[Samba] Having a problem ...

Gerald (Jerry) Carter jerry at samba.org
Wed Jan 29 19:05:13 GMT 2003

Hash: SHA1

On Thu, 23 Jan 2003, Eric Stewart wrote:

> 	Running a Windows 2000 domain; recently we've made some security
> changes to deny anonymous users from being able to get at our user list.
> It would appear that one of my Domain Controllers hadn't been rebooted
> after that security change, and now that it has been rebooted, I can't
> mount smb shares off of one of our if the security setting is in place.
> 	On a Windows 2000 Domain Controller as a domain admin, go to
> "Start" -> "Programs" -> "Administrative Tools" and look at "Domain
> Controller Security Policy".  In that, look at "Windows Settings" -
> "Security Settings" - "Account Policies" - "Kerberos Policy" - "Enforce
> User Logon Restrictions".  With that enabled (and after a reboot), domain
> controllers won't apparently allow anonymous connections to validate (at
> least, not the way Samba does it).

See the "wbinfo -A" option in the man page.  This is probably what you 

cheers, jerry
 Hewlett-Packard            ------------------------- http://www.hp.com
 SAMBA Team                 ---------------------- http://www.samba.org
 GnuPG Key                  ---- http://www.plainjoe.org/gpg_public.asc
 "You can never go home again, Oatman, but I guess you can shop there."  
                            --John Cusack - "Grosse Point Blank" (1997)

Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/


More information about the samba mailing list