The result is that I have a samba PDC setup with a single workstation that authenticates users off the PDC and everyone has proper access. However, I can place a laptop on the network with no trust account, and using since I log onto it with the same username and password, I can browse the domain resources as if I had authenticated off of the PDC.
I am hoping someone can explain this to me, I want to deploy a samba PDC in a larger environment, but I do not want a user to be able to see private resources just by knowing someone's username and pass, I want them to have to come from a trusted machine also.
Here is my smb.conf
[global] netbios name = HERAKLES workgroup = STS server string = Samba Server %v
security = user encrypt passwords = yes username map = /etc/samba/smbusers smb passwd file = /etc/samba/private/smbpasswd add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
local master = yes os level = 65 preferred master = yes domain master = yes domain logons = yes logon script = logon.bat time server = yes wins support = yes
interfaces = eth1 hosts allow = 192.168.10. socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 log level = 3 log file = /var/log/samba/log.%m
[netlogon]
path = /export/samba/netlogon
writable = no
browsable = no[Shared Business Docs]
copy = template
path = /export/samba/shareddocs
comment = Shared Business Documents
writable = yes
Regards, -John [EMAIL PROTECTED]
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
