[Samba] Samba 4 Restrict User Create
Marc Muehlfeld
mmuehlfeld at samba.org
Sat Nov 15 06:57:20 MST 2014
Hello Greg,
Am 14.11.2014 um 21:11 schrieb Greg Zartman:
>>> What if I want to restrict user creation to only the server where samba
>> is running?
>>
>> This isn't very specific. Can you give a concrete example, please?
>>
>
> I would like to restrict create user to only the Samba AD DC machine.
Active Directory is a multi direction replicating database. All changes
done on one DC in the AD, are replicated to all other DCs. So why you
want to limit?
> One option is to block the port of RSAT so that it can't talk to Samba, but
> it would be better if we could restrict such access within Samba itself.
RSAT uses LDAP (389/tcp) to talk to the DCs. If you block that port,
then your complete AD would not work (domain logons, replication etc.)
I still don't understand, what the goal is, you want to reach with your
request.
Regards,
Marc
More information about the samba
mailing list