[Samba] Snipe-IT ldap integration / Create read only user

Sébastien Le Ray sebastien-samba at orniz.org
Tue Jan 26 16:59:23 UTC 2016

Le 26/01/2016 14:09, Rowland penny a écrit :
> In which case it is easy, especially as the page you linked to has 
> 'Example'  above the user DN you posted.
> Using your favourite way of creating AD users, create a user, that's 
> it! The user will have read-only access to AD and read/write access to 
> its own AD object.
> You should be aware that the user, by default, will be created in 
> 'CN=Users,DC=example,DC=com' not in 'DC=example,DC=com' as shown on 
> the linked page

You may also add a GPO to prevent such users to log in by putting them 
in a specific group and list it in « prevent local login »/« prevent TSE 
login » (inaccurate translation)


More information about the samba mailing list