ERROR: in 'security=domain' mode the 'encrypt passwords' parameter must also be set to 'true'
Steve Langasek
vorlon at netexpress.net
Tue Jul 9 13:32:04 GMT 2002
On Tue, Jul 09, 2002 at 03:57:02PM -0400, David Collier-Brown wrote:
> Steve Langasek wrote:
> > Playing with my smb.conf on a new server (2.2.5), I noticed that the
> > 'security=domain' and 'encrypt passwords=yes' parameters are somewhat
> > redundant.
> I owe the team a set of self-check code for options
> that can contradict each other... I just finished
> some book stuff last week, so maybe Real Soon Now (;-))
Ah, cool. :)
One other thing I noticed while digging around was the current
description of 'preferred master':
This boolean parameter controls if nmbd(8)is a pre
ferred master browser for its workgroup.
If this is set to true, on startup, nmbd will force
an election, and it will have a slight advantage in
winning the election. It is recommended that this
parameter is used in conjunction with domain mas
ter = yes, so that nmbd can guarantee becoming a
domain master.
Use this option with caution, because if there are
several hosts (whether Samba servers, Windows 95 or
NT) that are preferred master browsers on the same
subnet, they will each periodically and continu
ously attempt to become the local master browser.
This will result in unnecessary broadcast traffic
and reduced browsing capabilities.
See also os level .
Default: preferred master = auto
A glance at the source confirms my suspicion that 'preferred master = auto'
depends on the value of 'domain master', but this doesn't make any sense
to me: 'preferred master' affects LMB elections, whereas 'domain master'
is used to make the server the DMB (PDC) for the workgroup (domain).
Aren't local master browsers and domain master browsers orthogonal?
This has always been my understanding -- and indeed, I've been running a
network with a non-LMB PDC for quite some time, with no adverse effects
that I was aware of! Is it time for me to change this?
Steve Langasek
postmodern programmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20020709/627a2342/attachment.bin
More information about the samba-technical
mailing list