authentication policies in Samba 4.21
Jennifer Sutton
jsutton at samba.org
Mon Nov 4 20:22:09 UTC 2024
On 5/11/24 7:27 am, Stefan Kania via samba-technical wrote:
> Inside the policy (comparing to a Windows AD) I still missing:
> msDS-UserAllowedToAuthenticateFrom
> msDS-ServiceAllowedToAuthenticateFrom
> It's not possible to set this values with samba-tool
Have you tried --user-allowed-to-authenticate-from=SDDL and
--service-allowed-to-authenticate-from=SDDL?
>
> I'm missing:
> msDS-AssignedAuthNPolicySiloBL for all members
You don’t set this on the silo. You assign the members to the silo with
‘samba-tool user auth silo assign <username> [options]’.
Cheers,
Jennifer (she/her)
More information about the samba-technical
mailing list