[Samba] rename Administrator account
Marc Muehlfeld
mmuehlfeld at samba.org
Sat Mar 18 14:21:05 UTC 2017
Am 17.03.2017 um 15:52 schrieb Bart Coninckx via samba:
> Renaming the admin account in Windows server context is a
> popular measure to make the network more safe.
>
> Can we do this also in Samba 4? Are there any negative consequences?
Sure you can rename it. Being a member of the right groups decite what
an account can do.
However, I don't understand how renaming the admin account improves the
security. For example, every domain user can easily find out who is a
member of the "Domain Admins" group:
> dsquery group -name "Domain Admins" | dsget group -members
"CN=DomAdm,CN=Users,DC=samdom,DC=example,DC=com"
Regards,
Marc
PS. By the way talking about "Samba 4" can be misleading. It's better if
you use the terms "Samba AD", "Samba NT4 domain", "Samba standalone
server", "Samba domain member", etc. depending on what you are talking
about. Samba 4 can act as all of them.
More information about the samba
mailing list