[Samba] [Samba as AD] ACLs on LDAP attributes?

mathias dufresne infractory at gmail.com
Tue Jun 28 13:07:02 UTC 2016

Hi all,

We are thinking to hide some attribute contents to almost everyone but
those we decide they can read it. It is possible with real LDAP servers as
OpenLDAP but is it with LDAP server shipped with Samba 4 working as AD?

About accessing the whole tree I believe that Samba as AD refuses any
unauthenticated query. Is that true? I did tested that but my search could
be wrong or perhaps the default configuration makes authentication
necessary but this configuration could be changed. In that case I would
know how to change that behaviour to avoid changing it by mistake : )

Best regards,


More information about the samba mailing list