>
>>
>> Dale
>
2007 Oct 27
2
dovecot 1.1b4 not listing public folder children
ACL plugin still disabled. The folders listed below definitely do have Children.
telnet session problem example in 1.1b4:
* OK Dovecot ready.
? login mcdouga9 password
? OK Logged in.
9 LIST "" "#shared/decs/%"
* LIST (\HasNoChildren) "/" "#shared/decs/support"
* LIST (\HasNoChildren) "/" "#shared/decs/receipts"
* LIST (\HasNoChildren)
2010 Jun 30
7
augeas and sudo woes
...spec[last()]/host_group/command NOPASSWD: ALL",
"set spec[last()]/host_group/command/runas_user ALL",
],
}
In that example, the command line looked like this:
"set spec[last()]/host_group/command ALL",
I added NOPASSWD: and it barfs with this message:
err: //user::unixadmins/User::Virtual::Sudoer[joe]/Augeas[sudojoe]/
returns: change from need_to_run to 0 failed: Save failed with return
code false
The problem seems to be the colon '':'' since NOPASSWD:ALL also fails
but this doesn''t error:
"set spec[last()]/host_group/command NOPASSWD A...
2009 Nov 17
3
SSH Keys
Hi all,
I want to use puppet to distribute keys to multiple users. I wanted
to do something like we have already:
- define a key per real person
- define groups containing several keys, people can be in multiple
groups
- deploy these groups of keys to specific users
however it looks like the ssh_authorized_key resource ties a key and a
user together so it looks like I fall at the first