MSRPC daemons

S. Striker s.striker at striker.nl
Mon Dec 13 10:22:03 GMT 1999 

Hi there,

> Great Idea ... and interesting times are here to stay ...

Indeed they are. But if we are going to talk abouit interesting
times, you should read the book 'Interesting Times' by Terry Pratchett.
Guaranteed to get you to laugh.

Sander Striker

>
> ----- Original Message -----
> From: Luke Kenneth Casson Leighton <lkcl at samba.org>
> To: Multiple recipients of list SAMBA-NTDOM <samba-ntdom at samba.org>
> Sent: Sunday, December 12, 1999 10:51 PM
> Subject: MSRPC daemons
>
>
> > just when you thought it was safe to do a cvs update, another cvs commit
> > hits the tree.
> >
> > the first pass now has the following MSRPC services as separate daemons:
> >
> > samr - samrd
> > lsarpc - lsarpcd
> > srvsvc - srvsvcd
> > wkssvc - wkssvcd
> > spoolss - spoolssd
> > NETLOGON - netlogond
> > browser - browserd
> > svcctl - svcctld
> > winreg - winregd
> >
> > and guess what?  if you don't want to run any of these services... YOU
> > DON'T HAVE TO!
> >
> > however, if you want a minimum level of pdc support, you are going to
> > need:
> >
> > lsarpcd, srvsvcd, wkssvcd, netlogond.
> >
> > if you want to be able to either change user passwords (NT-style) or run
> > usrmgr.exe or srvmgr.exe, you are going to need:
> >
> > winregd and samrd.
> >
> > if you just want samba as a member of a domain that does NOT
> support local
> > accounts, i don't think you need any of these msrpc services, i'd be
> > interested to see if people agree with this initial assessement.
> >
> > if you want samba to be "browseable" in the network
> neighbourhood, you are
> > going to need:
> >
> > wkssvcd and srvsvcd.
> >
> >
> > this configuration setup may change.  in fact, i guarantee that it will.
> > one of the things that i wish to do is to ensure that smbd does not need
> > _any_ of the smb password database API calls, directly, it goes through
> > \PIPE\NETLOGON or \PIPE\lsarpc or \PIPE\samr to verify user account
> > information.  apart from anything, direct verification of smb
> file access
> > using the password database API (getsmbpwnam etc) is wrong, as this
> > excludes trusted domains and your pdc.
> >
> > so, a minimum requirement at some future point may be to run at
> least the
> > netlogond.
> >
> > we live in interesting times!
> >
> > luke (samba team)
> >
> > p.s i'm back on samba-technical.
> >
>
>

More information about the samba-ntdom mailing list