lee.taylor at scania.co.za
Mon Dec 13 08:47:28 GMT 1999
Great Idea ... and interesting times are here to stay ...
----- Original Message -----
From: Luke Kenneth Casson Leighton <lkcl at samba.org>
To: Multiple recipients of list SAMBA-NTDOM <samba-ntdom at samba.org>
Sent: Sunday, December 12, 1999 10:51 PM
Subject: MSRPC daemons
> just when you thought it was safe to do a cvs update, another cvs commit
> hits the tree.
> the first pass now has the following MSRPC services as separate daemons:
> samr - samrd
> lsarpc - lsarpcd
> srvsvc - srvsvcd
> wkssvc - wkssvcd
> spoolss - spoolssd
> NETLOGON - netlogond
> browser - browserd
> svcctl - svcctld
> winreg - winregd
> and guess what? if you don't want to run any of these services... YOU
> DON'T HAVE TO!
> however, if you want a minimum level of pdc support, you are going to
> lsarpcd, srvsvcd, wkssvcd, netlogond.
> if you want to be able to either change user passwords (NT-style) or run
> usrmgr.exe or srvmgr.exe, you are going to need:
> winregd and samrd.
> if you just want samba as a member of a domain that does NOT support local
> accounts, i don't think you need any of these msrpc services, i'd be
> interested to see if people agree with this initial assessement.
> if you want samba to be "browseable" in the network neighbourhood, you are
> going to need:
> wkssvcd and srvsvcd.
> this configuration setup may change. in fact, i guarantee that it will.
> one of the things that i wish to do is to ensure that smbd does not need
> _any_ of the smb password database API calls, directly, it goes through
> \PIPE\NETLOGON or \PIPE\lsarpc or \PIPE\samr to verify user account
> information. apart from anything, direct verification of smb file access
> using the password database API (getsmbpwnam etc) is wrong, as this
> excludes trusted domains and your pdc.
> so, a minimum requirement at some future point may be to run at least the
> we live in interesting times!
> luke (samba team)
> p.s i'm back on samba-technical.
More information about the samba-ntdom