[Samba] ntconfig.pol not even being loaded
tin at new-life.org.au
Thu Dec 20 22:26:36 GMT 2007
As it turns out, it does load for some users now. It wasn't before, but
a few of the newer users have started getting things applied.
I'm planning to do a new policy file from scratch and see what happens.
I have a feeling it's just a messed up policy file.
Adam Williams wrote:
> did you name it NTConfig.POL and put it in /samba/netlogon
> and only 2000-Vista clients will load that. for win 95/98 clients I
> think it needs to be called Config.POL.
> Tim Bates wrote:
>> At one site I support, I have just recently put a policy file on their
>> server to try and make some stuff easier to manage. Only problem is
>> Windows is not even trying to load it. I watched the traffic in
>> Wireshark, and there's no request for the ntconfig.pol file at all. And
>> of course nothing from it is being applied.
>> I had read that this can happen if someone has set the policy refresh
>> settings to never refresh (or manually or whatever it is), but I have
>> checked this and tried with a newly installed Windows machine, and it
>> still doesn't work.
>> Is there some special setting I am missing? What is the bare minimum for
>> ntconfig.pol to apply? What should the netlogon share definition look
>> Global config options that seem relevent are:
>> workgroup = CRDC
>> domain master = yes
>> prefered master = yes
>> domain logons = yes
>> logon path = \\%L\profiles\%U
>> logon script = logon.bat
>> dns proxy = no
>> name resolve order = lmhosts host wins bcast
>> security = user
>> guest account = nobody
>> encrypt passwords = true
>> passdb backend = tdbsam
>> obey pam restrictions = yes
>> unix password sync = yes
>> passwd program = /usr/bin/passwd %u
>> passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
>> *Retype\snew\sUNIX\spassword:* %n\n .
>> pam password change = yes
>> socket options = TCP_NODELAY
>> The share definition looks like this:
>> comment = Network Logon Service
>> path = /samba/netlogon
>> guest ok = no
>> writable = yes
>> browsable = no
>> write list = mwheeler, tin, root
More information about the samba