On Sun, Mar 24, 2002 at 04:26:11AM +0000, Jon Masters wrote:
> On Saturday the 23rd March 2002, Matthew Sackman spaketh:
>
>
> > Port 445 is definately in use, so whilst it seems samba doesn't listen
> > on it by default it obviously needs to be allowed in firewall setups.
>
> Samba tends to always rely on Windows supporting "legacy" implementations
> - it doesn't do AD and other things that arguably a W2K implementation
> needs, though we've had this in an "argument" before I believe :-)
Well yes, the samba server is actually behaving as an NT4.5 server (at least
that's how it identifies itself to the network)
> > And the printer thingy was fine: no mention of it in smb.conf but all
> > the win2k machines can see it and it's fine.
>
> Then it's shared without security restrictions or somesuch?
Yep. Although really the entire network is on dial up access to the 'net
only, heavily firewalled, and to get onto the network you have to have
a username and password anyway so once you've got through those hurdles
being able to print to a HP LaserJet would be just the jackpot any cracker
would be looking for... ;-)
> > So it's now very much confirmed: samba can act as a PDC for a win2k
> > network and also has logon scripts and roaming profiles working too.
>
> Let's hope so, I have been supporting several W2K based Samba PDC'd
> networks for a year now and hope to offer further support as/when the
> "Easy Penguin Ltd." venture gets sorted out sometime soon...the only
> issues I have is over the general problem of implementing ACL's with Samba
> and the lack of "Microsoft Active Directshit".
hmm, well, so long as it's properly designed, a web based interface with a
couple of cgi-scripts would be sufficient to allow normal folks to update
the acls. In fact, if you wanted to be fancy, you could store all the acls
in a database like mysql, easy update from web interface, and then have
a script that takes the mysql database and formats and produces a correct
smb.conf file. Shouldn't be too hard! :-)
> > So once again thanks to all who helped out: a real demonstration of the
> > value of LUGs. :-)
>
> Let us know how it goes, look forward to seeing you in April, if you come.
Well I'm on Easter holiday atm, so this meet will most likely be one of the
few times I can make it.
Matthew
--Matthew Sackman Nottingham England
BOFH Excuse Board: Processes running slowly due to weak power supply -------------------------------------------------------------------- http://www.lug.org.uk http://www.linuxportal.co.uk http://www.linuxjob.co.uk http://www.linuxshop.co.uk --------------------------------------------------------------------
This archive was generated by hypermail 2.1.3 : Sun 24 Mar 2002 - 21:01:03 GMT