-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 23 Jan 2003, Eric Stewart wrote:
> Running a Windows 2000 domain; recently we've made some security > changes to deny anonymous users from being able to get at our user list. > It would appear that one of my Domain Controllers hadn't been rebooted > after that security change, and now that it has been rebooted, I can't > mount smb shares off of one of our if the security setting is in place. > > On a Windows 2000 Domain Controller as a domain admin, go to > "Start" -> "Programs" -> "Administrative Tools" and look at "Domain > Controller Security Policy". In that, look at "Windows Settings" - > "Security Settings" - "Account Policies" - "Kerberos Policy" - "Enforce > User Logon Restrictions". With that enabled (and after a reboot), domain > controllers won't apparently allow anonymous connections to validate (at > least, not the way Samba does it). See the "wbinfo -A" option in the man page. This is probably what you need. cheers, jerry ---------------------------------------------------------------------- Hewlett-Packard ------------------------- http://www.hp.com SAMBA Team ---------------------- http://www.samba.org GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc "You can never go home again, Oatman, but I guess you can shop there." --John Cusack - "Grosse Point Blank" (1997) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE+OCXpIR7qMdg1EfYRAgNKAJ9d5yX5M4LEaz0His5u0AlnQi5oRgCgwKEQ 87yK/8OJHzFwnYbDetaA0c8= =Y/1a -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
