smeserver/smeserver-samba
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* Thu Nov 14 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-8.sme

Browse Source 
- disable access to list of users without being logged in [SME: 12765]
This commit is contained in:
Jean-Philippe Pialasse
2024-11-14 08:54:40 -05:00
parent 91e94fa6df
commit 452d0ba960
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
root/etc/e-smith/templates/etc/smb.conf/11anonymous
View File

@@ -1,8 +1,8 @@
{
# 0 allows to retrieve the list of users without being logged on the domain
# 1 will disable anonymous SAMR access.
# 2 will, in addition to restricting SAMR access, disallow anonymous connections to the IPC$ share in general.
# 1 will disable anonymous SAMR access. (including user enumeration)
# 2 will, in addition to restricting SAMR access, disallow anonymous connections to the IPC$ share in general. (preventing login to smb PDC)
# The option also affects the browse option which is required by legacy clients which rely on Netbios browsing.
# While modern Windows version should be fine with restricting the access there could still be applications relying on anonymous access.
}
restrict anonymous = 2
restrict anonymous = 1