source3/libads/sasl,c provides for ADS_AUTH_ALLOW_NTLMSSP but there is no way to switch it on in the smb.conf
Richard Sharpe
realrichardsharpe at gmail.com
Thu Nov 19 20:37:02 UTC 2015
Hi folks,
We were wanting to test allowing NTLMSSP auth in SASL, but there is no
way to switch on the fallback in the smb.conf allowed here:
/* only fallback to NTLMSSP if allowed */
if (ADS_ERR_OK(status) ||
!(ads->auth.flags & ADS_AUTH_ALLOW_NTLMSSP)) {
return status;
}
} else
#endif
{
TALLOC_FREE(given_principal);
}
/* lets do NTLMSSP ... this has the big advantage that we don't need
to sync clocks, and we don't rely on special versions of the krb5
library for HMAC_MD4 encryption */
return ads_sasl_spnego_ntlmssp_bind(ads);
It that intentional?
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
More information about the samba-technical
mailing list