On Tue, 2003-10-28 at 04:06, Marc Kaplan wrote: > Raphael, > > I would guess that your NT4 domain has RestrictAnonymous set. Check > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\RestrictAnonymous. > If that is set to 1, you need to run wbinfo > --set-auth-user=administrator%administratorspw, and then restart winbindd.
NO, NO, NO!!! That should be '--set-auth-user=NONadministrator%not-cared-about-password' You should *never* put an administrative user into this. You should put a user you don't care about, preferably one that you created just for the purpose. If I see this 'advise' one more time, I'll put a special, load debug watch in wbinfo on the string 'Administrator'... We only do this to get around the fact that we cannot do NTLM logins as our machine account. In AD, we use or machine account and kerberos, to avoid this mess. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
