No subject


Fri Aug 20 08:29:19 MDT 2010


but I cannot interpret them), plus these three which definitely seem to
be relevant.

in post_reboot.txt2:

HKLM\SYSTEM\ControlSet001\Control\Lsa\Kerberos\Sidcache  
  "MachineSid"=hex:<data - not shown>
HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETLOGON\0000\Control 
  "ActiveService"="NetLogon"
HKLM\SYSTEM\ControlSet001\Services\NetLogon "start"=dword:2

in pre_reboot.txt2:

HKLM\SYSTEM\ControlSet001\Control\Lsa\Kerberos\Sidcache 
  no "MachineSid" value
HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETLOGON\0000\Control 
  "ActiveService"="Netlogon"
HKLM\SYSTEM\ControlSet001\Services\NetLogon "start"=dword:2

in before_join.txt2

HKLM\SYSTEM\ControlSet001\Control\Lsa\Kerberos\Sidcache 
  no "MachineSid" value
HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETLOGON\0000\Control 
  no "ActiveService" value
HKLM\SYSTEM\ControlSet001\Services\NetLogon "start"=dword:3

It looks like the initial step in the netlogon is to change the 3rd and
2nd values.  Not clear where the logon credentials are stored. 
Then at reboot the MachineSid is returned by the Samba server to the
client, presumably very early in the boot process.  The MachineSid
on two client machines differed, although only in a few digits. 

That suggests that one should be able to able to join an XP machine by
doing something on the Samba server (maybe just: smbpasswd -a -m
MACHINE$ ?) and then on the client do three 

  reg add 

commands to set it to the appropriate state, and reboot.  That would be
really convenient since the cloning process running under linux could
easily write a runonce file with these commands into the Windows
partition.   However, I do not see a place on the server side to
retrieve the MachineSid for a particular workstation.  If it is in
smbpasswd, it is encrypted.

Regards,

David Mathog
mathog at caltech.edu
Manager, Sequence Analysis Facility, Biology Division, Caltech



More information about the samba mailing list