NTLM-500 — NTLM-related communication with an AD controller should be limited
NTLM authentication requires a Samba server running on the Kernun system. A proxy passes a NTLM authentication request to the Samba server, which communicates with the AD domain controller. By default, Samba opens a network socket on each network interface. For security reasons, opening of network sockets should be limited (by NTLM-AUTH.INTERFACES) to the interface used for communication with the AD domain controller.