[Samba] Cannot lockout W2K users when SAMBA PDC is down

Hoferer, Patrick K. (Space Systems) Patrick.Hoferer at ngc.com
Fri Jan 2 21:20:10 GMT 2004

I have a SAMBA 2.2.8a PDC authenticating to a Sun One Directory Server. I
can lockout the user using the smbpasswd command with the "-d" option, but
local policies on my W2K client download (or create) a local profile once
authenticated. After that initial log the user has free reign of the system
even after the account is locked.

Has anyone else got around this problem? I was thinking that I will have to
create a logoff script that erases the profile in "Documents and Settings"
since the user cannot log in without their profile. There must be a better
way in local security policies though. I had tried to disable local login,
but that seems to completely lockout the user for the system which is a bad

Any suggestions?

Thanks in advanced,

More information about the samba mailing list