Different parameters in Samba 3 and Samba 4
Andrew Bartlett
abartlet at samba.org
Tue Oct 21 23:10:38 GMT 2008
On Tue, 2008-10-21 at 15:10 +0200, Jelmer Vernooij wrote:
> I had a look at what parameters are only present in Samba 3 and not
> Samba 4 and the other way around.
>
> Here is the list - lines with - are what's in Samba 3, + is what's in
> Samba 4.
> + client use spnego principal = No
This is the option that I discussed a couple of months ago, but failed
to get a chance to implement for Samba3. Setting this to 'no' in Samba4
avoids a class of kerberos man-in-the-middle attacks, and I need to work
with folks to implement this in Samba3.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20081022/d3fd09fd/attachment.bin
More information about the samba-technical
mailing list