NTLM-501 — NTLM-related communication should be limited by INTERFACE or NETWORK
NTLM authentication requires a Samba server running on the Kernun system. A proxy passes a NTLM authentication request to the Samba server, which communicates with the AD domain controller. By default, Samba opens a network socket on each network interface. For security reasons, opening of network sockets should be limited (by INTERFACE or NETWORK in NTLM-AUTH.INTERFACES) to the interface used for communication with the AD domain controller.