Small number of questions about s4
william at blackhats.net.au
Tue Apr 10 06:01:45 UTC 2018
I'm looking at s4 from the point of view as an LDAP server. I have a
number of questions about this content.
* Does samba support userCertificate storage via a set of MS
attributes? AKA userCertificate;binary from netscape ldap or freeipa
* There are a large number of default objects in the directory. Where
is the MS documentation about these and their roles? IE account
operators and the like.
* Does samba have a hardening guide akin to an AD hardening guide?
Would we consider a command that can highlight and detect "best
practices" like hardening options for users IE samba-tool security
check/audit that can also list how to correct the issue? One that comes
to mind is the "default users can join 10 machines to a domain" or
"Guest account enabled".
* Is there a way to check replication health and consistency
* Do you update internal database formats on startup or via scripts
triggered on an upgrade?
* Where are the MS schema syntax documents?
Thank you, I'm sure I'll have more questions soon,
More information about the samba-technical