[Samba] improving gpo application security

Marcos Ariel Negrini mnegrini at afip.gob.ar
Tue Sep 7 12:39:03 UTC 2021


First of all, apologise for my English, and I hope you can understand my 
I have been analysing the security offered by GPO's application, I read 
several articles such as 
and it is clear that the use of GPO's is not intended to distribute 
critical data.
I'm trying to improve the security of sysvol (e.g. users without special 
privileges cannot browse and download the content of sysvol or netlogon) 
and the comunication protocol used by the GPO (encrypt from the server 
to the workstation).
Is there any implementation you recommend that would improve the 
security of the information stored in sysvol and its comunication 
between AD servers and workstations?

Thank you very much.


More information about the samba mailing list