[PATCH] Turn off NETLOGON by default on standalone/member servers
Andrew Bartlett
abartlet at samba.org
Mon Feb 23 18:17:27 MST 2015
Our security advisory at
https://www.samba.org/samba/security/CVE-2015-0240 suggests
>
> ==========
> Workaround
> ==========
>
> On Samba versions 4.0.0 and above, add the line:
>
> rpc_server:netlogon=disabled
>
> to the [global] section of your smb.conf.
This patch enforces that, turning off NETLOGON when we are not a DC.
Jeremy,
Can you check this doesn't break anything? (I'm running an autobuild,
but I'm not sure that will find anything much for this).
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-s3-param-Turn-off-the-NETLOGON-server-by-default-in-.patch
Type: text/x-patch
Size: 1224 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150224/e4df17ad/attachment.bin>
More information about the samba-technical
mailing list