[Samba] Samba BDCs and machine trust account passwords

Gerald (Jerry) Carter jerry at samba.org
Fri Jan 17 16:08:04 GMT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 16 Jan 2003, Mikko Kortelainen wrote:

> Here's (what I think is) the essential part from my SLAVE smb.conf:
> 
>   security = user
>   domain logons = yes
>   domain master = no
>   os level = 64
>   local master = yes
>   preferred master = yes
> 
> The MASTER configuration is the same except that the "domain master" is
> set to yes.
> 
> I've understood that the above configuration causes the workstations to
> send their password updates to the MASTER. Am I wrong? If I am, is there
> any way in 2.2.7 to correct this (either so that the workstations change
> their passwords directly with the master, or that the slave sends an
> update message to the master automatically). Or do I have to go to 3.0
> and LDAP? (which I'd rather not prefer, yet)

IIRC the client should contact the PDC (domain<0x1b>).  But can you check 
the logs and see if the clients are trying to change it on domain<0x1c> 
(any DC)?  Thanks.



jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQE+KCnMIR7qMdg1EfYRAqLgAJ9+pzlIMUa2DDvkmSvhjtXu8G3YAwCgqBju
QdXB2xcEpWxTkiRujLsaGao=
=eQ/v
-----END PGP SIGNATURE-----




More information about the samba mailing list