[PATCH] lib/param: Consolidate code to enable smb signing on the server, always enable on AD DC

Stefan (metze) Metzmacher metze at samba.org
Tue Apr 8 05:40:20 MDT 2014

Am 07.04.2014 01:11, schrieb Andrew Bartlett:
> On Fri, 2013-11-22 at 13:24 +0100, David Disseldorp wrote:
>> On Fri, 22 Nov 2013 14:43:34 +1300
>> Andrew Bartlett <abartlet at samba.org> wrote:
>>> I tried an autobuild with another patch, and that passed.  So I tried with just
>>> this patch, and that autobuild passed too, which doesn't provide me with any more insights
>>> on this.  
>>> Do you think we should dare to try an official autobuild again?
>> I pushed again. It made it through this time.
>> Cheers, David
> I'm wondering if this is the kind of change we can make during the 4.0
> and 4.1 series?  It would be good to be able to rely on SMB signing
> against AD DC servers, but unless we apply this patch Samba 4.0 and 4.1
> will be exceptions to that unless SMB2 is used. 

So what is the actual problem here?

> But on the flip side, it changes default values during a release train,
> and I know that is something we generally don't do.

I don't think we have to change the defaults...
The correct FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED handling should be


More information about the samba-technical mailing list