I'm needing to prevent null sid enumeration for pci reasons. It's a samba pdc
that authenticates against an openldap backend. I restrict anonymous set to 1
but I'm still able to pull sid's using cain. I've set it to 2, but as you might
expect, no one could login via windows. On the ldap end, I restricted sambaSID
attributes from being shown when searching anonymously, but that didn't help.
What else can I do to prevent null sid enumeration?
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
