Configuring RHEL servers to authenticate with Windows Server 2008Active Directory
Dave Ihnat
ignatz at dminet.com
Wed Jan 27 15:26:05 UTC 2010
On Wed, Jan 27, 2010 at 10:00:28AM -0500, m.roth at 5-cent.us wrote:
> I *loathe* that - it's a Redhat-ism, creating one group/user.
I don't think so; I distinctly recall it as the default on AT&T Unix
systems from the earliest days.
> Your linux users should all be in appropriate groups; otherwise,
> permission for shared directories, etc, will be a nightmare.
Not at all. Give each user their own group, and *explicitly* have to
add them as members of groups to which they should have rights.
I loathe the idea of putting all users in the same group by default, as
some distros of both Unix and Linux do. That's creating a security
weakness _by default_.
> How 'bout creating groups per team, which is the way it should be?
Of course. But addition of accounts to such groups should not be the
default action of the system administration tools.
Cheers,
--
Dave Ihnat
ignatz at dminet.com
More information about the redhat-list
mailing list