[PATCH] Update 'restrict anonymous' in smb.conf.5 manpage
Denis Cardon
dcardon at tranquil.it
Wed Feb 6 17:31:17 UTC 2019
Hi Andreas,
>
> I had some questions about this options so I've looked at the code and updated
> the manpage accordingly.
>
> Review is much appreciated.
---
<value type="default">0</value>
---
It would be great if we could have this value switched to 2 by default
(at least for domain controllers).
SAMR Anonymous access is red flagged by vulnerability scanner as it
allows to get the list of domain users and groups without any
authentication. It sadly does not give a nice perception of Samba AD
when people forget to change it and then discover their blunder during
their next security audit :-)
Cheers,
Denis
>
> Thanks,
>
>
> Andreas
>
--
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint SĂ©bastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil.it
Samba install wiki for Frenchies : https://dev.tranquil.it
WAPT, software deployment made easy : https://wapt.fr
More information about the samba-technical
mailing list