Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [groups]

The idea of groups exists across all major operating systems. Groups are objects that contain other objects, usually users. This allows for simplification of access control assignments when many people need access to the same resources.

463 questions
8
votes
1 answer

Reset GID/UID auto-increment numbers

I created a virtual mail user for postfix virtual mailboxes with a gid/uid of 5555, but now every new user I create starts at > 5555, is it possible to reset the autonumbering so normal users will be back in the low 100s? I know this appears…
Mike Purcell
  • 1,708
  • 7
  • 32
  • 54
8
votes
1 answer

PowerShell DSC Group Resource - "Could not find a principal with the provided name"

I am trying to use PowerShell DSC to add a domain group to the local administrators group. Here is the code: Configuration TestSetup { Node localhost { Group Administrators { GroupName = "Administrators" …
Richard
  • 836
  • 2
  • 8
  • 21
8
votes
3 answers

Share screen session with users in the same group (Linux)

I can create a detached screen session using the following command: [user1@host-pc ~]$ screen -d -m -S sname program ...and resume to it using this command: [user1@host-pc ~]$ screen -r sname Is there a way to let users that are in the same group…
johndir
  • 305
  • 1
  • 5
  • 9
7
votes
1 answer

In what ways can access token update be triggered for administrator accounts on workstations?

This scenario emerged when changing the domain group membership that bestows membership in BUILTIN\Administrators. In particular, the group membership for the administrator did not update on the workstation until the administrator signed in to the…
alx9r
  • 1,643
  • 3
  • 17
  • 38
7
votes
1 answer

Granting Domain Admin privileges to a cross-forest user account?

Does anyone know of a way to [effectively] have a user or group in one forest acquire the privileges of the Domain Admin group in another forest? The obvious approach of adding Domain Admins@OneForest into Domain Admins@OtherForest isn't an option,…
HopelessN00b
  • 53,795
  • 33
  • 135
  • 209
7
votes
2 answers

In LDAP is it best to nest groups under organizational units or create an organization unit directly under the root dn just for groups?

I'm not sure whether it's better to nest groups under each of my organizational units or to make an organization unit directly under the root DN just for groups. Is one considered best practice over the other? I want to keep my configuration as…
Jeff
  • 496
  • 3
  • 10
7
votes
2 answers

Still confused by Permissions - linux, nginx, php-fpm

I have read the canonical answer at What permissions should my website files/folders have on a Linux webserver? However I'm still stuck. My setup is: A developer user 'ade' who owns the directories and files that comprise a website The server is…
Ade
  • 699
  • 3
  • 10
  • 21
7
votes
2 answers

Windows 7 "Cryptographic Operators"

This TechNet blog states that: Cryptographic Operators: FIPS 140-2 defines a “Crypto Officer” role, which is represented by the Cryptographic Operators group in Windows, first introduced in Windows Vista SP1. When the "System cryptography: Use…
Sadeq Dousti
  • 463
  • 7
  • 11
7
votes
5 answers

AD group membership changes not reflected in winbind information

I have inherited several RHEL5 servers that were set up to authenticate users against their AD accounts via winbind. Everything works fine until I update group membership in AD. For some users, the changes never make it to the output of the…
Peter Lubans
7
votes
2 answers

Is it ok to add users to the 'apache' group?

Are there any significant security concerns about adding users to the apache group? I am a programmer and I need access to all the files/directories in httpdocs - is there anything wrong with adding my user to that group?
doub1ejack
  • 567
  • 1
  • 6
  • 12
7
votes
4 answers

Preventing 'Reply-All' to Exchange Distribution Groups

This is another question in a short series regarding a challenging Exchange project my co-workers have been asked to implement. (I'm helping even though I'm primarily a Unix guy because I volunteered to learn powershell and implement as much of the…
Larold
  • 812
  • 4
  • 13
  • 21
7
votes
3 answers

What is the `shadow` group used for?

On my Ubuntu 9.10 system, there's a shadow system group. There does not appear to be any user assigned to this group at all. The only files that I can find belonging to this group are /etc/shadow and /etc/gshadow. I'm aware that the purpose of these…
Shtééf
  • 1,235
  • 3
  • 12
  • 19
7
votes
3 answers

How can I proxy multiple LDAP servers, and still have grouping of users on the proxy?

I have 2 problems that I'm hoping to find a common solution to. First, I need to find a way to have multiple LDAP servers (Windows AD's across multiple domains) feed into a single source for authentication. This is also needed to get applications…
Chris
6
votes
1 answer

How can I generate a list of the security groups a set of users belong to?

I have been asked to generate a list of the security groups (so specifically not the distribution groups) that a list of approximately 50 users belong to. I have a list of users, users.txt that contains each username on a new line. I want to…
NaOH
  • 411
  • 2
  • 10
  • 19
6
votes
1 answer

Directory with read and write for a user is permission denied, but fine with execute permissions

I have some weirdness with my users/permissions. I currently have a user named world that has the groups world www-data admin. I have a directory at /var/abc which has the permissions 0644 or rw-r--r--, the ownership of that directory is…
tarnfeld
  • 471
  • 2
  • 7
  • 13
1 2
3
30 31