[Samba] Samba 4 Restrict User Create
mmuehlfeld at samba.org
Fri Nov 14 11:24:00 MST 2014
Am 14.11.2014 um 06:33 schrieb Greg Zartman:
> Is it possible to restrict where users can be created in a Samba 4 AD
You can use directory ACLs and delegations in ADUC, to set permissions
on the domain/OUs/etc.
> What if I want to restrict user creation to only the server where samba is
This isn't very specific. Can you give a concrete example, please?
If you are talking about a Samba AD DC: All AD users are stored inside
the AD. With that, they are domain/forest wide available - depending on
your Member Server/client configuration.
If you're talking about local users on Member Server: This is already
limited. Use privileges to define who is allowed to create local
accounts on Members.
More information about the samba