search for: unixadmins

Displaying 19 results from an estimated 19 matches for "unixadmins".

Did you mean: unixadmin
2015 Oct 29
3
Local Administrators (group) and delegation in AD
...ld be grateful if you could share your thoughts. >> >> /Davor >> > > How about this: > > ssh into the DC, either as root or as a user that can use sudo (you > can use kerberos, but I am not going into that here) > > Create the group: > samba-tool group add unixadmins --gid-number=GID_NUMBER > --nis-domain=NIS_DOMAIN > > Add the group to Administrators: > samba-tool group addmembers Administrators unixadmins > > Add the required users to unixadmins, they should get the same rights > as if they were directly members of Administrators. >...
2008 Apr 23
1
nested groups not working with sudo and winbind
Howdy folks, I'm having an issue with sudo not recognizing nested groups via AD and winbind. I have an AD group called UnixAdmins and when I ad and AD account *directly* into this group, I am able to use sudo just fine as it is in the sudoers. *but* say I have a nested group in UnixAdmins like CustomerUsers or whatnot it won't recognize. Now, I also restrict access via pam.d systems-auth to UnixAdmins, so I know that part...
2015 Oct 29
2
Local Administrators (group) and delegation in AD
...gt;>>> >>>> >>> How about this: >>> >>> ssh into the DC, either as root or as a user that can use sudo (you can >>> use kerberos, but I am not going into that here) >>> >>> Create the group: >>> samba-tool group add unixadmins --gid-number=GID_NUMBER >>> --nis-domain=NIS_DOMAIN >>> >>> Add the group to Administrators: >>> samba-tool group addmembers Administrators unixadmins >>> >>> Add the required users to unixadmins, they should get the same rights as >>>...
2015 Oct 29
0
Local Administrators (group) and delegation in AD
.... >>> >>> /Davor >>> >>> >> How about this: >> >> ssh into the DC, either as root or as a user that can use sudo (you can >> use kerberos, but I am not going into that here) >> >> Create the group: >> samba-tool group add unixadmins --gid-number=GID_NUMBER >> --nis-domain=NIS_DOMAIN >> >> Add the group to Administrators: >> samba-tool group addmembers Administrators unixadmins >> >> Add the required users to unixadmins, they should get the same rights as >> if they were directly member...
2015 Oct 30
2
Local Administrators (group) and delegation in AD
...>>> >>>>> ssh into the DC, either as root or as a user that can use sudo >>>>> (you can >>>>> use kerberos, but I am not going into that here) >>>>> >>>>> Create the group: >>>>> samba-tool group add unixadmins --gid-number=GID_NUMBER >>>>> --nis-domain=NIS_DOMAIN >>>>> >>>>> Add the group to Administrators: >>>>> samba-tool group addmembers Administrators unixadmins >>>>> >>>>> Add the required users to unixadmins,...
2015 Oct 29
0
Local Administrators (group) and delegation in AD
...gt; How about this: >>>> >>>> ssh into the DC, either as root or as a user that can use sudo (you >>>> can >>>> use kerberos, but I am not going into that here) >>>> >>>> Create the group: >>>> samba-tool group add unixadmins --gid-number=GID_NUMBER >>>> --nis-domain=NIS_DOMAIN >>>> >>>> Add the group to Administrators: >>>> samba-tool group addmembers Administrators unixadmins >>>> >>>> Add the required users to unixadmins, they should get the same...
2015 Oct 29
4
Local Administrators (group) and delegation in AD
On 2015-10-29 09:52, Rowland Penny wrote: > On 29/10/15 08:34, Davor Vusir wrote: >> Hi all! >> >> We have got many delegations in our AD. To add a certain >> administrator group to the local Administrators group you can use GPO >> for Windowsservers. As Samba does not understand GPO I have initially >> used the "username map" feature to add a
2015 Nov 03
0
Local Administrators (group) and delegation in AD
...;>>> ssh into the DC, either as root or as a user that can use sudo >>>>>> (you can >>>>>> use kerberos, but I am not going into that here) >>>>>> >>>>>> Create the group: >>>>>> samba-tool group add unixadmins --gid-number=GID_NUMBER >>>>>> --nis-domain=NIS_DOMAIN >>>>>> >>>>>> Add the group to Administrators: >>>>>> samba-tool group addmembers Administrators unixadmins >>>>>> >>>>>> Add the requir...
2015 Oct 29
0
Local Administrators (group) and delegation in AD
...t way than what I have described. > > I would be grateful if you could share your thoughts. > > /Davor > How about this: ssh into the DC, either as root or as a user that can use sudo (you can use kerberos, but I am not going into that here) Create the group: samba-tool group add unixadmins --gid-number=GID_NUMBER --nis-domain=NIS_DOMAIN Add the group to Administrators: samba-tool group addmembers Administrators unixadmins Add the required users to unixadmins, they should get the same rights as if they were directly members of Administrators. samba-tool group addmembers unixadmins...
2009 Apr 21
1
realizing virtual ssh_authorized_key
...managehome => true, } @ssh_authorized_key { "seph-2008": ensure => present, key => "...", type => "ssh-dss", name => "seph@macbook-2008", user => seph, } } class user::unixadmins inherits user::virtual { realize( User["seph"], ssh_authorized_key["seph-2008"], ) } node test { include user::unixadmins } I correctly get the user seph, but not the ssh authorized key. If I switch to a real ssh_authorized_key by removing the @,...
2011 Mar 30
8
trouble with my virtual user setup
...?H1", uid => "8050", comment => "Lucy Moore", gid => "100", home => "/home/lmoore", ensure => "present", shell => "/usr/bin/bash", managehome => true, } } # unixadmins.pp # # Realize the members of the Unix team and include any contractors class virtual_users::unixadmins inherits virtual_users::virtual { # Realize our team members realize( Group["users"], ) realize( User["lmoore"], ) } #init.pp #virtual...
2018 Feb 02
2
Samba 4.6.2 does not inherit setgid bit (anymore)
...tting_up_a_Share_Using_POSIX_ACLs > > > # chmod 700 /u01/test > # chown root:root /u01/test > # setfacl -m group::--- /u01/test > # setfacl -m default:group::--- /u01/test > # setfacl -m other::--- /u01/test > # setfacl -m default:other::--- /u01/test > # setfacl -m group:unixadmins:rwx /u01/test > # setfacl -m default:group:unixadmins:rwx /u01/test > > > smb.conf > >  [test] >   comment = test >   path = /u01/test >   read only = No >   inherit acls = yes > > > Dale
2007 Nov 21
3
Users w/o acl access appear to be subscribed to public folders (1.1b8)
I noticed this today, I had a user outside of our department test out dovecot. They were using squirrelmail and I noticed that dovecot thinks this user is subscribed to ALL public folders even though a dovecot ACL prevents all access. I'm pretty sure access is still denied. I was able to reproduce this with a guest account I added: l lsub "" "#shared/decs/%" * LSUB
2007 Oct 27
2
Segfault when opening a public folder, dovecot 1.1 beta4
I was trying to debug this with gdb, but I'm not sure how to make env MAIL=maildir:~/Maildir MAIL_PLUGINS=acl ACL=vfile gdb /tmp/imap understand the #shared/decs namespace from below so I can SELECT it. I have a number of maildirs under #ahared/decs, I tried opening at least 2 of them but dovecot gives sig 11 without a direct error about the problem. I don't think this was exactly the
2018 Jan 30
1
Samba 4.6.2 does not inherit setgid bit (anymore)
Hi Vincent, have you found a solution that makes "force directory mode = 2770" able to apply to new created folders ? I have a similar problem: if I set by hand (eg. chmod 2770) the folder A and then I try to create an X element into that folder through samba I get the result needed ( group of X become overriden from parent folder A ) but the problem is that the new element X not
2018 Feb 05
0
Samba 4.6.2 does not inherit setgid bit (anymore)
...t;> >> >> # chmod 700 /u01/test >> # chown root:root /u01/test >> # setfacl -m group::--- /u01/test >> # setfacl -m default:group::--- /u01/test >> # setfacl -m other::--- /u01/test >> # setfacl -m default:other::--- /u01/test >> # setfacl -m group:unixadmins:rwx /u01/test >> # setfacl -m default:group:unixadmins:rwx /u01/test >> >> >> smb.conf >> >>  [test] >>   comment = test >>   path = /u01/test >>   read only = No >>   inherit acls = yes >> >> >> Dale >
2007 Oct 27
2
dovecot 1.1b4 not listing public folder children
ACL plugin still disabled. The folders listed below definitely do have Children. telnet session problem example in 1.1b4: * OK Dovecot ready. ? login mcdouga9 password ? OK Logged in. 9 LIST "" "#shared/decs/%" * LIST (\HasNoChildren) "/" "#shared/decs/support" * LIST (\HasNoChildren) "/" "#shared/decs/receipts" * LIST (\HasNoChildren)
2010 Jun 30
7
augeas and sudo woes
...spec[last()]/host_group/command NOPASSWD: ALL", "set spec[last()]/host_group/command/runas_user ALL", ], } In that example, the command line looked like this: "set spec[last()]/host_group/command ALL", I added NOPASSWD: and it barfs with this message: err: //user::unixadmins/User::Virtual::Sudoer[joe]/Augeas[sudojoe]/ returns: change from need_to_run to 0 failed: Save failed with return code false The problem seems to be the colon '':'' since NOPASSWD:ALL also fails but this doesn''t error: "set spec[last()]/host_group/command NOPASSWD A...
2009 Nov 17
3
SSH Keys
Hi all, I want to use puppet to distribute keys to multiple users. I wanted to do something like we have already: - define a key per real person - define groups containing several keys, people can be in multiple groups - deploy these groups of keys to specific users however it looks like the ssh_authorized_key resource ties a key and a user together so it looks like I fall at the first