PDA

View Full Version : Grant local rights (SLES10.2) to domain users (AD)



fogier
09-Sep-2011, 15:06
We're working on a solution to add our SLES(10.2) servers in our Windows
domain.
Our SLES servers are primairily used for Oracle databases and the
domain users which are granted access are DBA-administrators.

We've joined the server to the domain and can succesfully login with
our domain account.
Futhermore, we edited the file /etc/security/pam_winbind.conf so that
only members of the "linux"-group (AD security group)
can login to the server. Next we've edited our /etc/sudoers file so
that those users can run only commands as user "oracle" (sudo -u oracle
%command%).

So Far, all is well.

The problem is that the domain-user has no rights to the directory
where the commands (bv. sqlplus) are located.
We tried to add the domain user to the /etc/group
(groupname:!:107:oracle,DOMAIN\domainuser). That didn't work.

How can we give out local rights to domain users? Or are there any
other solutions?


--
fogier
------------------------------------------------------------------------
fogier's Profile: http://forums.novell.com/member.php?userid=116512
View this thread: http://forums.novell.com/showthread.php?t=444475

Automatic Reply
13-Sep-2011, 17:04
fogier,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

Has your problem been resolved? If not, you might try one of the following options:

- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.novell.com/faq.php

If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your Novell Product Support Forums Team
http://forums.novell.com/