Don't quite follow here. I do have a local root user in passwd/shadow
with
a local pw as required by any UNIX I know. I also have a AD root account.
Lets get this straight, you have a user called 'root' in /etc/passwd and another user called 'root' in AD, is this correct ???
Yes
PS. Why is it so hard to keep me on CC? Some list setting which makes this easy to forget?
Rowland
On 26/09/14 11:48, Joakim Tjernlund wrote:
Don't quite follow here. I do have a local root user in passwd/shadow
with
a local pw as required by any UNIX I know. I also have a AD root account.
Lets get this straight, you have a user called 'root' in /etc/passwd and another user called 'root' in AD, is this correct ???
Yes
Then you need to delete the AD user 'root', unlike the earlier NT4-style samba domain, samba4 AD domains cannot have a user with the same name as a local Unix user. If you want a domain admin user, create one, allow it to use sudo and then use this user to administrate your domain. If something was to go wrong, you will still have the local 'root' account that you can use locally (or by a correctly setup ssh server) to fix the problem. If you think that your users will alter your root passwords, then you need to limit just what your users are capable of. If you do not know how to do this, or cannot find out how to do this, I would suggest that you need find another job.
PS. Why is it so hard to keep me on CC? Some list setting which makes this easy to forget?
Nothing to do with any list setting, you should get the replies if you are a list member, I normally just reply to list, but in this case I 'CC'd' you
Rowland
Rowland
On Fri, 26 Sep 2014, Joakim Tjernlund wrote:
Why is it so hard to keep me on CC? Some list setting which makesthis easy to forget?
Because the list is well configured with a reply-to set to the list.
If you want to be part of a list, why not just join the list for the period you want to interact with it, rather than cause unnecessary work for people you're trying to communicate with?
jh
sssd-users@lists.fedorahosted.org