[Samba] Samba 4 "Trigger" when user is created???

Rowland Penny rowlandpenny at googlemail.com
Fri Nov 14 14:12:29 MST 2014

On 14/11/14 20:41, John Yocum wrote:
> On 11/14/2014 12:23 PM, Greg Zartman wrote:
>> On Fri, Nov 14, 2014 at 1:40 AM, Andrew Bartlett <abartlet at samba.org> wrote:
>>> I agree we can improve in this area.  We wouldn't match AD any more -
>>> all the servers would have to be matching Samba servers - but we should
>>> do better.  Ideally we would re-use the existing option, to keep things
>>> consistent.
>> Thanks for the insight Andrew.
>> It would seem that the best way for a project like SME Server to deal with
>> this in the short term is to block RSAT management of the Active Directory.
>> We really can't have half baked users showing up on the system.  Others
>> have suggested scanning the AD and checking for new users ever so often,
>> but this just doesn't seem like a solution.
> I don't think you can just block a couple ports without breaking a bunch
> of stuff. Active Directory Users and Computers appears to use ports 389
> and 445. Both are which are necessary for AD to work.
I wondered when somebody was going to realise this, ADUC is just a GUI, 
a bit like a swan, gliding along serenely, but under the water, paddling 
like hell :-)
ADUC must work like samba-tool does, it connects to AD and alters it, 
just how are you going to stop that ????:-\


More information about the samba mailing list