Wrong domain is not checked ?

Diego Cimarosa dcimaro at ipruniv.cce.unipr.it
Tue Feb 23 11:14:51 GMT 1999

Hi all,

I am quite new with Samba and, after many and many hours spent reading docs
and HOWTOs etc. I haven't resolved my problem yet.

Can anybody help me ?

(Domain blues ...  start here !)

I have a network of 25 PCs running Windows98, 1 PC running Linux Red Hat 5.2
and samba-2.0.2-19990209 as NT server. My goal is to prevent access to
the machines without a proper account authentication.

If, during Windows98 login, I enter the domain specified in smb.conf
EVERYTHING works fine (the user must be a registered user, the password is
checked correctly, I can browse from windows clients and share directory on
linux box ... ) BUT, any other domain name IS NOT CHECKED !!! And, for
example, I can access with : User : goffy, Password : goffy, Domain :
waltdisney ...


This is my configuration ...

On "Microsoft Network" I have :

Primary access => Client for Microsoft Network
Client for Microsoft Network => Validation of access => Windows NT Domain
Identification => Workgroup name=mydomain

With poledit.exe I have :

local computer =>
         Logon =>
              Logon banner : standard poledit caption and text
              Require validation from network for Windows access
              Don't show last user at logon
              Don't show logon progress
        Microsoft Client for Windows Networks =>
              Log on to Windows NT => Domain name: mydomain
                                                            Workgroup     :

This is my smb.conf
#======================= Global Settings ==================================
debug level = 2
workgroup = mydomain
server string = Linux Red Hat - Samba Server
hosts allow = 160.x.y.z 127.
printcap name = /etc/printcap
load printers = yes
log file = /var/log/samba/log.%m
max log size = 500
security = user
encrypt passwords = yes
smb passwd file = /etc/smbpasswd
socket options = TCP_NODELAY
local master = yes
os level = 33

domain master = yes
domain logons = yes

logon script = %U.bat
name resolve order = wins lmhosts bcast
wins support = yes
dns proxy = no

   comment = Home Directories
   browseable = no
   writable = yes
   create mode = 0750
   comment = Network Logon Service
   path = /home/samba/netlogon
   writable = no
   share modes = no
   comment = Directory condivisa sul Server Linux
   path = /home/shared
   public = yes
   read only = no
   writable = yes
   comment = CDROM condiviso su Linux
   path = /cdrom
   public = yes
   read only = yes
   writable = no
#============================== END

(Domain blues ...  ENDS here !)

Any suggestion ?

Thanks and CIAO !

More information about the samba-ntdom mailing list