[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: smbk5pwd and ppolicy working together

Adam Tauno Williams wrote:
Is your Samba server binding as your manager/admin DN?  Don't do that,
ever.   Create a bind context for Samba and use ACLs to give that
context the access it requires.   I don't know if it will fix Samba
+ppolicy but it is the correct thing to do either way.

Correct. As the slapo-ppolicy(5) manpage states, the admin DN bypasses most policy restrictions.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/