diff options
author | David O'Neill <dmo@samba.org> | 2001-01-05 17:50:50 +0000 |
---|---|---|
committer | David O'Neill <dmo@samba.org> | 2001-01-05 17:50:50 +0000 |
commit | fbe0299e54df9173859182fad0071c7a3217b403 (patch) | |
tree | e161a13114818b852d02797a3913395851beb19d /docs/textdocs/samba-pdc-howto.txt | |
parent | b6e811b90bf8cc6ca440ffedd210e5b16df555b2 (diff) | |
download | samba-fbe0299e54df9173859182fad0071c7a3217b403.tar.gz samba-fbe0299e54df9173859182fad0071c7a3217b403.tar.bz2 samba-fbe0299e54df9173859182fad0071c7a3217b403.zip |
Merge of documentation updates to HEAD. These got missed somewhere along
the way.
(This used to be commit afad150bacfd02ec83c57ea9ba9152ff59fb7eee)
Diffstat (limited to 'docs/textdocs/samba-pdc-howto.txt')
-rw-r--r-- | docs/textdocs/samba-pdc-howto.txt | 33 |
1 files changed, 21 insertions, 12 deletions
diff --git a/docs/textdocs/samba-pdc-howto.txt b/docs/textdocs/samba-pdc-howto.txt index 0073d2947b..5ed15cdf4a 100644 --- a/docs/textdocs/samba-pdc-howto.txt +++ b/docs/textdocs/samba-pdc-howto.txt @@ -7,7 +7,7 @@ David Bannon _________________________________________________________________ _________________________________________________________________ - Comments, corrections and additions to <D.Bannon@latrobe.edu.au> + Comments, corrections and additions to <dbannon@samba.org> This document explains how to setup Samba as a Primary Domain Controller and applies to version 2.2.0. Before using these functions @@ -251,7 +251,7 @@ A sample conf file encrypt passwords = yes domain logons =yes logon script = scripts\%U.bat - domain admin users = root dbannon andrew + domain admin group = @adm add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/n ull -s /bin/false %m$ guest account = ftp @@ -287,10 +287,17 @@ PDC Config Parameters and the other parameters are chosen as suitable for a machine account. Works for RH Linux, your system may require changes. + domain admin group = @adm + This parameter specifies a unix group whose members will be + granted admin privileges on a NT workstation when logged onto + that workstation. See the section called Domain Admin Accounts. + domain admin users = user1 users2 - This parameter specifies a unix user who will be granted admin - privileges on a NT workstation when logged onto that - workstation. See the section called Domain Admin Accounts. + It appears that this parameter does not funtion correctly at + present. Use the 'domain admin group' instread. This parameter + specifies a unix user who will be granted admin privileges on a + NT workstation when logged onto that workstation. See the + section called Domain Admin Accounts. encrypt passwords = yes This parameter must be 'yes' to allow any of the recent service @@ -462,16 +469,18 @@ Domain Admin Accounts Samba 2.2 recognizes particular users as being domain admins and tells the NTws when it thinks that it has got one logged on. In the smb.conf - file we declare that the Domain Admin users = user1 user2. Any user - mentioned here will be treated as a Domain Admin by a NTws when logged - onto the Domain. They will have full Administrator rights including - the rights to change permissions on files and run the system utilities - such as Disk Administrator. + file we declare that the Domain Admin group = @adm. Any user who is a + menber of the unix group 'adm' is treated as a Domain Admin by a NTws + when logged onto the Domain. They will have full Administrator rights + including the rights to change permissions on files and run the system + utilities such as Disk Administrator. Add users to the group by + editing /etc/group/. You do not need to use the 'adm' group, choose + any one you like. Further, and this is very new, they will be allowed to create a new machine account when first connecting a new NT or W2K machine to the - domain. At present, ie pre-release, only a Domain Admin who also - happens to be root can do so. + domain. However, at present, ie pre-release, only a Domain Admin who + also happens to be root can do so. _________________________________________________________________ Chapter 4. Profiles, Policies and Logon Scripts |