"security=domain" and workstation-specific NT accounts

Kevin Colby kevinc at grainsystems.com
Fri Mar 19 19:40:01 GMT 1999

We're running Samba 2.0.3 (today's tarball on the site)
under AIX 4.3.2, with an NT4SP3 PDC.  We've set "security=domain",
and this appears to be working fine--for the most part.

However, if we restrict a user via the NT PDC to only be allowed
to logon from a specific workstation, Samba refuses to share
to the user--even from that workstation.  It reports that the
PDC told it the user/password pair was invalid.

We tried listing the Samba server in the allowed workstations,
but that caused the PDC to start refusing all requests for
the NetBIOS name of the Samba server.  Samba wasn't even getting
the requests, and we had to remove the Samba server from the
domain and re-add him (It took ~1 _hour_ for the NT PDC to release
him!) before anything would work again at all.

Has anyone ever tried this or know anything about this?

	- Kevin Colby
	  kevinc at grainsystems.com

More information about the samba-ntdom mailing list