SambaBox Key Features
SambaBox offers the most comprehensive and reliable directory solution
Installation
SambaBox is distributed as a sofware appliance. You don't need any OS, hardening or performance optimization. Just install the single ISO image on your virtual or bare metal environment.
Management Interface
SambaBox offers unique web based management interface. The web interface provides ease of management and allows system administrators to connect to the system comfortably and securely from any environment like tablets and mobile phones.
Security
SambaBox is designed as a secure stack. It is tested against attacks regularly and is certified. Also SambaBox is a part of Mitre CVE Program under Profelis CNA. Upgrades include all components like OS, Management Software and Profelis-Samba.
All in One Stack
SambaBox provides all of the required components like DC, DNS, DHCP, NTP, CA, SNMP, Log Forward etc. SambaBox also has its own tools which are normally offered by third parties on MS-AD environment, like advanced reporting and advanced user management tools.
Web Based GPO Editor
SambaBox has Web Based GPO Editor which is directly and fully compliant with MS-AD. The GPO Editor also supports Registry Objects. The GPO Editor supports more than 3.000 rules. Which includes Google Chrome as well. This web based editor allows administrators to: 1. Create GPO 2. Edit GPO and Registry object 3. Delete GPO
Offline Upgrade
Directory services have a critical role in every organization. Most of the enterprise organizations do not prefer to connect their directory service to internet directly. SambaBox is designed to serve high secure internal networks. With this purpose, upgrade operations are also designed to be fully offline.
Certificate Authority - CA
SambaBox has a built-in Certificate Authority (CA) structure that performs and certifes digital signatures. Its role is to provide a certification service by signing public keys with its own secret keys.
Sites & Subnets
SambaBox can manage multiple sites and subnets. Large organizations mostly divide their directory structures to sites to manage their assets properly. This is a logical link between two sites in directory structure. Replication between sites is controlled by link topology.
LAPS Support & Custom Attributes
Local Administrator Password Solution (LAPS) is one of the main requirements in enterprise organizations. LAPS needs to change some of the schema attributes. This requirement is met by the built-in features of SambaBox. Managed LAPS computers' passwords can be retrieved by authorized administrators and the password expiricy date can be extended if required. Other custom attributes can also be created via SambaBox GUI.
Auto Disable Inactive Accounts
SambaBox offers auto disable inactive acounts option. With help of this operation you can easily secure your directory service against attackers. You can appliy different inactive days to different OUs. With the help of Password Policy settings this operation completes most of the user secuirty complience requirements.
Password Policy
SambaBox offers one of the most Advanced Password Policy on the market. Password Policy has three parts: 1. Password Policy Information for MS-AD requirements 2. Password Settings Objects (PSO) to apply different settings to set of users. 3. Blacklist based on keywords and/or Regular Expressions
More Than Samba Code
SambaBox was developed by Profelis, specifically based on the open source Samba codes. The SambaBox team adds its own patches on top of it to operate trouble-free for all clients. There are three types of patches added by The SambaBox team: 1. Intentionally breaks RFC to be compatible with MS-AD. 2. Boosting the performance. 3. Adding more functionality and bug fix.
Bi-Directional Replication
It is designed to perform bi-directional data transfer as a DC at the same level as the other SambaBox and Microsoft AD servers. SambaBox replicates schemas and its data with other SambaBox and Microsoft AD servers. Administrators are secure to use hybrid infrastructure or demote Microsoft AD from the directory after migration.
Role Base Access Control - RBAC
SambaBox GUI has Role Based Access Control capability. Administrators can create groups according to need to know security principle. For auditors there is read-only option for every input button. All of the user activities are recorded so you can get detailed reports about user actions and the field value details with masked password fields.
OU Based Authorization
For large organizations, administrator responsibilities can be group by Organizational Units (OU). After SambaBox 4.2, OU based authorization was introduced to cover this need. Administrators can be assigned to manage different OU's. This privilege is different than RBAC.
Bulk Import & Update Operations
SambaBox has a great ability to perform bulk operations. Bulk operations save time for administrators and automate the user operations. For new domains with large amount of users creations, bulk password changes, OU assignments and more operations can be done using CSV templates.
Single Sign On
For large organizations, administrator responsibilities can be groupED by Organizational Units (OU). With SambaBox 4.2, OU based authorization has been introduced to cover this need. Administrators can be assigned to manage different OU's. This priviledge is different than RBAC.
Reporting
SambaBox has more than twenty built-in reports for common requirements. Reports section also has custom reports editor which allows administrators to create their own re-usable reports. AAdministrators have options to receive report as e-mail or download it as PDF, XLS and CSV files.