Grant local rights (SLES10.2) to domain users (AD)
We're working on a solution to add our SLES(10.2) servers in our Windows
Our SLES servers are primairily used for Oracle databases and the
domain users which are granted access are DBA-administrators.
We've joined the server to the domain and can succesfully login with
our domain account.
Futhermore, we edited the file /etc/security/pam_winbind.conf so that
only members of the "linux"-group (AD security group)
can login to the server. Next we've edited our /etc/sudoers file so
that those users can run only commands as user "oracle" (sudo -u oracle
So Far, all is well.
The problem is that the domain-user has no rights to the directory
where the commands (bv. sqlplus) are located.
We tried to add the domain user to the /etc/group
(groupname:!:107racle,DOMAIN\domainuser). That didn't work.
How can we give out local rights to domain users? Or are there any