That troublemaker again (replace domain logons =, domain master=)

Andrew Bartlett abartlet at
Sun Nov 11 22:07:02 GMT 2001

Tim Potter wrote:
> On Mon, Nov 12, 2001 at 04:37:49PM +1100, Andrew Bartlett wrote:
> [stuff deleted]
> > It should decrese the overhead, becouse the option is clear.  No more
> > 'domain logons = pdc, but not if domain master = no, then its a bdc'
> > kind of stuff.
> >
> > Table:
> >                    PDC        BDC       Standalone (also member)     DMB
> > domain master =     Y          N                 N                    Y
> > domain logons =     Y          Y                 N                    N
> There's at least one other entry that needs to go in this table:
>   encrypt passwords = Y          Y                Y/N                  Y/N

And enforcing this would reduce the number of bug reports, because the
error messages you get are not exactly helpful...

> > > > If sombody can show a sane way to implement backward-compatablity on
> > > > this, I'll be happy to see it.  It just seemed like it would a little
> > > > too messy.  We will see.
> > >
> > > I'll need to understand it more and think some.
> An easy way of doing this is to add the 'server role' parameter and keep
> all the other random browsing related ones.  By setting 'server role'
> you are implicitly setting the values of other ones as per the above
> table.
> You may have to worry about the order of the parameters in the smb.conf
> file.  Or maybe not.

I'm fine with this, as long as we kill the dependence on security=
(which this will do).  It just seemed that others wanted to remove some
parameters as well, so I put my head above the trenches and waited for
the incoming lead.

Andrew Bartlett

Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at

More information about the samba-technical mailing list