On Mon, Nov 26, 2001 at 10:03:38PM +1100, Gordon Rowell <[EMAIL PROTECTED]> wrote: > [...] > e-smith-samba-1.1.0-26 is in my contrib area: > > * Mon Nov 26 2001 Gordon Rowell <[EMAIL PROTECTED]> > - [1.1.0-26] > - Templated /etc/samba/smbusers > - Map "Administrator" for domain logons -> admin > - Note: a local (non-domain) logon still gets treated/ignored as guest > - The property smb|AdminstratorAccount (default Administrator) can be > used to specify an alternate Administrator account when that account is > renamed on the Win* clients
Thoughts on this? I've had comments that it is a small win, but potentially a big lose as it may allow Windoze viruses to have access to "admin" shares when they try to attack the "Administrator" account. That in itself is enough to back it out. The other problem is that "admin" will still be needed for the server-manager, so it's only a partial comfort zone improvement. I propose backing this out. If someone wants this map, they can add an smb.conf template fragment and create /etc/samba/smbusers. I propose deleting the existing 11usernameMap which was a comment until the above change. Gordon -- Gordon Rowell [EMAIL PROTECTED] VP Engineering Network Server Solutions Group http://www.e-smith.com Mitel Networks Corporation http://www.mitel.com -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
