similar to: zerologon affect standalone smb server or not

On 19/09/2020 14:00, Rowland penny via samba wrote: > > On 19/09/2020 13:42, Michael Wandel via samba wrote: >> Hello ML, >> >> are there information about the CVE-2020-1472 , whether this bug also >> infects samba Server without DC configuration (standalone smb Server) ? >> >> I'll did not find any information in the short time and can not decide

Release Announcements --------------------- These are security releases in order to address the following defect: o CVE-2020-1472: Unauthenticated domain takeover via netlogon ("ZeroLogon"). The following applies to Samba used as domain controller only (most seriously the Active Directory DC, but also the classic/NT4-style DC). Installations running Samba as a file server only are

Release Announcements --------------------- These are security releases in order to address the following defect: o CVE-2020-1472: Unauthenticated domain takeover via netlogon ("ZeroLogon"). The following applies to Samba used as domain controller only (most seriously the Active Directory DC, but also the classic/NT4-style DC). Installations running Samba as a file server only are

Hi, I saw https://blog.rapid7.com/2020/09/14/cve-2020-1472-zerologon-critical-privilege-escalation/ and https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472 today and I am wondering what impact if any this has on samba AD domains in particular and samba in general? Is samba using the "vulnerable Netlogon secure channel connection"? Will samba continue to

Release Announcements --------------------- This is the first stable release of the Samba 4.13 release series. Please read the release notes carefully before upgrading. ZeroLogon ========= Please avoid to set "server schannel = no" and "server schannel= auto" on all Samba domain controllers due to the wellknown ZeroLogon issue. For details please see

Release Announcements --------------------- This is the first stable release of the Samba 4.13 release series. Please read the release notes carefully before upgrading. ZeroLogon ========= Please avoid to set "server schannel = no" and "server schannel= auto" on all Samba domain controllers due to the wellknown ZeroLogon issue. For details please see

Hello, I'm using a Samba 4 as domain server and I've a lot of Windows computers that mounts shared drives on another server through GPO applied by user groups. Is there any way to do something similar on a Linux box, or I've to use a local script? Thanks! -- _________________________________________ Daniel Carrasco Marín Ingeniería para la Innovación i2TIC, S.L.

I have a new problem. I'm currently running Samba4 4.4.16 as an AD/DC. I've been running this AD/DC for several years now. I am using redirected folders. Up to now, domain users logging onto any domain member Windows workstation would get their desktop. Recently I discovered that users now only get their desktop on their "usual" workstation, and the Desktop Target is in fact

I tried this. When im creating a folder directly on server, the sticky bit is working. But it does not work when im doing it from windows. # ls -l drwxrws---+ 7 root stickygroup 4096 Mär 5 14:44 00_stickygroup/ Best regards Micha Am 05.03.2018 um 14:15 schrieb Michael Wandel: > IMHO you can use the posix sgid bit.

> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland Penny via samba > Verzonden: woensdag 11 oktober 2017 11:39 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Using GPO to mount shares on Linux > > On Wed, 11 Oct 2017 11:00:59 +0200 > Michael Wandel <m.wandel at t-online.de> wrote: > > >

Thanks for the replies. The tool that we used for testing the security vulnerability is "Nessus". I have glibc version 2.17-78.el7, I saw that CVE-2015-0235 (Ghost) is fixed in this version and I want to apply patch for the vulnerbailities CVE-2015-1472 & CVE-2015-1473. Can you please help me in finding the right version that has fixes for these? Thanks On Sat, Apr 25, 2015 at

I am not sure how to determine the separator, but 'which' shows "/usr/bin/ntlm_auth". I already ran it while on-site. Since it is broken, I cannot remote in. I will have to show up on-site again, possibly Thursday. Lead IT/IS Specialist Reach Technology FP, Inc On 10/27/2015 01:41 PM, Michael Wandel wrote: > Hey, > > On 27.10.2015 17:53, Ryan Ashley wrote: >>

Hi, I just started to set up a test ldap server and followed some tutorials. One topic is the tuning/monitoring of the bdb. So I installed the db4-utils and executed a "db_stat -h /var/lib/ldap/ -m". The answere is no stat, but: db_stat: Program version 4.3 doesn't match environment version db_stat: DB_ENV->open: DB_VERSION_MISMATCH: Database environment version mismatch The

Hi, i'm searching for best practice in configuration a dual head nfs / samba server. At the moment samba 3.6.x is used, an yes i'll know it is EOL. We have the problem if the windows client open a file, the aix nfs client doesn't recognize the lock and overwrite the file. Is there a solution for this or is this the hell of nfs locking ;-) best regards Michael -- Michael Wandel

Dear openssh developers, can you please check, whether the vulnerability of openSSL (CVE-2014-0224): http://www.openssl.org/news/secadv_20140605.txt openssh affects? Many thanks Van Cu Truong Tel.: +49 (211) 399 33598 Mobile: +49 (163) 1651728 cu.truongl at atos.net<mailto:cu.truongl at atos.net> Otto-Hahn-Ring 6 81739 M?nchen, Deutschland de.atos.net

Thank you, Rowland. I will be going by this afternoon and I will check. The thing is, if it IS "\", how do I enter that into the pptp-options file? The entire list of parameters are in quotes, so do I need a double-backslah or anything? Lead IT/IS Specialist Reach Technology FP, Inc On 10/27/2015 05:21 PM, Rowland Penny wrote: > On 27/10/15 21:05, Ryan Ashley wrote: >> I am

On Tue, 27 Mar 2018 13:38:56 -0400 Mark Foley wrote: > > On Mon, 26 Mar 2018 08:08:53 +0200 Michael Wandel <m.wandel at t-online.de> wrote: > > > > Am 26.03.2018 um 06:31 schrieb Mark Foley via samba: > > > As a normal user, I want to change my Domain Password. I've tried: > > > > > > $ samba-tool user setpassword myuserId

Hey, we are using rhel7 with samba and winbind packages from redhat. it is a fileserver joined to samba 4 domain. os: rhel7.4 samba-winbind-4.6.2-12.el7_4.x86_64 samba-winbind-clients-4.6.2-12.el7_4.x86_64 samba-winbind-modules-4.6.2-12.el7_4.x86_64 approx. 350 clients approx. 10000 open files see attached stripped smb.conf the following problem exist: after a time (several hours) the

I have built Samba4 4.1.5 from sources and provisioned as standalone server. I don' t need to act Samba4 as DC. I need fully working server, including shares access, network neighborhood browsing, LDAP (I suupose it should be anyway by default) . What values should be added to smb.conf, in particular to server services ? Is dcerpc endpoint servers parameter necassary ? What daemons should be

Release Announcements ===================== This is the sixth release condidate of Samba 4.13. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Samba 4.13 will be the next version of the Samba suite. SECURITY ======== o CVE-2020-1472: Unauthenticated