[Samba] Best practice for creating an RO LDAP User in AD...
Marco Gaiarin
gaio at sv.lnf.it
Tue Nov 7 17:23:46 UTC 2017
Mandi! Denis Cardon via samba
In chel di` si favelave...
Sorry, i came back on that a bit later...
> >Some other hint? For example, there's some way to disable logon for the
> >user, but have LDAP auth work as expected?
> You can put your service accounts in an OU and add a GPO that deny
> logon/services/tasks locally.
I've tried to google around a bit but i'm a bit confused. The thing
that seems to me what you are saying is:
https://4sysops.com/archives/deny-and-allow-workstation-logons-with-group-policy/
right?
> If you are using those account on a windows computer, you could use managed
> account [1] (I haven't tried it yet).
> [1] https://technet.microsoft.com/en-us/library/dd548356(v=ws.10).aspx
I'll keep for a future read. Thanks!
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list