On Wed, Jun 11, 2008 at 6:39 PM, Andreas
Hi,
to use SAMBA as PDC for a Windows-Domain it needs an administrative user on the server to create machine- and user-accounts for the clients. Obviously root could do this.
Here is the issue that the on site maintenance of client pcs and users is done by an assistant who shouldn't get access to everything on the file server. So I can't give him root credentials or even let him execute passwd.
Even if I prepared some user- and machine- accounts he still needs the administrative user to le those client-pcs join the domain.
How can I have cake and eat it?
I don't have any experience with Linux PDCs. But I would try joining the server to the domain, force users to log on to the domain to log on to the server, and making your assistant a domain admin. Why is it important that he can't use passwd? Also do you have ACLs turned on? They may help you fine tune what you want. See: How to share directories between groups of users using ACL http://en.opensuse.org/How_to_share_directories_between_groups_of_users_usin... That should give you some clues. But it is not directly related. Mike -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org