NetLogon Service

Mayers, P J p.mayers at ic.ac.uk
Fri Mar 3 17:18:58 GMT 2000 

Erm... What? I'm really confused now. Is the machine meant to be a PDC, BDC
or just a server? "server = domain" (and yes, it is a badly named parameter
dammit, but we've been through this discussion a million times, and I see no
need to repeat it) makes the samba server a domain *member*.

server = security
domain logons = yes
local master = yes

make it a PDC, and the same with

local master = no

Make it a BDC, but that only kind-of works IIRC.

<Note: I don't use the BDC stuff, and I could be wrong about this>

So what are you trying to do? A security=domain machine will never serve
logon requests because it's a domain member, hence the netlogon share issue
isn't an issue...

Wait...

Reading your original email implies that you *know* you're using it as a
domain member, but also:

> currently using 2.05 as a member of an NT domain, with security = domain,
to
> process domain logons for a handful of Win95 machines.  The current setup

That certainly shouldn't work - what's your complete smb.conf? Are you sure
that the samba server is actually the one serving the logon requests? It
shouldn't be in security=domain.

Cheers,
Phil

=====================

The world is divided into two kinds of people, those who divide the world
into two kinds of people, and those who don't... 

-----Original Message-----
From: Brian Keats [mailto:bkeats at spiff.chin.gc.ca]
Sent: Friday, March 03, 2000 4:39 PM
To: Multiple recipients of list SAMBA-NTDOM
Subject: Fwd: Re: NetLogon Service



First, allow me thank all of you who have taken the time to reply to my
original post.  I appreciated your suggestions ....

(Did I mention I'm using secuity = domain ?)

> It probably doesn't, so all you have to do is configure your 'logon
script'
> to point to the NT server where the scripts are held...easy...
> 
> Same for roaming profiles dir, etc.
> 
> Just ask the local NT admin what you have to set it to for the domain your
> linux box is a member of.

I think I might have tried to do this, but I'll try again.
 
> > Not to
> > mention how do I specify the correct batch if the NT domain guys are not
> > using something that can be substituted by a samba variable.  Such as
some
> > NT admins using a one of many geographically abbrev. for a batch
> > file. How would
> > that be represented in an smb.conf file ?
> 
> Could you give me an example?
(See below...)
 
> > Sorry for rambling on but I was curious if a newer samba version passes
> > along the name of the batch file to the authenticating machine (i.e the
> > Linux box) who in turn would check it's netlogon share and then pass
along
> > the appropriate batch file.
> 
> Some stuff to try:
> 
> logon script = %U.bat

I'm assuming this would work if the NT guys have named the batch file for my
NT
account to be my username.bat.  What if they have been using something like
(for users located in one part of the city) '\west\corporate\users.bat' for
some users in there domains and other stuff like
'\east\marketing\manager.bat`
for other users in the same domain, etc... 

or would %U expand to '\west\corporate\users'.bat for a user named foo whom
had
this path and filename configured in the "User Manager for Domains" ?

I'll give that one a try.


 > logon drive = H:
> logon home = \\ntserver\homes\%U
> logon path = \\ntserver\profiles\%U
> 
> This, of course, will have to be set to the correct location of the files
on
> the ntserver (an example would help me here)

I'm not interested at this point in roaming profiles (although a good idea)
but
I see where you're going.  I believe they have the various logon batch files
sub divided by region and division or something to that nature.  Some are
named
common, others are named common1 others are named other things.  I'm not
sure
if there is any consistentcy to their naming schemes !

Here is a fictious example of an entry in the "User Manager for Domains" (I
think this is the NT application which manages this kinda thing. It's been a
year or two since I've last used an NT machine and I can't rightfully recall
what the application is called or what fields are contained in the
application)

User: Foo
Logon Script Name: west\admin\startup.bat

User: Bar
Logon Script Name: east\corporate\common.bat



  >  > L8r, > 
> Chris
-------------------------------------------------------

More information about the samba-ntdom mailing list