Hello,
I run a Samba 2.2.3a server with XP clients successfully. I am aware of the
fact that XP
restricts access to some of its users (local) in regards to some programs. I am
unsure which
programs these are but MSN Messenger might be one of them. I think I heard
guest users are
not allowed to use MSN Messenger under XP by default.
Now I have trouble to get MSN Messenger to start under XP for certain users:
Administrator (local) can start MSN Messenger.
marcel (domain user and domain admin group member) can start MSN Messenger.
anna (domain user) cannot start MSN Messenger.
guest (guest domain user) cannot start MSN Messenger.
I have had a look at the registry options, the file executable permissions, the
local
security policies set on the XP machine and web sites but I cannot find a way
to give access
to all user for MSN Messenger or another messaging service like Yahoo Pager.
I included some data I have collected from my setup at the end of the email.
(Note: domain user 'marcel' is in the group "ntadmin" and I
could add all my
other users to
this group to make them able to start MSN Messenger but I would remove any
security and file
protections from the XP machine therefore since all users then become
administrators.)
Thanks for the help,
Marcel
Permissions on local box:
c:\program files\messenger\msmsgsin.exe:
administrator(local/administrators) full
everyone read/execute, read
power users (local/power users) modify,read/execute,read,write
system full
users (local/users) read/execute,read
c:\program files\messenger\msmsgs.exe:
administrator(local/administrators) full
everyone read/execute, read
power users (local/power users) modify,read/execute,read,write
system full
users (local/users) read/execute,read
C:\Documents and Settings\All Users\Start Menu\Programs\windows messenger: (a
shortcut)
target: "C:\Program Files\Messenger\msmsgs.exe"
start in: %HOMEDRIVE%%HOMEPATH%
administrator(local/administrators) full
everyone read/execute, read
power users (local/power users) modify,read/execute,read,write
system full
users (local/users) read/execute,read
Local Security Policy:
Network access: Let Everyone permissions apply to anonymous users. ENABLED
registry entries for hkey_local_machine/software/microsoft/messenger_service
have been
untouched.
# cat /etc/samba/smb.conf
[global]
workgroup = MYWORKGROUP
netbios name = MAIL
server string = Samba %v on %L
interfaces = 192.168.1.1/24 127.0.0.0/24
encrypt passwords = Yes
update encrypted = Yes
null passwords = Yes
passwd program = /usr/bin/passwd %u
passwd chat debug = Yes
unix password sync = Yes
log file = /var/log/samba-log.%m
time server = Yes
keepalive = 30
domain admin group = @ntadmin
logon script = %U.bat
logon path = \\%L\profiles\%U
logon drive = z:
domain logons = Yes
os level = 33
preferred master = True
domain master = True
kernel oplocks = No
guest account = guest
hosts allow = 192.168.1., 127.
printing = lprng
print command = /usr/bin/lpr -P%p -r %s
lpq command = /usr/bin/lpq -P%p
lprm command = /usr/bin/lprm -P%p %j
lppause command = /usr/sbin/lpc hold %p %j
lpresume command = /usr/sbin/lpc release %p %j
queuepause command = /usr/sbin/lpc -P%p stop
queueresume command = /usr/sbin/lpc -P%p start
browseable = No
[homes]
comment = %U Home Directory
read only = No
veto files = /.?*/
[netlogon]
comment = The Domain Logon Service
path = /etc/samba/logon
[profiles]
comment = NT Profile Storage
path = /home/ntprofiles
read only = No
# groups marcel
marcel : users ntadmin
# groups anna
anna : users
# groups guest
guest : guest
Hi, I'm not sure what this had to do with Samba but I'm not a NT guru.. I know there is a think like 'local user policies' I had to take a look there to let a regular user burn CD's. Mabe there is something in there for MSN aswell. Wy not ask MS? Most of the time they did give my a answer although about 80-90% was correct and the rest was incorrect. Ries Marcel Kunath wrote:> > Hello, > > I run a Samba 2.2.3a server with XP clients successfully. I am aware of the > fact that XP > > restricts access to some of its users (local) in regards to some programs. I am > unsure which > > programs these are but MSN Messenger might be one of them. I think I heard > guest users are > > not allowed to use MSN Messenger under XP by default. > > Now I have trouble to get MSN Messenger to start under XP for certain users: > > Administrator (local) can start MSN Messenger. > marcel (domain user and domain admin group member) can start MSN Messenger. > anna (domain user) cannot start MSN Messenger. > guest (guest domain user) cannot start MSN Messenger. > > I have had a look at the registry options, the file executable permissions, the > local > > security policies set on the XP machine and web sites but I cannot find a way > to give access > > to all user for MSN Messenger or another messaging service like Yahoo Pager. > > I included some data I have collected from my setup at the end of the email. > > (Note: domain user 'marcel' is in the group "ntadmin" and I could add all my > other users to > > this group to make them able to start MSN Messenger but I would remove any > security and file > > protections from the XP machine therefore since all users then become > administrators.) > > Thanks for the help, > > Marcel > > Permissions on local box: > > c:\program files\messenger\msmsgsin.exe: > > administrator(local/administrators) full > everyone read/execute, read > power users (local/power users) modify,read/execute,read,write > system full > users (local/users) read/execute,read > > c:\program files\messenger\msmsgs.exe: > > administrator(local/administrators) full > everyone read/execute, read > power users (local/power users) modify,read/execute,read,write > system full > users (local/users) read/execute,read > > C:\Documents and Settings\All Users\Start Menu\Programs\windows messenger: (a > shortcut) > > target: "C:\Program Files\Messenger\msmsgs.exe" > > start in: %HOMEDRIVE%%HOMEPATH% > > administrator(local/administrators) full > everyone read/execute, read > power users (local/power users) modify,read/execute,read,write > system full > users (local/users) read/execute,read > > Local Security Policy: > > Network access: Let Everyone permissions apply to anonymous users. ENABLED > > registry entries for hkey_local_machine/software/microsoft/messenger_service > have been > > untouched. > > # cat /etc/samba/smb.conf > [global] > workgroup = MYWORKGROUP > netbios name = MAIL > server string = Samba %v on %L > interfaces = 192.168.1.1/24 127.0.0.0/24 > encrypt passwords = Yes > update encrypted = Yes > null passwords = Yes > passwd program = /usr/bin/passwd %u > passwd chat debug = Yes > unix password sync = Yes > log file = /var/log/samba-log.%m > time server = Yes > keepalive = 30 > domain admin group = @ntadmin > logon script = %U.bat > logon path = \\%L\profiles\%U > logon drive = z: > domain logons = Yes > os level = 33 > preferred master = True > domain master = True > kernel oplocks = No > guest account = guest > hosts allow = 192.168.1., 127. > printing = lprng > print command = /usr/bin/lpr -P%p -r %s > lpq command = /usr/bin/lpq -P%p > lprm command = /usr/bin/lprm -P%p %j > lppause command = /usr/sbin/lpc hold %p %j > lpresume command = /usr/sbin/lpc release %p %j > queuepause command = /usr/sbin/lpc -P%p stop > queueresume command = /usr/sbin/lpc -P%p start > browseable = No > > [homes] > comment = %U Home Directory > read only = No > veto files = /.?*/ > > [netlogon] > comment = The Domain Logon Service > path = /etc/samba/logon > > [profiles] > comment = NT Profile Storage > path = /home/ntprofiles > read only = No > > # groups marcel > marcel : users ntadmin > # groups anna > anna : users > # groups guest > guest : guest > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba
I'm having exactly the same problem with MSN Messenger on WinXP pro, Ordinary domain users also cannot start MS Office. If I find out what's going on I'll let you know, but please let me know if you have any news too. Thanks, Alessandro ----- Original Message ----- From: "Marcel Kunath" <kunathma@pilot.msu.edu> To: <samba@samba.org> Sent: Thursday, February 21, 2002 6:46 PM Subject: [Samba] Samba PDC and MSN Messenger> Hello, > > I run a Samba 2.2.3a server with XP clients successfully. I am aware ofthe> fact that XP > > restricts access to some of its users (local) in regards to some programs.I am> unsure which > > programs these are but MSN Messenger might be one of them. I think I heard > guest users are > > not allowed to use MSN Messenger under XP by default. > > Now I have trouble to get MSN Messenger to start under XP for certainusers:> > Administrator (local) can start MSN Messenger. > marcel (domain user and domain admin group member) can start MSNMessenger.> anna (domain user) cannot start MSN Messenger. > guest (guest domain user) cannot start MSN Messenger. > > I have had a look at the registry options, the file executablepermissions, the> local > > security policies set on the XP machine and web sites but I cannot find away> to give access > > to all user for MSN Messenger or another messaging service like YahooPager.> > I included some data I have collected from my setup at the end of theemail.> > (Note: domain user 'marcel' is in the group "ntadmin" and I could add allmy> other users to > > this group to make them able to start MSN Messenger but I would remove any > security and file > > protections from the XP machine therefore since all users then become > administrators.) > > > Thanks for the help, > > Marcel > > > > Permissions on local box: > > c:\program files\messenger\msmsgsin.exe: > > administrator(local/administrators) full > everyone read/execute, read > power users (local/power users) modify,read/execute,read,write > system full > users (local/users) read/execute,read > > c:\program files\messenger\msmsgs.exe: > > administrator(local/administrators) full > everyone read/execute, read > power users (local/power users) modify,read/execute,read,write > system full > users (local/users) read/execute,read > > C:\Documents and Settings\All Users\Start Menu\Programs\windows messenger:(a> shortcut) > > target: "C:\Program Files\Messenger\msmsgs.exe" > > start in: %HOMEDRIVE%%HOMEPATH% > > administrator(local/administrators) full > everyone read/execute, read > power users (local/power users) modify,read/execute,read,write > system full > users (local/users) read/execute,read > > > Local Security Policy: > > Network access: Let Everyone permissions apply to anonymous users. ENABLED > > > registry entries forhkey_local_machine/software/microsoft/messenger_service> have been > > untouched. > > > # cat /etc/samba/smb.conf > [global] > workgroup = MYWORKGROUP > netbios name = MAIL > server string = Samba %v on %L > interfaces = 192.168.1.1/24 127.0.0.0/24 > encrypt passwords = Yes > update encrypted = Yes > null passwords = Yes > passwd program = /usr/bin/passwd %u > passwd chat debug = Yes > unix password sync = Yes > log file = /var/log/samba-log.%m > time server = Yes > keepalive = 30 > domain admin group = @ntadmin > logon script = %U.bat > logon path = \\%L\profiles\%U > logon drive = z: > domain logons = Yes > os level = 33 > preferred master = True > domain master = True > kernel oplocks = No > guest account = guest > hosts allow = 192.168.1., 127. > printing = lprng > print command = /usr/bin/lpr -P%p -r %s > lpq command = /usr/bin/lpq -P%p > lprm command = /usr/bin/lprm -P%p %j > lppause command = /usr/sbin/lpc hold %p %j > lpresume command = /usr/sbin/lpc release %p %j > queuepause command = /usr/sbin/lpc -P%p stop > queueresume command = /usr/sbin/lpc -P%p start > browseable = No > > [homes] > comment = %U Home Directory > read only = No > veto files = /.?*/ > > [netlogon] > comment = The Domain Logon Service > path = /etc/samba/logon > > [profiles] > comment = NT Profile Storage > path = /home/ntprofiles > read only = No > > # groups marcel > marcel : users ntadmin > # groups anna > anna : users > # groups guest > guest : guest > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >