[Samba] samba4 anonymous ldap search
Andrew Bartlett
abartlet at samba.org
Thu Jan 30 16:18:16 MST 2014
On Fri, 2014-01-17 at 14:49 +0100, mourik jan heupink wrote:
> Hi,
>
> I found some discussion here in 2010 about allowing/disallowing
> anonymous ldap access in samba4, however, nothing much recent comes up.
>
> I see that my samba4 does not allow anonymous access. Is there a way to
> enable it in samba4, like the way we had it with samba3/openldap?
>
> (we restricted access to sensitive info, but allowed anon search access
> to many user details like mail addresses, etc, etc)
While there are many good reasons to do or not do this, Samba follows
AD, including honouring the dsHuristics flag for this.
http://support.microsoft.com/kb/326690
However, it is better to authenticate, and Kerberos if used correctly
can make that transparent.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list