[Samba] Access to shares for authenticated domain users only
Andrew Bartlett
abartlet at samba.org
Fri Mar 28 07:18:27 GMT 2003
On Thu, 2003-03-27 at 23:45, Kevin wrote:
> On Thu, 27 Mar 2003 07:11:55 +0000, Andrew wrote:
>
> >While 'hacks' might be possible, shares are authenticated seperatly to the
> >domain logon, and there is no linkage apart from the fact that the domain
> >logon sets up the default username/pw pair.
> >
> >Fundementally, any restriction imposed by logon script/.pol files can be
> >avoided - you must never trust the client to actually follow their directions...
> >
>
> Thanks Andrew. Point taken. Where would you go for more info on this sort of
> security? In particular I'm trying to avoid unauthorised notebooks etc.
> connecting to the network and then disappearing off home with sensitive data
> from the server on their drives.
Really, the best you can do is per-user passwords, strong passwords,
correctly set permissions, and policies (human policies, not computer
ones :-).
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20030328/66122b2f/attachment.bin
More information about the samba
mailing list