[Samba] Winbind not respecting GPO based access restrictions?
dmulder at samba.org
dmulder at samba.org
Tue Sep 6 14:00:46 UTC 2022
On 9/6/22 7:59 AM, Patrick Goetz via samba <samba at lists.samba.org> wrote:
> Thanks, David. So, a couple of things, given that I know for a fact that
> Windows admins expect to be able to use security groups to restrict host
> access:
>
> I reiterate that sssd is consequently absolutely necessary in an
> enterprise context when using Samba, particularly with Windows DCs, and
> it would be helpful to have a Wiki page discussing such an integration.
> I'm no longer working with Samba in this context (domain users >> people
> who should have access to file server), or I would do it myself.
We have access controls, just not via that specific mechanism.
https://wiki.samba.org/index.php/Group_Policy#PAM_Access_Policies
>
> It would be super useful to have a Wiki page detailing exactly what
> domain group policy features have been implemented. This would help
> prevent situations like the one I went through a few months ago where I
> was blind-sided by not being able to use domain GPOs for access
> restriction.
There is one:
https://wiki.samba.org/index.php/Group_Policy
David Mulder
More information about the samba
mailing list