[Samba] Samba 4 "Trigger" when user is created???
Rowland Penny
rowlandpenny at googlemail.com
Fri Nov 14 14:12:29 MST 2014
On 14/11/14 20:41, John Yocum wrote:
> On 11/14/2014 12:23 PM, Greg Zartman wrote:
>> On Fri, Nov 14, 2014 at 1:40 AM, Andrew Bartlett <abartlet at samba.org> wrote:
>>
>>> I agree we can improve in this area. We wouldn't match AD any more -
>>> all the servers would have to be matching Samba servers - but we should
>>> do better. Ideally we would re-use the existing option, to keep things
>>> consistent.
>>>
>> Thanks for the insight Andrew.
>>
>> It would seem that the best way for a project like SME Server to deal with
>> this in the short term is to block RSAT management of the Active Directory.
>>
>> We really can't have half baked users showing up on the system. Others
>> have suggested scanning the AD and checking for new users ever so often,
>> but this just doesn't seem like a solution.
>>
>>
>>
> I don't think you can just block a couple ports without breaking a bunch
> of stuff. Active Directory Users and Computers appears to use ports 389
> and 445. Both are which are necessary for AD to work.
>
I wondered when somebody was going to realise this, ADUC is just a GUI,
a bit like a swan, gliding along serenely, but under the water, paddling
like hell :-)
ADUC must work like samba-tool does, it connects to AD and alters it,
just how are you going to stop that ????:-\
Rowland
More information about the samba
mailing list