Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 9.x
  4. Topic: SME 9 as a PDC
« previous next »
Pages: 1 [2]  All   Go Down

SME 9 as a PDC

  • 19 Replies
  • 5157 Views

Offline michelandre

  • *
  • 261
  • +0/-0
Re: SME 9 as a PDC
« Reply #15 on: June 25, 2016, 10:27:38 PM »
Hi all,

Thank you Stefano for your comment.

Can I ask you how you stop them from installing in their home directory?

Michel-André
Logged

Offline Stefano

  • *
  • 10,894
  • +3/-0
Re: SME 9 as a PDC
« Reply #16 on: June 27, 2016, 10:22:46 AM »
I'd do some tests, but nowadays many apps are able to install themselves on user's homedir without high privileges..

in W2000/WXP there was the possibility to use poledit to create some kind of group policy configuration to be loaded on the client via logon script, now M$ changed so many things and (IIRC) this approach is not supported anymore

I suggest you to install on M$ client a sw that redirects all system events to SME's syslog and then parse every night logs looking for what you don't want users to do..

then, when you see that user jondoe installed something, a simple mail with "guy, I see you, please uninstall" is enough :-)
Logged

Offline michelandre

  • *
  • 261
  • +0/-0
Re: SME 9 as a PDC
« Reply #17 on: July 03, 2016, 01:57:42 AM »
Hi all,

The SME server 9.1 is a PDC
Local IP: 10.10.100.38
External IP: 100.100.100.100/255.255.255.0

Station: Windows // IP address 100.100.100.102/255.255.255.0

- I created a Shared Folder.
- The following settings control the access of this shared folder using the HTTP/HTTPS protocol.
  "Web Access"  =  Entire Internet (password required outside local network)
  "Force secure connections"  =  Enabled
 
PROBLEM
- With a Windows station, member or not of the domain.
- User, member or not of the domain.
- User with or without Permissions on the Shared Folder.
Any user can access directly the Shared Folder at URL http://server_external_IP/shared_folder_name without a password and download any file.
On access, the URL is changing from http: to https: so the other parameter Force secure connections is working properly.

It works exactly as Local network (no password required) but the station is on the external lan.

I think that this is not normal,

Michel-André
Logged

Offline janet

  • *****
  • 4,812
  • +0/-0
Re: SME 9 as a PDC
« Reply #18 on: July 03, 2016, 02:19:07 AM »
michelandre

Quote
Any user can access directly the Shared Folder at URL http://server_external_IP/shared_folder_name without a password and download any file.
.....It works exactly as Local network (no password required) but the station is on the external lan.

What is an external LAN ? Users need to be on the external WAN.
Are they really accessing from an external location ?

Quote
I think that this is not normal...

If so then lodge a bug report (I suppose against the contrib).
Logged
Please search before asking, an answer may already exist.
The Search & other links to useful information are at top of Forum.

Offline michelandre

  • *
  • 261
  • +0/-0
Re: [Resolved] SME 9 as a PDC
« Reply #19 on: July 04, 2016, 02:42:30 PM »
Hi all,

Thanks to Daniel B. all is resolved.

For the Shared folder problem:
In Server Manager, I remove the network of the station from "Security / Remote access / Remote Management" and all is working fine.

Michel-André
Logged
Pages: 1 [2]  All   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 9.x
  4. Topic: SME 9 as a PDC