Hi.
I have a trouble with permissions for folders in my Ubuntu Server 12.04.
I have domainA and domainB with two-way trusts. My linux server authenticate with domainB via "net ads join" with Kerberos, Samba + winbind and PAM.
https://help.ubuntu.com/community/Ac...ryWinbindHowto
My realm is domainB
I can logon to the linux server via domainB windows user, e.g domainB\userB (ssh)
I can logon to the linux server via domainA windows user too (domainA\userA) (ssh)
Problem is, when I try stop samba service via user domainA\userA. I don't have permissions to stop this service, delete folders etc..
On my AD controller I have 2 groups. The first is e.g Group1 when I have 5 users from domainB and I have Group2 when I have 5 users from domainA
When I add Group1 to sudoers file - all users from Group1 (domainB) can stop services etc..but when I add Group2 (domainA) to sudoers file - no user can stop services (user is not in sudoers).. - where is mistake?
I try add domainA\userA to root, admin group and reboot the server - but when I login via domainA\userA - this user don't have permissions to stop services etc..
I don't have idea what I'm doing bad..Can anyone help me with this permissions?