[Samba] Security Question: passwordless machine accounts
Sean Noonan
snoonan at snoonan.com
Tue Nov 5 16:21:01 GMT 2002
Hi folks,
Finally got Samba up and running after many oplock issues and I'm very
pleased. One "detail" left that bothers me. I'm running FreeBSD 4.7-STABLE
on our PDC and every night I'm (root) is emailed a security report. Among
the items reported is:
Checking for passwordless accounts:
.
.
CLIENT01$::1134:1134::0:0:Machine CLIENT01:/dev/null:/sbin/nologin
.
Should I be telling myself this is okay, since it's mitigated by using the
/sbin/nologin shell? Since the machine has already successfully joined the
domain can I now just assign the machine a password? Won't that break the
trust relationship already setup? Can anything be done, or should I just
shrug this one off?
Thanks in advance,
Sean
More information about the samba
mailing list