The Samba-Bugzilla – Bug 2282
the script of "add user script" runs not as "root"
Last modified: 2005-08-29 14:36:37 UTC
I would like to reopen bug 1037.
We currently use Samba 3.0.2a on SuSE-Linux.
In a trust relationship between to PDCs (s1/dom1 and s2/dom2) the user bob (of
dom2) logs in on client workstation w1 (member of dom1). During the login-
process samba calls the add user script trying to create an account for user
bob. Because this is not done as root (as stated in smb.conf(5)) the add user
script only works if we run it using sudo.
Refering to Jerrys cases (https://bugzilla.samba.org/show_bug.cgi?id=1037#c3)
this is a new one:
(c) The add user script is used to create an account for a user of a trusted
domain which is not already known locally.
The user bob is connected to s1 and the add user script is called using the
I am having the same problem as described by Carsten, but on Debian running
My workaround was to run chmod 4755 /usr/sbin/useradd.
while this opens up a very large security hole it does work.
The recommended solution at this point is to run winbindd for trusted domains.