[Samba] Active Directory

Joshua Schmidlkofer menion at asylumwear.com
Tue Oct 21 22:02:59 GMT 2003


On Tue, 2003-10-21 at 14:00, Jeremy Allison wrote:
> On Tue, Oct 21, 2003 at 01:51:39PM -0700, Joshua Schmidlkofer wrote:
> > You have to change some security settings in Windows 2003, by default it
> > requires packet signatures, etc.  Other people here are more qualified
> > than me.  However, here are the changes that I made:
> > 
> > In AD: [Default Domain Controller Policy, and possible the local policy
> > on the domain controllers]
> >  
> >   Disable:  Digitally Sign Communication (always)
> >   Disable:  Digitally Encrypt Secure Channel Data (always)
> >   Disable:  Require Windows 2000 (or greater) strong key
> 
> No, you don't have to do this for Samba3 - we support signing out of
> the box (modulo a couple of minor bugs which Stefan and I have just
> fixed in CVS :-).
> 
> Jeremy.


*grin* Sorry... Since he didn't specify what version he was using, I
thought that he was using 2.2.  *oops*.  

So in the mean time should I disable Signing? I use RedHat, and I am in
the middle of the hideous and horrible replacing Kerb.  Oh god, the
horror, the horror in Rh9.  

js






More information about the samba mailing list