[Samba] samba4 anonymous ldap search

Andrew Bartlett abartlet at samba.org
Thu Jan 30 16:18:16 MST 2014

On Fri, 2014-01-17 at 14:49 +0100, mourik jan heupink wrote:
> Hi,
> I found some discussion here in 2010 about allowing/disallowing 
> anonymous ldap access in samba4, however, nothing much recent comes up.
> I see that my samba4 does not allow anonymous access. Is there a way to 
> enable it in samba4, like the way we had it with samba3/openldap?
> (we restricted access to sensitive info, but allowed anon search access 
> to many user details like mail addresses, etc, etc)

While there are many good reasons to do or not do this, Samba follows
AD, including honouring the dsHuristics flag for this.

However, it is better to authenticate, and Kerberos if used correctly
can make that transparent.

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list