"JB" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > The result is that I have a samba PDC setup with a single workstation > that authenticates users off the PDC and everyone has proper access. > However, I can place a laptop on the network with no trust account, and > using since I log onto it with the same username and password, I can > browse the domain resources as if I had authenticated off of the PDC.
That's right. The laptop can connect to resources in "workgroup mode", like simple peer-to-peer networking. Having a domain just allows you to centralize the authentication. It allows, for example, a user to log on from any machine that has a trust account, even without a local user account on that machine. You can restrict access by IP address of course. I suppose you could use fixed addresses for your workstations and then use dhcp to give out addresses in a range that samba won't accept. That would fool them for a while. Mark -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
