Tâche #28169
Scénario #27913: SETH DC : Conserver le même mapping RID - UID/GID entre tous les DC
Protéger l'AD Seth contre rpclient
100%
Description
Ajouter 'restrict anonymous = 2' dans les msb.conf des DC
Related issues
Associated revisions
Ajouter 'restrict anonymous = 2' dans les smb.conf
REF #28169
Ajouter 'restrict anonymous = 2' dans les smb.conf
REF #28169
Cherry-picked from eole-ad-dc:d1f8ed32
History
#1 Updated by Gilles Grandgérard about 4 years ago
sans le parametre :
rpcclient -U "" -N -c enumdomusers 192.168.232.6
user:[Administrator] rid:[0x1f4]
user:[Guest] rid:[0x1f5]
user:[krbtgt] rid:[0x1f6]
user:[admin] rid:[0x44f]
user:[ggrandgerard] rid:[0x453]
user:[luc] rid:[0x454]
user:[gilles] rid:[0x455]
user:[barco] rid:[0x457]
user:[dns-dc1] rid:[0x459]
user:[dns-dc2] rid:[0x641]
ajout parametre 'restrict anonymous = 2'
smbcontrol all reload-config
rpcclient -U "" -N -c enumdomusers 192.168.232.6
Cannot connect to server. Error was NT_STATUS_ACCESS_DENIED
> OK
rpcclient -P -N -c enumdomusers 192.168.232.6
> OK avec le compte de machine
#2 Updated by Gilles Grandgérard about 4 years ago
- Status changed from Nouveau to Résolu
#3 Updated by Gilles Grandgérard about 4 years ago
- Status changed from Résolu to Fermé
- Remaining (hours) set to 0.0
#4 Updated by Joël Cuissinat almost 4 years ago
- % Done changed from 0 to 100
- Estimated time set to 0.00 h
#5 Updated by Joël Cuissinat almost 4 years ago
- Related to Tâche #28670: Options à ajouter dans la configuration Samba du conteneur ADDC added
#6 Updated by Joël Cuissinat over 3 years ago
- Related to Tâche #29367: Correctif de sécurité samba (EOLE < 2.7.1) added