Hello
A few background infos on the Registry thingy for XP.
Windows XP with no SP or SP1 can easily log on to a SME Windows Domain.
After SP2, the Sign&Seal Packet Signing feature is a requirement for Windows XP. Server 2003 also needs it, if used as a "Member Server" on a SME Windows Domain. XP or Server 2003 can join the Domain, but after the required reboot can still only log on locally.
SME does provide WINS Service, but only if SME is Domain Master. That's done in the templates for Samba.conf...
The "Netlogon" share is created by SME when set as Domain Controller. However, SME sets it to be invisible. Microsoft, on the other hand, has had visible Netlogon directories visible since before Windows NT 3.51 and up to Windows 2000 Server, that was the standard. This can be enabled easily in SME, by creating (or coping the original) a template for Netlogon, and setting "browsable = yes".
Logon scripts belong there, and if NT or Win9x clients are used, you can actually also put in policy files in there too. A good idea is putting a copy of the registry file there too, for easy access after adding a PC to the domain. The admin can also easily edit logon scripts as by default he has access to this share.
The newer "Group Policys" will not work unless using Nitrobits commercial Group-Policy product.
But not everything M$ does should be followed. UNIX still doesn't have the "Run Virus.exe as administrator" bit set by default...
Wishing all a smooth 2007 with SME71!!!
17 Replies
5369 Views