joining an M$ NT Server Domain with TNG
Paul J Collins
pjdc at eircom.net
Tue Aug 29 18:29:26 GMT 2000
>>>>> "Elrond" == Elrond <elrond at samba.org> writes:
Elrond> Yes, you need to know a user on the domain, that is
Elrond> allowed to create trust-accounts. If that isn't possible
Elrond> for you, go and bug Luke. ;)
Luke probably wanted it this way since creating a machine account and
then adding a domain member for that account at some undefined point
in the future is insecure; anyone could add a machine using that
account in the time it is stuck with its default password and hence
gain (admittedly limited) access to the domain. Doing it this way
makes the initial password change happen immediately, so that the
password is at its default value for as short a length of time as
possible.
--
Paul Collins <pjdc at eircom.net> - - - - - - - [ A&P,a&f ]
GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD
PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C
"Cover up and say goodnight... say goodnight."
More information about the samba-ntdom
mailing list