diff options
author | Alexander Bokovoy <ab@samba.org> | 2020-11-11 18:50:45 +0200 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2021-11-08 10:46:43 +0100 |
commit | c219b832d96b582aa5b81f0cec31ab432d6469e4 (patch) | |
tree | 5d5aef943ae21faacfad25db55dc0d3cf7fbbca1 /docs-xml | |
parent | cc1c47f1679b85c8860b2ee05c3f45b7b667ccef (diff) | |
download | samba-c219b832d96b582aa5b81f0cec31ab432d6469e4.tar.gz |
CVE-2020-25717: Add FreeIPA domain controller role
As we want to reduce use of 'classic domain controller' role but FreeIPA
relies on it internally, add a separate role to mark FreeIPA domain
controller role.
It means that role won't result in ROLE_STANDALONE.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14801
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'docs-xml')
-rw-r--r-- | docs-xml/smbdotconf/security/serverrole.xml | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/security/serverrole.xml b/docs-xml/smbdotconf/security/serverrole.xml index 9511c61c96d..b8b83a127b5 100644 --- a/docs-xml/smbdotconf/security/serverrole.xml +++ b/docs-xml/smbdotconf/security/serverrole.xml @@ -78,6 +78,13 @@ url="http://wiki.samba.org/index.php/Samba4/HOWTO">Samba4 HOWTO</ulink></para> + <para><anchor id="IPA-DC"/><emphasis>SERVER ROLE = IPA DOMAIN CONTROLLER</emphasis></para> + + <para>This mode of operation runs Samba in a hybrid mode for IPA + domain controller, providing forest trust to Active Directory. + This role requires special configuration performed by IPA installers + and should not be used manually by any administrator. + </para> </description> <related>security</related> |