[Samba] Samba4 LDAP ACLs - access to POSIX attributes from a non-admin account

Rob McCorkell xenopathic at gmail.com
Sun Dec 16 02:38:53 MST 2012


Sorry for the late reply - was running it through testing in our 
environment. But so far it seems to be working a treat! Thanks for this, 
much appreciated.

Rob

On 15/12/12 16:42, Thomas Simmons wrote:
> Hello Rob,
>
> You can enable anonymous binding to AD by creating the attribute 
> "dsHeuristics" with a value of "0000002001001" under the DN:
> CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration
>
> The Microsoft instructions mention below mention using the ADSI Edit 
> tool on Windows, but it can be done with any LDAP editing tool. I just 
> tested this on S4 and it appears to work.
>
> See: http://technet.microsoft.com/en-us/library/cc816788(v=ws.10).aspx 
> <http://technet.microsoft.com/en-us/library/cc816788%28v=ws.10%29.aspx>
>
>


More information about the samba mailing list