is not set in the [global] section of your smb.conf.
+
+
- CVE-2018-1057
+
+
Revoke the change passwords right for 'the world' from all user objects
+
(including computers) in the directory, leaving only the right to
+
change a user's own password.
Impact
+
A remote attacker is able to change other users passwords on a Samba 4 AD DC or perform a denial of service attack by sending a specially crafted request to the spoolss service.