[cifs-protocol] GUI and AD LDAP settings required to enable FAST

Stefan Metzmacher metze at samba.org
Tue Apr 27 08:18:33 UTC 2021

Am 27.04.21 um 08:31 schrieb Stefan Metzmacher via cifs-protocol:
> Hi Andrew,
> I think I looked at this document:
> https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831747(v=ws.11)
> It talks about the "KDC support for claims, compound authentication, and Kerberos armoring KDC"
> and "Kerberos client support for claims, compound authentication and Kerberos armoring"
> administrative template policies and 4 possible configurations.
> I used this to create the captures for this presenation:
> https://www.samba.org/~metze/presentations/2020/SambaXP/StefanMetzmacher_sambaxp2020_Modern_Kerberos-rev0-compact.pdf
> See slides 21-23. I can provide the raw captures with a keytab...

I uploaded the captures here:
I guess this was the one that finally worked:
wireshark >= 3.3.0 should be able to decrypt and dissect everything using


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20210427/e9bde6b1/OpenPGP_signature.sig>

More information about the cifs-protocol mailing list