Web lists-archives.com

Re: [Samba] XP auto enrollment error; TEMP profile

The auto enrollment messages seems to be indicate that the client machine thinks it is connecting to an AD domain.

The profile messages is indicative of a domain membership problem, whether or not you are using roaming profiles.

Workgroup method is probably simplest-  although my past experience was that even at 5 machines managing multiple users on multiple machines gets tricky.     In theory, you have 30 passwords to set.   If most people only use computer then this is less of an issue.

For a small domain, I think the "classic PDC"  cane simpler than a Samba AD domain controller.  However I have not actually tried implementing a samba AD domain controller primarily because it would not play well in our environment.     Also, it relies Heimdal Kerberos, which is not included in fedora.    I don't think the XP problems here are related to classic vs AD.    That being said, I do understand that the "classic" domain model is not a long term solution.

No specifically a samba issue but remember the idea of "defense in depth."   Many people think "I have a firewall, my network is safe" and "I have antivirus, my PC's are safe."     You need a mix client antivirus, system patching, application updates, backups, e-mail spam filtering, and user education.     None of these have to be expensive.     I think you can still run free Sophos AV on XP.   Make sure no one is logging in with admin rights.     The biggest threat vector-  at least in my work-  seems to be e-mail (either with malicious attachments or phishing links.) Anyway, that is my pitch from my soap box.   You can take it or leave it.

As the old machines wear out, the XP issue will solve itself.

On 10/02/17 10:01, ToddAndMargo via samba wrote:
On 10/02/2017 12:32 AM, Reindl Harald via samba wrote:

Am 02.10.2017 um 07:25 schrieb ToddAndMargo via samba:
On 10/01/2017 10:03 PM, Reindl Harald (mobile) via samba wrote:
sorry but to say it clear: to think a anti-virus can replace a solid operating system is a naive and dangerous attitude

Uhhh,   Why do you not look at infections rates instead of
marketing FUD.  WannaCry did not even touch XP.

so what - beause one specific malware did not proves nothing

The "So What" is the aggregate, not a single instance.  You
missed my point.

Not looking at this from an infection rate standpoint and,
instead, believing what the marketing weasels at M$ tell
you is far more dangerous in my technical opinion.

you seem to confuse me with someone else - i don't use any microsoft stuff for a decade now and i am grown enough to not write M$

That XP is so insecure is a lot of FUD. Again, look at the
infection rates if you want to know what that truth is and
not marketing FUD.

no wonder because nobody right in his brain is using XP any longer on machines connected with a network

Again, it is the aggregate.

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba