At one site I support, I have just recently put a policy file on their server to try and make some stuff easier to manage. Only problem is Windows is not even trying to load it. I watched the traffic in Wireshark, and there's no request for the ntconfig.pol file at all. And of course nothing from it is being applied. I had read that this can happen if someone has set the policy refresh settings to never refresh (or manually or whatever it is), but I have checked this and tried with a newly installed Windows machine, and it still doesn't work.
Is there some special setting I am missing? What is the bare minimum for ntconfig.pol to apply? What should the netlogon share definition look like? Global config options that seem relevent are: [global] workgroup = CRDC domain master = yes prefered master = yes domain logons = yes logon path = \\%L\profiles\%U logon script = logon.bat dns proxy = no name resolve order = lmhosts host wins bcast security = user guest account = nobody encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . pam password change = yes socket options = TCP_NODELAY The share definition looks like this: [netlogon] comment = Network Logon Service path = /samba/netlogon guest ok = no writable = yes browsable = no write list = mwheeler, tin, root TB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
