-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 5 Nov 2002, Sean Noonan wrote:
> Hi folks, > > Finally got Samba up and running after many oplock issues and I'm very > pleased. One "detail" left that bothers me. I'm running FreeBSD 4.7-STABLE > on our PDC and every night I'm (root) is emailed a security report. Among > the items reported is: > > Checking for passwordless accounts: > . > . > CLIENT01$::1134:1134::0:0:Machine CLIENT01:/dev/null:/sbin/nologin > . > > Should I be telling myself this is okay, since it's mitigated by using the > /sbin/nologin shell? Since the machine has already successfully joined the > domain can I now just assign the machine a password? Won't that break the > trust relationship already setup? Can anything be done, or should I just > shrug this one off? The password in /etc/passwd is never used for machine accounts. Just lock the password entry. cheers, jerry --------------------------------------------------------------------- Hewlett-Packard ------------------------- http://www.hp.com SAMBA Team ---------------------- http://www.samba.org GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc ISBN 0-672-32269-2 "SAMS Teach Yourself Samba in 24 Hours" 2ed "I never saved anything for the swim back." Ethan Hawk in Gattaca -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE9ypcjIR7qMdg1EfYRAq+KAKDG3LVTnxofguCxRryxpt88amaGYgCfckGw pFZPRo7FbVwR2Gik1rwhN1o= =0YCb -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
