[Samba] Security question on Domain admins in Samba PDC

Eirik Thorsnes eirik.thorsnes at fys.uib.no
Wed Jan 22 10:13:01 GMT 2003


Is there some documentation on the access level of domain admins and the
root user in a Samba PDC?

More to the point: What is the potential damage one can expect with the
loss of a domain admin password and a samba root password (not identical
to the unix root password) respectively? Is it possible to get files
outside of the exported shares (e.g. passwd, smbpasswd) ?

The reason I'm asking is that I recently read a report of a compromise
of a Windows PDC (all passwords extracted / compromised) that was due to
the loss of a domain admin account.

Eirik Thorsnes

-- 
The story so far:
In the beginning the Universe was created. This has made a lot of
people very angry and has been widely regarded as a bad move.
--- Douglas Adams "The Hitchhikers Guide to the Galaxy"




More information about the samba mailing list