[Samba] Prevent non domain computer to access samba shares.
sato x
garasi9 at gmail.com
Wed Dec 2 18:58:40 MST 2009
Hi,
I'd like to ask about security in samba. We have a couple of users that use
to login into their computer using local-user names, and then access samba
shares with samba users. Their computer had been joinned into the domain,
before they used their local admin privilleges to dislodge their computer
from the domain. Currently, those computers are still listed in the pdc, if
you'd ask me then.
In the slapd.conf (openpdc backend), we have this configuration:
access to attrs=userPassword,sambaLMPassword,sambaNTPassword
by dnattr=administrator write
by self write
by anonymous auth
by * none
access to *
by * read
Since this is a production server that we use for almost all authentication,
we cannot play with it. Do you guys know what we should do with our samba
file server? Thank you in advance.
Regards,
More information about the samba
mailing list