[Samba] Samba PDC and MSN Messenger
Marcel Kunath
kunathma at pilot.msu.edu
Thu Feb 21 13:52:50 GMT 2002
Hello,
I run a Samba 2.2.3a server with XP clients successfully. I am aware of the
fact that XP
restricts access to some of its users (local) in regards to some programs. I am
unsure which
programs these are but MSN Messenger might be one of them. I think I heard
guest users are
not allowed to use MSN Messenger under XP by default.
Now I have trouble to get MSN Messenger to start under XP for certain users:
Administrator (local) can start MSN Messenger.
marcel (domain user and domain admin group member) can start MSN Messenger.
anna (domain user) cannot start MSN Messenger.
guest (guest domain user) cannot start MSN Messenger.
I have had a look at the registry options, the file executable permissions, the
local
security policies set on the XP machine and web sites but I cannot find a way
to give access
to all user for MSN Messenger or another messaging service like Yahoo Pager.
I included some data I have collected from my setup at the end of the email.
(Note: domain user 'marcel' is in the group "ntadmin" and I could add all my
other users to
this group to make them able to start MSN Messenger but I would remove any
security and file
protections from the XP machine therefore since all users then become
administrators.)
Thanks for the help,
Marcel
Permissions on local box:
c:\program files\messenger\msmsgsin.exe:
administrator(local/administrators) full
everyone read/execute, read
power users (local/power users) modify,read/execute,read,write
system full
users (local/users) read/execute,read
c:\program files\messenger\msmsgs.exe:
administrator(local/administrators) full
everyone read/execute, read
power users (local/power users) modify,read/execute,read,write
system full
users (local/users) read/execute,read
C:\Documents and Settings\All Users\Start Menu\Programs\windows messenger: (a
shortcut)
target: "C:\Program Files\Messenger\msmsgs.exe"
start in: %HOMEDRIVE%%HOMEPATH%
administrator(local/administrators) full
everyone read/execute, read
power users (local/power users) modify,read/execute,read,write
system full
users (local/users) read/execute,read
Local Security Policy:
Network access: Let Everyone permissions apply to anonymous users. ENABLED
registry entries for hkey_local_machine/software/microsoft/messenger_service
have been
untouched.
# cat /etc/samba/smb.conf
[global]
workgroup = MYWORKGROUP
netbios name = MAIL
server string = Samba %v on %L
interfaces = 192.168.1.1/24 127.0.0.0/24
encrypt passwords = Yes
update encrypted = Yes
null passwords = Yes
passwd program = /usr/bin/passwd %u
passwd chat debug = Yes
unix password sync = Yes
log file = /var/log/samba-log.%m
time server = Yes
keepalive = 30
domain admin group = @ntadmin
logon script = %U.bat
logon path = \\%L\profiles\%U
logon drive = z:
domain logons = Yes
os level = 33
preferred master = True
domain master = True
kernel oplocks = No
guest account = guest
hosts allow = 192.168.1., 127.
printing = lprng
print command = /usr/bin/lpr -P%p -r %s
lpq command = /usr/bin/lpq -P%p
lprm command = /usr/bin/lprm -P%p %j
lppause command = /usr/sbin/lpc hold %p %j
lpresume command = /usr/sbin/lpc release %p %j
queuepause command = /usr/sbin/lpc -P%p stop
queueresume command = /usr/sbin/lpc -P%p start
browseable = No
[homes]
comment = %U Home Directory
read only = No
veto files = /.?*/
[netlogon]
comment = The Domain Logon Service
path = /etc/samba/logon
[profiles]
comment = NT Profile Storage
path = /home/ntprofiles
read only = No
# groups marcel
marcel : users ntadmin
# groups anna
anna : users
# groups guest
guest : guest
More information about the samba
mailing list