Looks like there is no way to force Kerberos Auth with Samba?
Richard Sharpe
realrichardsharpe at gmail.com
Tue Aug 27 21:32:11 MDT 2013
On Tue, Aug 27, 2013 at 8:24 PM, Jeremy Allison <jra at samba.org> wrote:
> On Wed, Aug 28, 2013 at 01:02:19PM +1200, Andrew Bartlett wrote:
>> On Tue, 2013-08-27 at 20:58 -0400, simo wrote:
>> > On Tue, 2013-08-27 at 16:37 -0700, Richard Sharpe wrote:
>> > > Hi folks,
>> > >
>> > > While LANMan auth is off by default in 3.6.x and above, at least, and
>> > > we can turn off NTLM auth, it does not look like we can turn off
>> > > NTLMv2 auth without code changes.
>> > >
>> > > Does this sound correct?
>> >
>> > I do not recall such an option, and it is not easy to find any spot in
>> > the code that would cause ntlmssp to be disabled, no.
>>
>> Correct, there isn't an intentional option for this, yet. It is
>> interesting that we have got to the point that kerberos-only is a
>> serious thing that folks want. I've wanted such a day for a long time
>> (DIE, NTLM, DIE! ;-)
>
> Shouldn't be too hard to add I think. After all it's
> just bailing out if we don't take the krb5 auth path..
Yeah. I just wanted to verify that there was no existing way to do it.
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
More information about the samba-technical
mailing list