[Samba] ntconfig.pol not even being loaded
Adam Williams
awilliam at mdah.state.ms.us
Thu Dec 20 15:28:54 GMT 2007
did you name it NTConfig.POL and put it in /samba/netlogon
and only 2000-Vista clients will load that. for win 95/98 clients I
think it needs to be called Config.POL.
Tim Bates wrote:
> At one site I support, I have just recently put a policy file on their
> server to try and make some stuff easier to manage. Only problem is
> Windows is not even trying to load it. I watched the traffic in
> Wireshark, and there's no request for the ntconfig.pol file at all. And
> of course nothing from it is being applied.
> I had read that this can happen if someone has set the policy refresh
> settings to never refresh (or manually or whatever it is), but I have
> checked this and tried with a newly installed Windows machine, and it
> still doesn't work.
>
> Is there some special setting I am missing? What is the bare minimum for
> ntconfig.pol to apply? What should the netlogon share definition look
> like?
>
> Global config options that seem relevent are:
> [global]
> workgroup = CRDC
> domain master = yes
> prefered master = yes
> domain logons = yes
> logon path = \\%L\profiles\%U
> logon script = logon.bat
> dns proxy = no
> name resolve order = lmhosts host wins bcast
> security = user
> guest account = nobody
> encrypt passwords = true
> passdb backend = tdbsam
> obey pam restrictions = yes
> unix password sync = yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
> *Retype\snew\sUNIX\spassword:* %n\n .
> pam password change = yes
> socket options = TCP_NODELAY
>
>
> The share definition looks like this:
> [netlogon]
> comment = Network Logon Service
> path = /samba/netlogon
> guest ok = no
> writable = yes
> browsable = no
> write list = mwheeler, tin, root
>
>
>
> TB
>
More information about the samba
mailing list