[PATCH] Update 'restrict anonymous' in smb.conf.5 manpage
dcardon at tranquil.it
Wed Feb 6 17:31:17 UTC 2019
> I had some questions about this options so I've looked at the code and updated
> the manpage accordingly.
> Review is much appreciated.
It would be great if we could have this value switched to 2 by default
(at least for domain controllers).
SAMR Anonymous access is red flagged by vulnerability scanner as it
allows to get the list of domain users and groups without any
authentication. It sadly does not give a nice perception of Samba AD
when people forget to change it and then discover their blunder during
their next security audit :-)
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 22.214.171.124.55
Samba install wiki for Frenchies : https://dev.tranquil.it
WAPT, software deployment made easy : https://wapt.fr
More information about the samba-technical