[Samba] Access to shares for authenticated domain users only
abartlet at samba.org
Fri Mar 28 07:18:27 GMT 2003
On Thu, 2003-03-27 at 23:45, Kevin wrote:
> On Thu, 27 Mar 2003 07:11:55 +0000, Andrew wrote:
> >While 'hacks' might be possible, shares are authenticated seperatly to the
> >domain logon, and there is no linkage apart from the fact that the domain
> >logon sets up the default username/pw pair.
> >Fundementally, any restriction imposed by logon script/.pol files can be
> >avoided - you must never trust the client to actually follow their directions...
> Thanks Andrew. Point taken. Where would you go for more info on this sort of
> security? In particular I'm trying to avoid unauthorised notebooks etc.
> connecting to the network and then disappearing off home with sensitive data
> from the server on their drives.
Really, the best you can do is per-user passwords, strong passwords,
correctly set permissions, and policies (human policies, not computer
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20030328/66122b2f/attachment.bin
More information about the samba