New Microsoft Knowledgebase article

Greg Dickie greg at discreet.com
Wed Jan 12 19:18:03 GMT 2000 

Thank-you Martin, I'm impressed. Glad to see some of you Redmond guys actually
take this seriously.


Greg

On 12-Jan-00 Martin Kuhne wrote:
> Thanks for the feedback. That's the proposed change:
> 
> CAUSE
> =====
> 
> When adding a Samba server configured as Primary Domain Controller to an
> existing Windows NT domain, there will be two PDCs in this domain. This is
> not allowed in Windows NT.
> 
> RESOLUTION
> ==========
> 
> To restore PDC functionality, take the Samba server off the network and
> restart the netlogon service on the original Windows NT PDC. 
> 
> To resolve this problem, disable the domain controller functionality on the
> Samba server. This can be done by changing the following values in the Samba
> configuration file (smb.conf):
> domain master = no
> preferred master = no
> domain logons = no
> 
> For further information, please refer to the product documentation or to the
> manufacturer's web site (http://www.samba.org)
> 
> MORE INFORMATION
> ================
> 
> SAMBA is a third-party implementation of the SMB networking protocol used by
> Windows NT.
> <third party product information boilerplate>
> 
> Regards,
> Martin
> Microsoft GmbH
> 
> -----Original Message-----
> From: Luke Kenneth Casson Leighton [mailto:lkcl at samba.org]
> Sent: Mittwoch, 12. Januar 2000 16:41
> To: Martin Kuhne
> Cc: Multiple recipients of list SAMBA-NTDOM
> Subject: RE: New Microsoft Knowledgebase article
> 
> 
> On Thu, 13 Jan 2000, Martin Kuhne wrote:
> 
>> I'm afraid what you wrote will be hard to get published.
> 
> yeah, it will a bit.
> 
>> Does anyone have a practical suggestion on how to instruct an
> inexperienced
>> administrator to disable PDC functionality in Samba?
> 
> "domain logons = no" to disable BDC / PDC functionality (NETLOGON)
> 
> this stops samba registering DOMAIN<1c> internet group name, and from
> answering SAMLOGON, GETDC requests.
> 
> 
> "domain master = no" to disable PDC / DMB functionality.
>  
> this stops samba registering DOMAIN<1c> pdc unique name.
> 
> 
> these are the defaults, so anyone who enables them on an existing domain
> clearly _doesn't_ know what they are doing.
> 
> 
> alternatively, they can move the Samba Server to a different workgroup /
> domain, which is a [good] suggestion of one of your other KB articles.
> 
> thx for responding, martin.
> 
> luke
> 
>> Regards,
>> Martin
>> Microsoft GmbH
>> 
>> -----Original Message-----
>> From: Karl Denninger [mailto:karl at Denninger.Net]
>> Sent: Mittwoch, 12. Januar 2000 01:39
>> To: Multiple recipients of list SAMBA-NTDOM
>> Subject: Re: New Microsoft Knowledgebase article
>> 
>> 
>> Cute.
>> 
>> "Turn off the Samba server".
>> 
>> How about:
>> 
>>      Format your disks, install Linux or FreeBSD, and tell Microsoft to
>>      go fuck themselves with a football - preferrably to the same
>>      regional sales force that sold you the NT crapware in the first
>>      place?
>> 
>> I hate corporate arrogance - especially this kind of arrogance.
>> 
>> This kind of bullshit is PRECISELY what the US DOJ was after when they
> threw
>> the whole library (instead of one book) at Microsoft.
>> 
>> --
>> -- 
>> Karl Denninger (karl at denninger.net)  Web: http://childrens-justice.org
>> Isn't it time we started putting KIDS first?  See the above URL for
>> a plan to do exactly that!
>> 
>> 
>> On Wed, Jan 12, 2000 at 11:30:32AM +1100, Larry Blunk wrote:
>> >   I just ran across the following article in
>> > Microsoft's Knowledbase.  See the following URL:
>> > http://support.microsoft.com/support/kb/articles/Q250/2/63.ASP.
>> >  Anyone know what this is about?
>> > __________________________________________________
>> > Do You Yahoo!?
>> > Talk to your friends online with Yahoo! Messenger.
>> > http://im.yahoo.com
>> 
> 
> <a href="mailto:lkcl at samba.org"   > Luke Kenneth Casson Leighton    </a>
> <a href="http://www.cb1.com/~lkcl"> Samba and Network Development   </a>
> <a href="http://samba.org"        > Samba Web site                  </a>
> <a href="http://www.iss.net"      > Internet Security Systems, Inc. </a>
> <a href="http://mcp.com"          > Macmillan Technical Publishing  </a>
> 
>  ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals

---------------------------------------------------------------------
Greg Dickie
Just A Guy*
*from discreet (the logic is gone)
Montreal 
(514) 954-7171
greg at discreet.com

More information about the samba-ntdom mailing list