Login to domains
Samuel Liddicott
sam at campbellsci.co.uk
Mon May 24 08:14:46 GMT 1999
> -----Original Message-----
> From: samba-ntdom at samba.org [mailto:samba-ntdom at samba.org]On Behalf Of
> Matthew Enger
> Sent: 24 May 1999 05:03
> To: Multiple recipients of list
> Subject: Login to domains
>
>
> Hello,
> At school we run a samba server (2.0.4b) providing domain logins
> for approx 150 computers. Where we are having a problem.
>
> When a student comes to login, they can login bypass the domain
> login secuirty by loging in as anyone with any password as long as the
> domain is not the domain controled by the domain controler.
>
> Anyone know why this is happening and how we can stop it? Does it
> have anything to do with samba? I have encolsed a copy of the samba config
> of our PDC below.
You ought to create a config.pol file (using policy editor) and set so that
each win95 PC loads policy's on login. Most policy's will only take effect
on the *next* reboot, but once each PC has done that you will be safe.
The policy setting you need is under DEFAULT COMPUTER, LOGON, REQUIRE
VALIDATION BY NETWORK FOR WINDOWS ACCESS which corresponds to this registry
key:
HKLM\Network\Logon\MustBeValidated=dword(1)
Warning; if the server breaks or the network breaks you can only run windows
in safe mode.
Sam
More information about the samba-ntdom
mailing list