Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[Samba] (no subject)

0 views
Skip to first unread message

Administrador Correo

unread,
May 18, 2004, 11:40:09 AM5/18/04
to
This is a test, please delete me

E-Mail Administrator

Technical Infrastructure
NH HOTELES
Santa Engracia, 120
Edificio Central
28003 Madrid, Spain
t. +34914519718

Visit our Web site: http://www.nh-hotels.com
This message is from NH HOTELES and it is private and confidential.
Its content may be legally protected.Reception by a non-intended person does not waive legal protection rights.
If you receive this message by mistake, please delete it from your system and report the sender.
Although this message has been cleared for viruses using currently available virus definitions before sending,
it is the responsibility of the receiver to ensure it is virus-free.Thank you.


--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba

Les Bell

unread,
May 20, 2004, 7:50:08 PM5/20/04
to
"John H Terpstra" <sa...@primastasys.com> wrote:

>>
On the UNIX system addition/change of user accounts requires UID=0. If you
want your Administrator to be able
to manage user accounts UID=0 is a must. Also, the RID for Administrator
must be 500 for the account to have
admin privileges in Windows.
<<

OK. The Linux box is at a school and administered by novices, so I've set
up user account management via Webmin, with synchronization of the Samba
accounts. This is working well. However, in order for Administrator to be
able to log in on the domain, I had to create an "Administrator" account,
hence the one with an ID of 604. Same on my office network, but here I've
created a group, smbadmins, added Administrator and myself into it, and
then added

domain admin group = @smbadmins (following some online docs, but testparm
doesn't like this, so I'll remove it)
admin users = @smbadmins
printer admin = @smbadmins

I also upgraded from 2.2 to 3.04 and this seems to be a lot happier when
running USRMGR.EXE, etc.

>>
If you are using and LDAP backend it is imperative that all UIDs and RIDs
must be unambiguous. So if you have a
root account and an Administrator account - you have introduced ambiguity.
It is best to use the 'root' account
in place of the NT Administrator. Just make sure that the RID for the root
account is 500.
<<

No LDAP (yet). My big questions, then, are:

1. How do I set the RID for the Administrator or root account? Currently,
the SID is User SID:
S-1-5-21-754926933-3079649434-3472319497-2208. I've tried editing it with:

pdbedit -r -u Administrator -U S-1-5-21-754926933-3079649434-3472319497-500

but it doesn't change (and -d4 doesn't produce any useful debugging info,
AFAICS). And of course the other setup is on Samba 2.2, which doesn't have
pdbedit. How can the RID be changed there?

2. If we don't need to use USEMGR.EXE for account management, is there any
other reason why the Administrator account needs UID/GUD = 0? I'm nervous
about using the root password for domain & workstation administration
tasks.

Thanks,

Best,

--- Les Bell, RHCE, CISSP
[http://www.lesbell.com.au]

Scott Zimmerman

unread,
May 21, 2004, 4:10:06 AM5/21/04
to
Oliver Schulze L.

<oliver at samera.com.py>

wrote:

> Hi.

> In WinXP I can setup the permission of a file so that a user can modify

> the file,

> but he can not delete the file.

I was wondering if someone could tell me how do what he is saying because
no matter what I do, using the everyone account, and disabling delete in
special - that disables the ability to edit files. I have tried everything
I could even adding a second user with the same name denying the delete.
Please advise.

I want to have a user able to upload a file, edit a file, but not delete a
file. But if you could at least tell me how to do the first one I would be
glad!

0 new messages