[Samba] my protected AD, part 2

Stefan G. Weichinger lists at xunil.at
Thu Nov 8 11:22:45 UTC 2018

Am 07.11.18 um 09:57 schrieb Stefan G. Weichinger via samba:
> Some may remember my thread a few months ago, I asked how to set up a
> somehow protected AD:
> I run 2 servers for a department of a company.
> They have a ADS Domain BIGCOMPANY and we want and have to deny access to
> their admins ... although it would be comfortable to run the 2 sambas as
> domain member servers (password policies from upstream etc)
> So I am NOT admin in their domain but have to make sure that only the ~5
> users of the department can access the shares on my sambas.
> ok there is "valid users" per share ... and the linux root user is
> completely separate anyway.
> Would that be enough?


does someone have a clever script to regenerate passwords on a
standalone server?

I'd like to run it via cron once a month ... just to comply to upstream
requirements to rotate passwords ...

More information about the samba mailing list