January 13, 2004

Windows XP

In theory, Samba can function as a domain controller, and a Windows XP Professional is able to join as a client, with some adjustments:

  • a bit of a registry hack on Windows XP (HKEY_LOCAL_MACHINE\SYSTEM\ CurrentControlSet\Services\ netlogon\parameters\ RequiredSignorSeal=dword:00000000)
  • Adjusting Local Security Policy:
  • Domain member: machine account password changes (disabled)
  • Domain member: Require strong (Windows 2000 or later) session key (disabled)

These steps are to alleviate Windows XP's expectations that it will join a Windows 2000 domain, which permits signing and sealing of netlogon packets throughout the network, unlike a Windows NT 4 domain, which Samba emulates.

That's not the end of the story. Some Windows XP machine lose their ability to join a Samba domain sometime down the road, a day, a week later, but unexpectedly. Which happened to one of my XP boxes. After trolling the lists, I found fellow travellers lost in this misty domain, and some elusive tips.

Posted at January 13, 2004 03:47 PM | TrackBack
Comments
Post a comment