[Samba] XP auto enrollment error; TEMP profile
ToddAndMargo at zoho.com
Mon Oct 2 17:18:19 UTC 2017
On 10/02/2017 07:59 AM, Rowland Penny via samba wrote:
> On Mon, 2 Oct 2017 10:37:34 -0400
> Gaiseric Vandal via samba <samba at lists.samba.org> wrote:
>> The auto enrollment messages seems to be indicate that the client
>> machine thinks it is connecting to an AD domain.
>> The profile messages is indicative of a domain membership problem,
>> whether or not you are using roaming profiles.
>> Workgroup method is probably simplest- although my past experience
>> was that even at 5 machines managing multiple users on multiple
>> machines gets tricky. In theory, you have 30 passwords to set.
>> If most people only use computer then this is less of an issue.
> Try doing this with 12 machines with multiple users on most of the PCs,
> spread over a large area. 5 machines is easy ;-)
This I can identify with.
>> For a small domain, I think the "classic PDC" cane simpler than a
>> Samba AD domain controller. However I have not actually tried
>> implementing a samba AD domain controller primarily because it would
>> not play well in our environment. Also, it relies Heimdal
>> Kerberos, which is not included in fedora. I don't think the XP
>> problems here are related to classic vs AD. That being said, I do
>> understand that the "classic" domain model is not a long term
> Believe me, when you get over the initial setup, an AD DC is easier,
> in this case, a new AD domain would be simple, it is the classupgrade
> that gives the most problems.
>> No specifically a samba issue but remember the idea of "defense in
>> depth." Many people think "I have a firewall, my network is safe"
>> and "I have antivirus, my PC's are safe." You need a mix client
>> antivirus, system patching, application updates, backups, e-mail spam
>> filtering, and user education. None of these have to be
>> expensive. I think you can still run free Sophos AV on XP. Make
>> sure no one is logging in with admin rights. The biggest threat
>> vector- at least in my work- seems to be e-mail (either with
>> malicious attachments or phishing links.) Anyway, that is my pitch
>> from my soap box. You can take it or leave it.
> All good advice.
>> As the old machines wear out, the XP issue will solve itself.
> I wouldn't bank on it, I have dealt with people like the OPs customer,
> and they will do anything to cut costs, including buying old computers.
Kicking an screaming!
Computers are like air conditioners.
They malfunction when you open windows
More information about the samba