Summary

[Gerald W. Carter]

Nuno Loureiro wrote:
> 
> 
> 1 - To use policies I had to put netlogon/ntconfig.pol and
> ntconfig.pol.LOG mode 777. If I use other mode on the files the policies
> won't work. Also, the policies problem is a kind'of complicated, because
> to NT there is no USER neither groups on the Domain. I used the Default
> Policy all the users and individual policies for each one of the admins.
> Well, this is working, but netlogon/ntconfig.* world writable is a
> security problem. Is there a way to contorn this?

I configured a manaul update on my NT 4.0 clients with no problem.  Both
ntconfig.pol and ntconfig.pol.LOG have permission 644.  Also you can
manually add a username.  NT does not attempt to verify that it is a
valid one.  You are correct that there are no groups.

> 
> 2 - I tryed to share a dir on a workstation, to everyone (the only
> possibility), but from another workstation I can't mount it *sometimes*.

> 3 - the preexec option to log user's logins and logouts doesn't work for
> me. Dunno why..

Can you run your preexec script manually as the common user?  A common
problem I have seen is that the script cannot be read / executed by a
normal user or is trying to something that a normal user cannot do.

If you are referring to you root preexec / postexec commands in [homes],
have you tried putting the command in a script and calling the script
instead?

j-
________________________________________________________________________
                            Gerald ( Jerry ) Carter	
Engineering Network Services                           Auburn University 
jerry at eng.auburn.edu             http://www.eng.auburn.edu/users/cartegw

       "...a hundred billion castaways looking for a home."
                                  - Sting "Message in a Bottle" ( 1979 )