FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 05-04-2012, 07:32 AM
Muhammad Yousuf Khan
 
Default Windows domain user in Linux

i am using winbind for samba to fetch users from windows domain. now i
want to add a windows domain user "administrator" a member of group
"root". however when i run the command it gives me an error.

#useradd -G root administrator
useradd: user 'administrator' already exists


Please Help.

Thank you,


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: CAGWVfMnA8=0kVxLPmMrbZatqruPQq65zWnn1G2cNm1u+9WJji w@mail.gmail.com">http://lists.debian.org/CAGWVfMnA8=0kVxLPmMrbZatqruPQq65zWnn1G2cNm1u+9WJji w@mail.gmail.com
 
Old 05-04-2012, 02:49 PM
Daniel Koch
 
Default Windows domain user in Linux

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 04.05.2012 09:32, schrieb Muhammad Yousuf Khan:
> i am using winbind for samba to fetch users from windows domain.
> now i want to add a windows domain user "administrator" a member of
> group "root". however when i run the command it gives me an error.
>
> #useradd -G root administrator useradd: user 'administrator'
> already exists
>
>
> Please Help.
>
> Thank you,
>
>

What about:

# adduser administrator root


?
- --
Daniel Koch
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk+j7GIACgkQOy1+jxP0nDmZ9ACeJpcOZYq1a6 pcDDp9Brc1qpNz
NcsAn1B8laCryqQH3yMQ3pgAMToOLUby
=Gyuk
-----END PGP SIGNATURE-----
 
Old 05-04-2012, 03:10 PM
Camaleón
 
Default Windows domain user in Linux

On Fri, 04 May 2012 12:32:31 +0500, Muhammad Yousuf Khan wrote:

> i am using winbind for samba to fetch users from windows domain. now i
> want to add a windows domain user "administrator" a member of group
> "root". however when i run the command it gives me an error.
>
> #useradd -G root administrator
> useradd: user 'administrator' already exists

Is the user already in an external database?

>From "man adduser":

***
CAVEATS
You may not add a user to a NIS or LDAP group. This must be performed on
the corresponding server.

Similarly, if the username already exists in an external user database
such as NIS or LDAP, useradd will deny the user account creation request.
***

In addition, if the user "administrator" already exists locally, you have
to use "usermod" instead.

Note: adding a user to the root's group can be dangerous.

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: jo0rhj$3du$7@dough.gmane.org">http://lists.debian.org/jo0rhj$3du$7@dough.gmane.org
 
Old 05-04-2012, 04:05 PM
Muhammad Yousuf Khan
 
Default Windows domain user in Linux

On Fri, May 4, 2012 at 7:49 PM, Daniel Koch
<koch.daniel.89@googlemail.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Am 04.05.2012 09:32, schrieb Muhammad Yousuf Khan:
>> i am using winbind for samba to fetch users from windows domain.
>> now i want to add a windows domain user "administrator" a member of
>> group "root". however when i run the command it gives me an error.
>>
>> #useradd -G root administrator useradd: user 'administrator'
>> already exists
>>
>>
>> Please Help.
>>
>> Thank you,
>>
>>
>
> What about:
>
> # adduser administrator root
>

wwwowwwwwww It worked Thanks mate

can i ask a question , why it worked by adduser and why not useradd as
both commands works for a same purpose AFAIK


Thanks,


>
> ?
> - --
> Daniel Koch
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.12 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk+j7GIACgkQOy1+jxP0nDmZ9ACeJpcOZYq1a6 pcDDp9Brc1qpNz
> NcsAn1B8laCryqQH3yMQ3pgAMToOLUby
> =Gyuk
> -----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: CAGWVfMkvgtNv7qQUFCgY8Wh=P=SFKyrYO9mAWk3p_FPRXK2x3 Q@mail.gmail.com">http://lists.debian.org/CAGWVfMkvgtNv7qQUFCgY8Wh=P=SFKyrYO9mAWk3p_FPRXK2x3 Q@mail.gmail.com
 
Old 05-04-2012, 04:06 PM
Muhammad Yousuf Khan
 
Default Windows domain user in Linux

On Fri, May 4, 2012 at 8:10 PM, Camaleón <noelamac@gmail.com> wrote:
> On Fri, 04 May 2012 12:32:31 +0500, Muhammad Yousuf Khan wrote:
>
>> i am using winbind for samba to fetch users from windows domain. now i
>> want to add a windows domain user "administrator" a member of group
>> "root". however when i run the command it gives me an error.
>>
>> #useradd -G root administrator
>> useradd: user 'administrator' already exists
>
> Is the user already in an external database?
>
> >From "man adduser":
>
> ***
> CAVEATS
> You may not add a user to a NIS or LDAP group. This must be performed on
> the corresponding server.
>
> Similarly, if the username already exists in an external user database
> such as NIS or LDAP, useradd will deny the user account creation request.
> ***
>
> In addition, if the user "administrator" already exists locally, you have
> to use "usermod" instead.
>
> Note: adding a user to the root's group can be dangerous.


Thanks for the informative email, however administrator is me so thats
the reason i added that.

Thanks any ways,




>
> Greetings,
>
> --
> Camaleón
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/jo0rhj$3du$7@dough.gmane.org
>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: CAGWVfMkKUBL0uDLAHFNZNJUmyeJL6bRn9Px5JspT6qmvujUZg A@mail.gmail.com">http://lists.debian.org/CAGWVfMkKUBL0uDLAHFNZNJUmyeJL6bRn9Px5JspT6qmvujUZg A@mail.gmail.com
 
Old 05-04-2012, 08:50 PM
Camaleón
 
Default Windows domain user in Linux

On Fri, 04 May 2012 21:06:58 +0500, Muhammad Yousuf Khan wrote:

> On Fri, May 4, 2012 at 8:10 PM, Camaleón <noelamac@gmail.com> wrote:
>> On Fri, 04 May 2012 12:32:31 +0500, Muhammad Yousuf Khan wrote:
>>
>>> i am using winbind for samba to fetch users from windows domain. now i
>>> want to add a windows domain user "administrator" a member of group
>>> "root". however when i run the command it gives me an error.
>>>
>>> #useradd -G root administrator
>>> useradd: user 'administrator' already exists
>>
>> Is the user already in an external database?
>>
>> >From "man adduser":
>>
>> ***
>> CAVEATS
>> You may not add a user to a NIS or LDAP group. This must be performed
>> on the corresponding server.
>>
>> Similarly, if the username already exists in an external user database
>> such as NIS or LDAP, useradd will deny the user account creation
>> request. ***
>>
>> In addition, if the user "administrator" already exists locally, you
>> have to use "usermod" instead.
>>
>> Note: adding a user to the root's group can be dangerous.
>
>
> Thanks for the informative email, however administrator is me so thats
> the reason i added that.

Yes, but that's still dangerous. Why do you need to be in root's group?

> Thanks any ways,

You're welcome.

Anyway, a quick note on your first one-liner: by re-reading "man useradd"
I think you should use "-g" instead "-G".

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: jo1fe4$3du$17@dough.gmane.org">http://lists.debian.org/jo1fe4$3du$17@dough.gmane.org
 
Old 05-05-2012, 09:32 AM
Daniel Koch
 
Default Windows domain user in Linux

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 04.05.2012 18:05, schrieb Muhammad Yousuf Khan:
> On Fri, May 4, 2012 at 7:49 PM, Daniel Koch
> <koch.daniel.89@googlemail.com> wrote: Am 04.05.2012 09:32, schrieb
> Muhammad Yousuf Khan:
>>>> i am using winbind for samba to fetch users from windows
>>>> domain. now i want to add a windows domain user
>>>> "administrator" a member of group "root". however when i run
>>>> the command it gives me an error.
>>>>
>>>> #useradd -G root administrator useradd: user 'administrator'
>>>> already exists
>>>>
>
> What about:
>
> # adduser administrator root
>
>
>> wwwowwwwwww It worked Thanks mate
>
>> can i ask a question , why it worked by adduser and why not
>> useradd as both commands works for a same purpose AFAIK


-G, --groups GROUPS list of supplementary groups of the new
account ^^^

"new account" that is why : "'administrator' already exists"

- --
Daniel Koch
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk+k85IACgkQOy1+jxP0nDn2rgCdGEP/FhNj8yjOKcXeDr+9vWnu
9IQAniXquXjZiob2nUo8tO+yNsa0ERi2
=GUsO
-----END PGP SIGNATURE-----
 
Old 05-05-2012, 11:19 AM
Muhammad Yousuf Khan
 
Default Windows domain user in Linux

On Sat, May 5, 2012 at 1:50 AM, Camaleón <noelamac@gmail.com> wrote:
> On Fri, 04 May 2012 21:06:58 +0500, Muhammad Yousuf Khan wrote:
>
>> On Fri, May 4, 2012 at 8:10 PM, Camaleón <noelamac@gmail.com> wrote:
>>> On Fri, 04 May 2012 12:32:31 +0500, Muhammad Yousuf Khan wrote:
>>>
>>>> i am using winbind for samba to fetch users from windows domain. now i
>>>> want to add a windows domain user "administrator" a member of group
>>>> "root". however when i run the command it gives me an error.
>>>>
>>>> #useradd -G root administrator
>>>> useradd: user 'administrator' already exists
>>>
>>> Is the user already in an external database?
>>>
>>> >From "man adduser":
>>>
>>> ***
>>> CAVEATS
>>> You may not add a user to a NIS or LDAP group. This must be performed
>>> on the corresponding server.
>>>
>>> Similarly, if the username already exists in an external user database
>>> such as NIS or LDAP, useradd will deny the user account creation
>>> request. ***
>>>
>>> In addition, if the user "administrator" already exists locally, you
>>> have to use "usermod" instead.
>>>
>>> Note: adding a user to the root's group can be dangerous.
>>
>>
>> Thanks for the informative email, however administrator is me so thats
>> the reason i added that.
>
> Yes, but that's still dangerous. Why do you need to be in root's group?
>

Because, there are few folders stored on samba storage where me as a
administrator need to write files very often.

so it seems easy to me that i have to just chmode 770 to the
folder/file and things starts working accordingly.

by the way , what kind of security consequences you are talking about?

note : i am using this only for samba share

>> Thanks any ways,
>
> You're welcome.
>
> Anyway, a quick note on your first one-liner: by re-reading "man useradd"
> I think you should use "-g" instead "-G".
>
> Greetings,
>
> --
> Camaleón
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/jo1fe4$3du$17@dough.gmane.org
>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: CAGWVfMmVPCCg5mQRh01W5zJ9WQCDv3wTu0DKdCOcHay703zOP A@mail.gmail.com">http://lists.debian.org/CAGWVfMmVPCCg5mQRh01W5zJ9WQCDv3wTu0DKdCOcHay703zOP A@mail.gmail.com
 
Old 05-05-2012, 12:07 PM
Camaleón
 
Default Windows domain user in Linux

On Sat, 05 May 2012 16:19:52 +0500, Muhammad Yousuf Khan wrote:

> On Sat, May 5, 2012 at 1:50 AM, Camaleón <noelamac@gmail.com> wrote:

>>> Thanks for the informative email, however administrator is me so thats
>>> the reason i added that.
>>
>> Yes, but that's still dangerous. Why do you need to be in root's group?
>>
>>
> Because, there are few folders stored on samba storage where me as a
> administrator need to write files very often.

Then you can adjust the share owner and permissions in a proper way.

> so it seems easy to me that i have to just chmode 770 to the folder/file
> and things starts working accordingly.

Easy, can be (I can't tell because I don't know the details of your samba/
shares layout). Secure, not.

> by the way , what kind of security consequences you are talking about?

An impersonated user that can access/read/delete your system files.

> note : i am using this only for samba share

More reasons to avoid exposing your system security.

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: jo355m$4gr$4@dough.gmane.org">http://lists.debian.org/jo355m$4gr$4@dough.gmane.org
 
Old 05-07-2012, 07:30 AM
Muhammad Yousuf Khan
 
Default Windows domain user in Linux

On Sat, May 5, 2012 at 5:07 PM, Camaleón <noelamac@gmail.com> wrote:
> On Sat, 05 May 2012 16:19:52 +0500, Muhammad Yousuf Khan wrote:
>
>> On Sat, May 5, 2012 at 1:50 AM, Camaleón <noelamac@gmail.com> wrote:
>
>>>> Thanks for the informative email, however administrator is me so thats
>>>> the reason i added that.
>>>
>>> Yes, but that's still dangerous. Why do you need to be in root's group?
>>>
>>>
>> Because, there are few folders stored on samba storage where me as a
>> administrator need to write files very often.
>
> Then you can adjust the share owner and permissions in a proper way.
>
>> so it seems easy to me that i have to just chmode 770 to the folder/file
>> *and things starts working accordingly.
>
> Easy, can be (I can't tell because I don't know the details of your samba/
> shares layout). Secure, not.

mostly share are like this.............

[Library]
comment = Shared Directories
path = /hdxxx/100xx/libxxx/
read list = @all
write list = nhasnain, admin
read only = yes
create mask = 0774
directory mask = 0774

>
>> by the way , what kind of security consequences you are talking about?
>
> An impersonated user that can access/read/delete your system files.
>
>> note : i am using this only for samba share
>
> More reasons to avoid exposing your system security.

Thanks , i got your point ....... and i like it too. ill change the
right infrastructure accordingly.




>
> Greetings,
>
> --
> Camaleón
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: http://lists.debian.org/jo355m$4gr$4@dough.gmane.org
>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: CAGWVfMmwVnKDmtUWpfBw0t_0gn5-eRodbTFJjgnCZ-M8kv8O+w@mail.gmail.com">http://lists.debian.org/CAGWVfMmwVnKDmtUWpfBw0t_0gn5-eRodbTFJjgnCZ-M8kv8O+w@mail.gmail.com
 

Thread Tools




All times are GMT. The time now is 08:08 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org