Setting this deprecated option will allow the RPC server in the AD DC to answer the LSARPC interface on the \pipe\netlogon IPC pipe.
When enabled, this matches the behaviour of Microsoft's Windows, due to their internal implementation choices.
If it is disabled (the default), the AD DC can offer improved performance, as the netlogon server is decoupled and can run as multiple processes.
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Samba\smb_conf\lsa over netlogon |
Value Name | lsa over netlogon |
Value Type | REG_DWORD |
Default Value | 0 |
True Value | 1 |
False Value | 0 |