[Samba] DM: samba 4.5 -> 4.8, guest access and machine account access troubles.

L.P.H. van Belle belle at bazuin.nl
Fri Sep 28 15:17:38 UTC 2018

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Marco Gaiarin via samba
> Verzonden: vrijdag 28 september 2018 17:04
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] DM: samba 4.5 -> 4.8, guest access and 
> machine account access troubles.
> Mandi! L.P.H. van Belle via samba
>   In chel di` si favelave...
> Ahem, i come back here.
> > > I'm simply asking why the behaviour changed between 4.5 and 4.8...
> > This somewhere started in 4.6.
> > These changes where needed due to security leaks. 
> > See: 
> > https://www.samba.org/samba/history/security.html 
> > 24 May 2017 and up. 
> I've read all security announcments from 24 May 2017 and up, but found
> nothing that seems me relevant (eg, found nothing abount guest access,
> user mapping, default domain or something like these).

Ow, but i did mean almost all these CVE are related. 
There where just to many things to lookup and go through all the code changes. 

There was also a problem with mapping DOMIN\user to user 
Its just to many to go through all these changes...
Maybe Rowland memory is better here.. 

> > If i could make it better for you i would, but it is as it is. 
> And really still i don't understood why 'winbind use default 
> domain = yes'
> could not apply only to 'current' domain (eg workgroup = LNFFVG), as,
> seems to me, say the manpage (and as was before).

This, i dont know, but its weekend now and my brains are powering off..  
Only 2 people left in the office here... Im closing now ... 

I'll have a good look after the weekend, if nobody else got you an decent answer.



More information about the samba mailing list