diff options
| author | Alexander Bokovoy <ab@samba.org> | 2020-11-11 18:50:45 +0200 |
|---|---|---|
| committer | Jule Anger <janger@samba.org> | 2021-11-08 10:52:10 +0100 |
| commit | 39cf01d0d26608065dc071d58fea4cfd8d51bf02 (patch) | |
| tree | 790aa2a6c65129451b49d6cb69c55cd6e537abf4 /docs-xml | |
| parent | e8e0bea9b333315ec1ff9eb1d36d4e810ca95941 (diff) | |
| download | samba-39cf01d0d26608065dc071d58fea4cfd8d51bf02.tar.gz | |
CVE-2020-25717: Add FreeIPA domain controller role
As we want to reduce use of 'classic domain controller' role but FreeIPA
relies on it internally, add a separate role to mark FreeIPA domain
controller role.
It means that role won't result in ROLE_STANDALONE.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14801
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'docs-xml')
| -rw-r--r-- | docs-xml/smbdotconf/security/serverrole.xml | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/security/serverrole.xml b/docs-xml/smbdotconf/security/serverrole.xml index 9511c61c96d..b8b83a127b5 100644 --- a/docs-xml/smbdotconf/security/serverrole.xml +++ b/docs-xml/smbdotconf/security/serverrole.xml @@ -78,6 +78,13 @@ url="http://wiki.samba.org/index.php/Samba4/HOWTO">Samba4 HOWTO</ulink></para> + <para><anchor id="IPA-DC"/><emphasis>SERVER ROLE = IPA DOMAIN CONTROLLER</emphasis></para> + + <para>This mode of operation runs Samba in a hybrid mode for IPA + domain controller, providing forest trust to Active Directory. + This role requires special configuration performed by IPA installers + and should not be used manually by any administrator. + </para> </description> <related>security</related> |