Ubuntu

Sharing (=>administrative?) privileges for w2003 domain users

Asked by Roman Polach

I have successfully setup my Ubuntu Edgy box as windows 2003 domain member
(using http://www.ubuntuforums.org/showthread.php?t=91510&highlight=active+directory
 howto),
so domain users can directly login in GDM,

but they cannot share any folders with samba, because they have no administrative
privileges. How can I set them to allow sharing? They are not listed in Users and groups
management dialog so I cannot set administrative privileges to them.

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Solved by:
Roman Polach
Solved:
Last query:
Last reply:

This question was reopened

Revision history for this message
Michael Wood (x3n) said : 		#1

Step 11 should be what you need.

if my understanding is correct, the Activedirectory-authenticated users will go under a group (in the article mentioned it is a group called UnixAdmins) you should be able to find this group in Manage groups

Revision history for this message
Roman Polach (rpolach) said : 		#2

Thanks, this would be sufficient.
I am going to experiment more to see if could be AD users add directly /etc/sudoers :)

Revision history for this message
Roman Polach (rpolach) said : 		#3

I have successfully added some domain users in /etc/sudoers by these lines:
    OURDOMAIN\\user1 ALL=(ALL) ALL
    OURDOMAIN\\user2 ALL=(ALL) ALL
    OURDOMAIN\\user3 ALL=(ALL) ALL
sudo and sharing now works... but many things are not equivalent to local users
with administrative privileges... e.g. in Gnome menu System / Administration
there are 8 items, but for local users with administrative privileges have 18 items
there... How can be set to have these domain users more like local users with
administrative privileges?

Revision history for this message
Michael Wood (x3n) said : 		#4

I believe that this can be done by adding the username or group name to admin line of the /etc/group file

for example,

admin:x:112:michael,user1,user2,user3

Revision history for this message
Best Roman Polach (rpolach) said : 		#5

I have tried to add "OURDOMAIN\\user1" to this line, but
then I saw that only single backslash is needed in /etc/group file.
Now it works perfectly.
Thanks very much. :)