Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am trying to use my MS Enterprise Admins group to allow for linux administration.
I have Samba working and can authenticate to linux with MS EA creds. I have used "net groupmap add ntgroup="Enterprise Admins" unixgroup=root" which completes and lists correctly, but things like ifup and ifdown fail with access denied.
Many root commands require the root "user" rather than a root "group". Many of these commands can have different "groups" such as sys, adm, root etc..."
I can't really comment on your attempt to use Windows tools for administering Linux but will caution you to be sure you keep a real root password for each server as there are times you can bring the system up in states like single user where no outside connection is going to work. You do NOT want to rely on having access to some centralized authentication source (or even terminals) in those cases.
What you might try if you're attempting login and then becoming root is to create individual users for each admin and setup sudo (man sudo, man visudo) to allow those admins to switch to root at need.
Many root commands require the root "user" rather than a root "group". Many of these commands can have different "groups" such as sys, adm, root etc..."
I can't really comment on your attempt to use Windows tools for administering Linux but will caution you to be sure you keep a real root password for each server as there are times you can bring the system up in states like single user where no outside connection is going to work. You do NOT want to rely on having access to some centralized authentication source (or even terminals) in those cases.
What you might try if you're attempting login and then becoming root is to create individual users for each admin and setup sudo (man sudo, man visudo) to allow those admins to switch to root at need.
Thanks,
I'm not actually trying to use Microsoft tools, just the Microsoft account as my Authentication and Authorization functionality in Linux (i.e. I want to be able to login with my AD creds and administer the Linux box, hopefully without sudo or su). I already have sudo working, but typically prefer that there is some level of Accounting (i.e. I like AAA), and given my general newbieness in Linux I'm not sure I can get accounting/auditing in a good fashion if everyone sudos root.
I am also using the root group, because of my ignorance (which I profess to) with Linux. Ultimately I am trying to understand how to make NT groups become Unix groups. These systems will become Anti-spam boxes and will only have port 25 exposed to the internet, but the Anti-spam package I have also uses unix group membership to administer the programs, and here again I would like to simply have the appropriate team/NT group automatically have rights into Linux, without having to create accounts on every linux box I have.
Any ideas on how to make the NT group become the Unix group, it appears as if groupmap is meant to make Unix groups useable by NT (and I want to go the other way).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
