[Pkg-samba-maint] Bug#462045: Bug#462045: samba: automagically add initial set of domain groups
wildfire at progsoc.org
Wed Jan 14 09:10:42 UTC 2009
On Tue, Jan 13, 2009 at 8:16 PM, Steve Langasek <vorlon at debian.org> wrote:
> On Tue, Jan 13, 2009 at 07:13:23PM +0100, Christian Perrier wrote:
>> > Currently the default Samba install assumes you wish to either be a PDC
>> > or a standalone server (things could be setup so it asks you if Samba
>> > shluld be a BDC or Domain member, but there are not).
>> > In either case the following Windows groups need to exist:
>> > - Domain Admins
>> > - Domain Users
>> > - Domain Guests
>> > Each of these groups has a well-known Unix group equivalent, (ntadmins,
>> > users and nogroup) respectively.
>> > It would be good if:
>> > - these Unix groups (ntadmins, users and nogroup) were added if
>> > they went not present.
>> Well, that's contradictory. In one sentence, you mention these groups
>> to be "well-known groups"....but, later, you suggest adding them if
>> they don't exist.
>> It is my understanding that "well-known groups" are groups that have a
>> significant-enough prevalence to be added in base-passwd.... If these
>> ones aren't, they're not well-known enough
> The 'users' and 'nogroup' groups are both part of base-passwd, so there
> would be no need to add these in the maintainer script.
> Only the 'ntadmin' group is questionable. It's given as an example group
What about using the group 'admin' and mapping that to 'Domain Admins' then?
The reason I seperated it out is, as per the example document, but
that often your Unix admins do not correspond to your Windows admin.
But your Unix users often do correspond to your Windows users.
More information about the Pkg-samba-maint