Login to domains

Matthew Enger menger at dhs.org
Mon May 24 23:56:30 GMT 1999


Just checked, this option is already set.

On Mon, 24 May 1999, Samuel Liddicott wrote:

> Date: Mon, 24 May 1999 09:14:46 +0100
> From: Samuel Liddicott <sam at campbellsci.co.uk>
> To: menger at dhs.org, Multiple recipients of list <samba-ntdom at samba.org>
> Subject: RE: Login to domains
> 
> 
> 
> > -----Original Message-----
> > From: samba-ntdom at samba.org [mailto:samba-ntdom at samba.org]On Behalf Of
> > Matthew Enger
> > Sent: 24 May 1999 05:03
> > To: Multiple recipients of list
> > Subject: Login to domains
> >
> >
> > Hello,
> > 	At school we run a samba server (2.0.4b) providing domain logins
> > for approx 150 computers. Where we are having a problem.
> >
> > 	When a student comes to login, they can login bypass the domain
> > login secuirty by loging in as anyone with any password as long as the
> > domain is not the domain controled by the domain controler.
> >
> > 	Anyone know why this is happening and how we can stop it? Does it
> > have anything to do with samba? I have encolsed a copy of the samba config
> > of our PDC below.
> 
> You ought to create a config.pol file (using policy editor) and set so that
> each win95 PC loads policy's on login.  Most policy's will only take effect
> on the *next* reboot, but once each PC has done that you will be safe.
> 
> The policy setting you need is under DEFAULT COMPUTER, LOGON, REQUIRE
> VALIDATION BY NETWORK FOR WINDOWS ACCESS  which corresponds to this registry
> key:
> 
> HKLM\Network\Logon\MustBeValidated=dword(1)
> 
> Warning; if the server breaks or the network breaks you can only run windows
> in safe mode.
> 
> Sam
> 
> 



More information about the samba-ntdom mailing list