[Samba] Access to ldb with simpleSecurityObject
qgibeaux at iris-tech.fr
Fri Jul 4 06:50:59 MDT 2014
On 04/07/2014 13:04, Andrew Bartlett wrote:
> On Mon, 2014-06-30 at 12:05 +0200, Quentin Gibeaux wrote:
>> I'd like to use simpleSecurityObject (that aren't 'user') to manage
>> entries from cron, cgi and so on, without allowing this user to login on
>> windows clients, samba shares, etc. I'm afraid that won't be possible,
>> but i might be wrong.
> No, it's not possible in Samba. A user is a user, as far as AD is
> Andrew Bartlett
Thanks for the answer.
So how can I limit rights for a specific user ? I've already denied the
rights of this ldb-only user with gpo (can't connect on machine) and
smb.conf (invalid -user = someone), but he might still access to some
services : I'd prefer to express the allows rather than the denies .
There's no right like «rw to ldb objects» that can be set somewhere (in
AD or conf) ?
More information about the samba