[Samba] ntconfig.pol not even being loaded

Tim Bates tin at new-life.org.au
Thu Dec 20 22:26:36 GMT 2007 

Yep.
As it turns out, it does load for some users now. It wasn't before, but 
a few of the newer users have started getting things applied.
I'm planning to do a new policy file from scratch and see what happens. 
I have a feeling it's just a messed up policy file.

TB

Adam Williams wrote:
> did you name it NTConfig.POL and put it in /samba/netlogon
>
> and only 2000-Vista clients will load that.  for win 95/98 clients I 
> think it needs to be called Config.POL.
>
> Tim Bates wrote:
>> At one site I support, I have just recently put a policy file on their
>> server to try and make some stuff easier to manage. Only problem is
>> Windows is not even trying to load it. I watched the traffic in
>> Wireshark, and there's no request for the ntconfig.pol file at all. And
>> of course nothing from it is being applied.
>> I had read that this can happen if someone has set the policy refresh
>> settings to never refresh (or manually or whatever it is), but I have
>> checked this and tried with a newly installed Windows machine, and it
>> still doesn't work.
>>
>> Is there some special setting I am missing? What is the bare minimum for
>> ntconfig.pol to apply? What should the netlogon share definition look 
>> like?
>>
>> Global config options that seem relevent are:
>> [global]
>>   workgroup = CRDC
>>   domain master = yes
>>   prefered master = yes
>>   domain logons = yes
>>   logon path = \\%L\profiles\%U
>>   logon script = logon.bat
>>   dns proxy = no
>>   name resolve order = lmhosts host wins bcast
>>   security = user
>>   guest account = nobody
>>   encrypt passwords = true
>>   passdb backend = tdbsam
>>   obey pam restrictions = yes
>>   unix password sync = yes
>>   passwd program = /usr/bin/passwd %u
>>   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
>> *Retype\snew\sUNIX\spassword:* %n\n .
>>   pam password change = yes
>>   socket options = TCP_NODELAY
>>
>>
>> The share definition looks like this:
>> [netlogon]
>>   comment = Network Logon Service
>>   path = /samba/netlogon
>>   guest ok = no
>>   writable = yes
>>   browsable = no
>>   write list = mwheeler, tin, root
>>
>>
>>
>> TB
>>
>
>

More information about the samba mailing list