[Samba] Active Directory

Jeremy Allison jra at samba.org
Tue Oct 21 21:00:10 GMT 2003

On Tue, Oct 21, 2003 at 01:51:39PM -0700, Joshua Schmidlkofer wrote:
> You have to change some security settings in Windows 2003, by default it
> requires packet signatures, etc.  Other people here are more qualified
> than me.  However, here are the changes that I made:
> In AD: [Default Domain Controller Policy, and possible the local policy
> on the domain controllers]
>   Disable:  Digitally Sign Communication (always)
>   Disable:  Digitally Encrypt Secure Channel Data (always)
>   Disable:  Require Windows 2000 (or greater) strong key

No, you don't have to do this for Samba3 - we support signing out of
the box (modulo a couple of minor bugs which Stefan and I have just
fixed in CVS :-).


More information about the samba mailing list