![](https://seccdn.libravatar.org/avatar/ee22ebe1a18ff10e2cdb94c8f4058e68.jpg?s=120&d=mm&r=g)
On Thu, Jun 12, 2008 at 3:17 PM, Andreas
The server "is" the domain, I thought. There is just this box and some clients.
In Windows that would be true. But I don't think it is necessarily true in Linux.
first of all, I was wrong where I thought the assistant needed to be in the root group to join clients to the domain even when the machine-account allready exists. In this case it's enough to be admin user within samba but remain unpriviledged unix user. To create new machine- or domain-user accounts on the host he would have to run adduser, which is AFAIK restricted for root-users.
An inelegant solution would be to change the ownership and permissions on that command. However, that will probably open up security holes. For an elegant solution you might want to try the networking list: opensuse-networking@opensuse.org Even if I didn't get an answer there I would keep looking. This seems like it would be a common problem. And there must be a common answer. You might try looking at solutions intended for Fedora users. Just keep in mind that Fedora has to deal with SELinux. And it has its own X.500 implementation: FedoraDS.
Thanks Mike,
You are welcome. Mike -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org