----- "Dave Love" <[EMAIL PROTECTED]> wrote: > I don't understand that. If you need LDAP data, as opposed to just > Kerberos authentication, and you're not allowed anonymous access to > it,
Well we were told that AD doesn't permit anonymous access. Bear in mind we're Linux geeks here, not Windows geeks.. ;-) > you either use a `well-known' password on a special account (which > you're probably also not allowed...) Yup, that's what I described as not being permitted. > or the `machine' account. The latter is what you get from > `joining the domain' (e.g. with Samba) Whilst I couldn't be certain I suspect their security policy would have classed that as just being an implementation of the former, and it too would have been locked out after N failed attempts and hence locked out all users. We got the impression that AD didn't permit them to make an exception to this policy either.. :-( cheers, Chris -- Christopher Samuel - (03) 9925 4751 - Systems Manager The Victorian Partnership for Advanced Computing P.O. Box 201, Carlton South, VIC 3053, Australia VPAC is a not-for-profit Registered Research Agency _______________________________________________ Beowulf mailing list, Beowulf@beowulf.org To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
