diff options
| author | Alexander Bokovoy <ab@samba.org> | 2020-11-11 18:50:45 +0200 |
|---|---|---|
| committer | Jule Anger <janger@samba.org> | 2021-11-09 19:45:33 +0000 |
| commit | e2d5b4d709293b52112d078d6fcde95593d790c5 (patch) | |
| tree | 5913a1da26d2a90cdb1a1ce8ffaeae2ef872b674 /docs-xml | |
| parent | 57abb7f8f8884f52f1d194c5c74e067aecd0d3dd (diff) | |
| download | samba-e2d5b4d709293b52112d078d6fcde95593d790c5.tar.gz | |
CVE-2020-25717: Add FreeIPA domain controller role
As we want to reduce use of 'classic domain controller' role but FreeIPA
relies on it internally, add a separate role to mark FreeIPA domain
controller role.
It means that role won't result in ROLE_STANDALONE.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14801
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'docs-xml')
| -rw-r--r-- | docs-xml/smbdotconf/security/serverrole.xml | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/security/serverrole.xml b/docs-xml/smbdotconf/security/serverrole.xml index 9511c61c96d..b8b83a127b5 100644 --- a/docs-xml/smbdotconf/security/serverrole.xml +++ b/docs-xml/smbdotconf/security/serverrole.xml @@ -78,6 +78,13 @@ url="http://wiki.samba.org/index.php/Samba4/HOWTO">Samba4 HOWTO</ulink></para> + <para><anchor id="IPA-DC"/><emphasis>SERVER ROLE = IPA DOMAIN CONTROLLER</emphasis></para> + + <para>This mode of operation runs Samba in a hybrid mode for IPA + domain controller, providing forest trust to Active Directory. + This role requires special configuration performed by IPA installers + and should not be used manually by any administrator. + </para> </description> <related>security</related> |