[LBo] how to control the privilege of groups/users
Stefan Waidele
Stefan at Waidele.info
Wed Jan 3 11:58:44 CET 2007
Emen Zhao schrieb:
> [...]
> For example, I want a user can create new users and has full privilege for
> those users he/she created, but cannot do anything to any other accounts.
I am not sure if this "multi-level" administration is implemented in any
OS. Maybe in Novell Netware, but I am not sure.
In Linux/Unix you would probably pick one of the following options:
1 You as admin take the chore and create users and groups as needed.
2 Using sudo, you grant permission to "sub-admins" to use the
commands needed. They could then access ALL groups and users, not just
"theirs".
3 If you have a big organization, you give one machine (root-access)
to each subadmin. They manage "their" users on "their" machines.
Company-wide stuff is handled by you on "your" machine.
4 You could implement item 3 using only one piece of hardware +
virtualization like VMserver.
With options 2 - 4, the question is if it really means less work than
option 1...
Sorry,
Stefan
--
http://LinuxBasics.org http://Krone-Neuenburg.com
http://Stefan.Waidele.info http://sl.stots.de
More information about the QnA
mailing list