We're working on a solution to add our SLES(10.2) servers in our Windows
domain.
Our SLES servers are primairily used for Oracle databases and the
domain users which are granted access are DBA-administrators.

We've joined the server to the domain and can succesfully login with
our domain account.
Futhermore, we edited the file /etc/security/pam_winbind.conf so that
only members of the "linux"-group (AD security group)
can login to the server. Next we've edited our /etc/sudoers file so
that those users can run only commands as user "oracle" (sudo -u oracle
%command%).

So Far, all is well.

The problem is that the domain-user has no rights to the directory
where the commands (bv. sqlplus) are located.
We tried to add the domain user to the /etc/group
(groupname:!:107racle,DOMAIN\domainuser). That didn't work.

How can we give out local rights to domain users? Or are there any
other solutions?


--
fogier
------------------------------------------------------------------------
fogier's Profile: http://forums.novell.com/member.php?userid=116512
View this thread: http://forums.novell.com/showthread.php?t=444475