authentication policies in Samba 4.21
Stefan Kania
stefan at kania-online.de
Tue Oct 29 10:49:47 UTC 2024
Am 29.10.24 um 11:27 schrieb Douglas Bagnall:
> We need this to be"msDS-ComputerAllowedToAuthenticateTo::".
>
> Because the thing you want to control authentication to is a computer.
I will look it up in a Microsoft environmet if it's the same there.
Because I think it should be "UsersAllowedToAuthenticateTo". But even in
the most Microsoft manuals the policy stuff is not very good documented.
But that did it :-) Now I can only login on computers not a member of
the silo (And getting the right message) . I will try it later on to do
it wit != to change the behavior so that users can only login to
computer which are member of the silo
but the problem with the ticket-livetime still exists.
I will write a little howto if everything is tested again.
Thank's so far
Stefan
--
Stefan Kania
Landweg 13
25693 St. Michaelisdonn
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x52F6D4DD1BB68AB5.asc
Type: application/pgp-keys
Size: 636 bytes
Desc: OpenPGP public key
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20241029/de52cdcb/OpenPGP_0x52F6D4DD1BB68AB5.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20241029/de52cdcb/OpenPGP_signature.sig>
More information about the samba-technical
mailing list