Win2K joining a Samba TNG 2.5 domain
Luke Kenneth Casson Leighton
lkcl at samba.org
Fri Apr 28 07:53:08 GMT 2000
On Fri, 28 Apr 2000, Richard Sharpe wrote:
> OK,
>
> I now have Win2K build 2128 joining a Samba TNG 2.5 domain ...
>
> When it does, it comes up with a dialog box prompting for a username and
> password on the domain that has privileges to join the domain or whatever.
>
> Is there any way to avoid this?
NOPE!!!! never will be.
using SRVMGR.EXE to join d toomains is potentially a serious security
risk, and microsoft FINALLY realised this.
especiallyy joining BDCs to a domain with SRVMGR.EXE, either there is a
small window of opportunity or thre is a fake-up-a-netbios-name-way, it
can be used to anonymously grab the entire SAM database.
they removed the BDC problem from nt5 by removing the concept of BDCs [you
can't *make* nt5 a BDC for an nt4 domain].
luke
More information about the samba-ntdom
mailing list