Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Samba HowTo Guide
Prev Home Next

Description of Privileges

The privileges that have been implemented in Samba-3.0.11 are shown below. It is possible, and likely, that additional privileges may be implemented in later releases of Samba. It is also likely that any privileges currently implemented but not used may be removed from future releases as a housekeeping matter, so it is important that the successful as well as unsuccessful use of these facilities should be reported on the Samba mailing lists.

SeAddUsersPrivilege

This right determines whether or not smbd will allow the user to create new user or group accounts via such tools as net rpc user add or NT4 User Manager for Domains.

SeDiskOperatorPrivilege

Accounts that possess this right will be able to execute scripts defined by the add/delete/change share command in smb.conf file as root. Such users will also be able to modify the ACL associated with file shares on the Samba server.

SeMachineAccountPrivilege

This right controls whether or not the user can join client machines to a Samba-controlled domain.

SePrintOperatorPrivilege

This privilege operates identically to the printer admin option in the smb.conf file (see section 5 man page for smb.conf) except that it is a global right (not on a per-printer basis). Eventually the smb.conf option will be deprecated and administrative rights to printers will be controlled exclusively by this right and the security descriptor associated with the printer object in the ntprinters.tdb file.

SeRemoteShutdownPrivilege

Samba provides two hooks for shutting down or rebooting the server and for aborting a previously issued shutdown command. Since this is an operation normally limited by the operating system to the root user, an account must possess this right to be able to execute either of these hooks.

SeTakeOwnershipPrivilege

This right permits users to take ownership of files and directories.

Samba HowTo Guide
Prev Home Next

 
 
  Published under the terms fo the GNU General Public License Design by Interspire