win2k joining Samba 2.2.2 PDC problems.

Martyn Ranyard ranyardm at lineone.net
Mon Dec 10 04:14:12 GMT 2001


At 12:05 PM 12/10/01 +0000, Phil Chambers wrote:
>When trying to join the client I used a username which is listed in my 
>"domain admin
>group" list.  Surely the point of this parameter is to provide non-root 
>access in
>just this situation.  The last thing I want to have to do is use my Unix root
>password to join a client to the domain!

Which is exactly what you need to do with NT (Administrator / Domain 
admin).  You need to be able to read and write the smb password file so you 
need to be root, or at least someone who has access to do that.  I agree, 
having root as an smb valid username is a security risk, but that's just 
the way these things work.

Martyn Ranyard





More information about the samba mailing list