AW: [Samba] Disabling Machine Account password change
Stumpfl Markus
htl.traun.kustos at eduhi.at
Thu Mar 11 06:46:19 GMT 2004
Hi,
what you could try (I've set it that way and works fine - for now ;-)):
open 'gpedit.msc'
\Computerconfiguration\Windows Settings\Security Settings\Local
Settings\Security Options\Domain Member: Maximum Age of Computer
Passwords
set that to 999 (maximum). So you should be fine for some time...
Normally in Windows if you set something like that to 0, than it would
be disabled and the Computer-Password would be never reset but because
Samba handles that otherwise... (at least what I know of)
Markus
> -----Ursprüngliche Nachricht-----
> Von: samba-bounces+htl.traun.kustos=eduhi.at at lists.samba.org
> [mailto:samba-bounces+htl.traun.kustos=eduhi.at at lists.samba.org] Im
> Auftrag von Matthieu Le Corre
> Gesendet: Mittwoch, 10. März 2004 18:09
> An: samba at lists.samba.org
> Betreff: Re: [Samba] Disabling Machine Account password change
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Le mercredi 10 Mars 2004 16:39, Florian Thiel a écrit :
> > Hello!
>
> Hello ...
> i think i've the same problem ....
>
> >
> > We have a school environment with Debian servers and Win2K clients.
> > There are about 700 clients and 30 servers. There is piece of
hardware
> > installed on all clients the resets the changes made to the local
disk
> > at reboot.
>
> we are working with disk image ..but the problem is the same !
>
>
> >
> > This seems to be a problem with Win2K changing machine account
passwords
> > every 30 days (according to MSDN). The server saves the password,
the
> > client resets it and domain logon is impossible ever after.
>
> can you give me the URL reference where you see it ! i'm interested on
the
> subject !
>
>
>
> >
> > Now I want to disable this password changing. It is possible with a
> > Windows PDC using group policy (at least that's what Windows Admins
told
> > me). I found for Samba it's hardcoded in the sources. Would it be
> > possible to make that an option for smb.conf? I'm not a C
programming
> > professional so I'm afraid of hacking the Samba source (especially
with
> no
> > similiar examples in the sources).
> >
> > Is there someone working on that kind of thing or are there any
> > implications I do not know about?
>
> Can you give me the location on the source where you see that
>
> mayby i've two solution ...
> 1) juste backup the old passwd on your samba server en reinject it
every
> night
> 2) a more clean ways to do :P : use gpedit.msc on your win2k
workstation
> ( mmc componant) go to "windows parameter" "security setting" "local
> policies" "security options" and enable " prevent system maintenance
of
> computer account password " .....
> not sur of the result ... but you can try ;)
>
>
>
> >
> > Thanks in advance,
> > Florian
> > --
> > Florian Thiel - Medienzentrum Kassel
> > Systembetreuung Internet- und Kommunikationstechnik
> > Kasseler Schulen am Netz - http://www.medienzentrum-kassel.de
>
> - --
> Matthieu Le Corre
> ------------------------------
> CIE -- UFR sciences
> Université de Nantes
> 02-51-12-58-65
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
>
> iD8DBQFAT0vDHj6Gj+ly9W4RAhjvAKDpvk2ygntMitwmbAvKcE7NtRGE7QCfahSG
> MwlbQ+Wrue8E5KXaa36y0xs=
> =XKFR
> -----END PGP SIGNATURE-----
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list