Small number of questions about s4

William Brown william at
Tue Apr 10 06:01:45 UTC 2018


I'm looking at s4 from the point of view as an LDAP server. I have a
number of questions about this content.

* Does samba support userCertificate storage via a set of MS
attributes? AKA userCertificate;binary from netscape ldap or freeipa

* There are a large number of default objects in the directory. Where
is the MS documentation about these and their roles? IE account
operators and the like.

* Does samba have a hardening guide akin to an AD hardening guide?
Would we consider a command that can highlight and detect "best
practices" like hardening options for users IE samba-tool security
check/audit that can also list how to correct the issue? One that comes
to mind is the "default users can join 10 machines to a domain" or
"Guest account enabled".

* Is there a way to check replication health and consistency

* Do you update internal database formats on startup or via scripts
triggered on an upgrade?

* Where are the MS schema syntax documents?

Thank you, I'm sure I'll have more questions soon,

William Brown

More information about the samba-technical mailing list