[cifs-protocol] How to determine if an account should use AES?
abartlet at samba.org
Tue Aug 18 00:00:59 MDT 2009
On Fri, 2009-08-14 at 11:40 -0700, Sebastian Canevari wrote:
> Hi Andrew,
> I've been investigating this and I'm still discussing with the product group what would be the best way to better detail this process.
> As explained in the document, the KDC will rely on the AD property msDS-SupportedEncryptionTypes.
> Now, if the property is not populated by the server or service, then the KDC will default to RC4 which is the legacy type.
So, the outstanding question is: what would normally populate that
> With respect to the NETLOGON_DOMAIN_INFO, Matthieu is working with Obaid on that section and I believe Obaid is sending him his response shortly.
I have to say, I'm not the wiser from Obaid's answer. Sorry.
Perhaps you could spell it out a bit more clearly?
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
More information about the cifs-protocol