On Thursday 03 October 2002 11:39 am, Bradley W. Langhorst wrote: > On Thu, 2002-10-03 at 11:31, Jim Durham wrote: > > I've read the achives, but I'm not finding anything. > > > > On XP, I can give a local user admin priviledges on his/her > > local machine when they are logged in to that machine > > and not the domain. > > > > How do I do this when they are logged in to the domain, > > with Samba as a PDC? > > > > Some programs need to create tmp files that they can not > > if the the user does not have admin privs on his/her machine. > > in samba2 you need to add the domain user to the local admin group. You > can map a unix group to Domain Admins or Domain Users groups and add > that group to the local admins but you can't have more granularity than > than. > > if you don't mind adding the user to local admin on each machine that is > probably the cleanest solution. > > samba3 can handle arbitrary group mapping >
A couple of questions: I'm having trouble understanding terminology regarding the "group" that you are referring to. Are you saying to create a new unix group called "admins" and add the user to it? Or is this the local admin group on the XP box? Would you recommend upgrading to samba 3? I've got another issue regarding BDC on a different subnet that doesn't seem to work properly with XP and I'm wondering if samba 3 would handle that better. The BDC gets its machine ID file and it's smbpasswd, etc/passwd, /etc/master. passwd and the password databases from the master, but occasionally you suddenly can't log in from the machines on the subnet where the BDC lives. I think it's when the network latency between the main site and the remote LAN is bad. Killing domain logons on the BDC fixes it. Perhaps that is a reason to consider samba3? Thanks, Jim -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba