> But now there is a real problem. There is a domain user root. If the > domain is present, we can login to the client with putting simple > "root" as a username, and using domain password. And we are actually > getting uid 0, so we are real root, not just dorm user with > funny-looking username. > Of course this behaviour is great for normal (unprivileaged) user > account, but not for root account. > So, domain operators can have root domain acocunt and this way get > root acces to all linux boxes with this setup. > > Does anyone know how can I stop it? > I'll post configs if requested, but maybe it is just a simple problem...
man slapd-access -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba