Looks like there is no way to force Kerberos Auth with Samba?

Andrew Bartlett abartlet at samba.org
Tue Aug 27 19:02:19 MDT 2013


On Tue, 2013-08-27 at 20:58 -0400, simo wrote:
> On Tue, 2013-08-27 at 16:37 -0700, Richard Sharpe wrote:
> > Hi folks,
> > 
> > While LANMan auth is off by default in 3.6.x and above, at least, and
> > we can turn off NTLM auth, it does not look like we can turn off
> > NTLMv2 auth without code changes.
> > 
> > Does this sound correct?
> 
> I do not recall such an option, and it is not easy to find any spot in
> the code that would cause ntlmssp to be disabled, no.

Correct, there isn't an intentional option for this, yet.  It is
interesting that we have got to the point that kerberos-only is a
serious thing that folks want.  I've wanted such a day for a long time
(DIE, NTLM, DIE! ;-)

Andrew Bartlett
-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Catalyst IT                   http://catalyst.net.nz




More information about the samba-technical mailing list