[Samba] new audit support in 4.9

Stefan Kania stefan at kania-online.de
Sun Oct 14 09:41:33 UTC 2018


Hello,
I tried to set up the new audit support options so I put the following
line in the smb.conf file of all my ADDCs:
------------------
# Global parameters
[global]
        netbios name = ADDC-02
        realm = EXAMPLE.NET
        server role = active directory domain controller
        server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl, winbindd, ntp_signd, kcc, dnsupdate
        workgroup = EXAMPLE
        interfaces = 192.168.56.152
        bind interfaces only = yes
        log level = 1 auth_audit:3 auth_json_audit:3
dsdb_password_audit:4 dsdb_password_json_audit:4 dsdb_group_audit:4
dsdb_group_json_audit:4

[netlogon]
        path = /var/lib/samba/sysvol/example.net/scripts
        read only = yes

[sysvol]
        path = /var/lib/samba/sysvol
        read only = yes

------------------
As you can see, I activated the log level. I tried it with log level 1,
2, 3, 4 and 5. But I only got outputs from auth_audit :-(. What else do
I have to do to see the changes to groups and the passwords?

Thanks
Stefan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20181014/061d6f09/signature.sig>


More information about the samba mailing list