[Samba] anonymous ldap search, how disable it?
Rowland Penny
rpenny at samba.org
Wed Jul 3 17:36:22 UTC 2024
On Wed, 3 Jul 2024 21:52:39 +0500
Anton Shevtsov via samba <samba at lists.samba.org> wrote:
> Hi,
>
> I tried ldap anonymous search in samba.
>
> Downloaded kali linux, run
>
> enum4linux -a my.dc.domain
>
> and get all group, users, sids, rids... without any password o_O
I do not think you are using ldap there, unless you explicitly set
anonymous search in AD, you must supply a valid username & password, or
use kerberos.
Rowland
More information about the samba
mailing list