[cifs-protocol] GUI and AD LDAP settings required to enable FAST
abartlet at samba.org
Tue Apr 27 09:38:54 UTC 2021
On Tue, 2021-04-27 at 10:18 +0200, Stefan Metzmacher via cifs-protocol
> I uploaded the captures here:
> I guess this was the one that finally worked:
> wireshark >= 3.3.0 should be able to decrypt and dissect everything
Thanks so much metze.
Looking at packets 133 -> 156 I think I find the issue Gary was having,
which is that it looks like the Windows KDC doesn't advertise PA-FX-
FAST in an AS-REQ PREAUTH_REQUIRED error (RFC 6113 5.4.2).
Is my understanding correct? Do clients just need to know out-of-band
that FAST should be used? Is there any other easy way to tell that
FAST is configured correctly and operating?
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba
Samba Development and Support, Catalyst IT - Expert Open Source
More information about the cifs-protocol