On Sun, 2005-10-02 at 13:09 +0200, Florian Effenberger wrote: > Hello, > > I run Samba 3.0.20a with Windows XP Professional SP2 client. I found out > that when a normal (i.e. not domain administrator) user runs the old > Windows NT 4 user client, it can retrieve the whole list of usernames > and fullnames. > > Can that be prohibited in any way?
Not without breaking functionality. See, any user should be able to run the ACL editor, and assign rights to users and groups. You could modify code to lock this down, but I would be worried about the consequences, as well as what other mean (direct LDAP query, for example) you would also need to lock down. I know this is difficult in strict privacy environments. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc. http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
