[Samba] Winbind not respecting GPO based access restrictions?

dmulder at samba.org dmulder at samba.org
Tue Sep 6 14:00:46 UTC 2022

On 9/6/22 7:59 AM, Patrick Goetz via samba <samba at lists.samba.org> wrote:
> Thanks, David. So, a couple of things, given that I know for a fact that 
> Windows admins expect to be able to use security groups to restrict host 
> access:
> I reiterate that sssd is consequently absolutely necessary in an 
> enterprise context when using Samba, particularly with Windows DCs, and 
> it would be helpful to have a Wiki page discussing such an integration. 
> I'm no longer working with Samba in this context (domain users >> people 
> who should have access to file server), or I would do it myself.

We have access controls, just not via that specific mechanism.

> It would be super useful to have a Wiki page detailing exactly what 
> domain group policy features have been implemented. This would help 
> prevent situations like the one I went through a few months ago where I 
> was blind-sided by not being able to use domain GPOs for access 
> restriction.

There is one:

David Mulder

More information about the samba mailing list