Web lists-archives.com

[Samba] design question for small environment





Greetings samba-users

another "design issue" here

I run 2 servers in a very closed environment, basically it is only one fileserver, the 2nd does snapshots and backups etc

That server is configured as standalone and knows only ~6 local users. No ADS, no domain membership.

Think of a separated department in a company which has to be as disconnected from the company's IT as possible.

The users there wrote themselves a batch-script that connects their network shares, it contains cleartext passwords ... bad

Now they had a security audit and we should get rid of that batch file, sure.

I consider setting up an ADC for that one server overkill. And I wonder where they would keep their passwords then, it wouldn't change that.

And connecting to the company's AD isn't wanted because that would allow the "upstream IT" access to the protected server.

How do other admins solve that?
I'd appreciate any clever suggestions or examples.

greets, Stefan

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba