Волгоград Linux User Group |
|
Организована 23 ноября 2002 года
Проект заморожен Птн Июл 6 02:11:14 MSD 2012 |
|
|
Addition of Machines to the DomainSamba versions prior to 3.0.11 necessitated the use of a domain administrator account that maps to the UNIX UID=0. The UNIX operating system permits only the root user to add user and group accounts. Samba 3.0.11 introduced a new facility known as Privileges, which provides five new privileges that can be assigned to users and/or groups; see Table 5.1. Table 5.1. Current Privilege Capabilities Privilege Description SeMachineAccountPrivilege Add machines to domain SePrintOperatorPrivilege Manage printers SeAddUsersPrivilege Add users and groups to the domain SeRemoteShutdownPrivilege Force shutdown from a remote system SeDiskOperatorPrivilege Manage disk share In this network example use is made of one of the supported privileges purely to demonstrate how any user can now be given the ability to add machines to the domain using a normal user account that has been given the appropriate privileges. RIDSAdministrators 544Print Operators 550 Backup Operators 551 Replicators 552 Domain Admins 512 Domain Users 513 Domain Guests 514 Domain Computers 553 |
|
Powered by
|