[Samba] OS/2 EAs

webster at lexmark.com webster at lexmark.com
Tue Mar 22 18:15:03 GMT 2005

Jeremy Allison <jra at samba.org>
Sent by: samba-bounces+webster=lexmark.com at lists.samba.org
03/22/05 12:11 PM
Please respond to Jeremy Allison

        To:     "Gerald (Jerry) Carter" <jerry at samba.org>
        cc:     samba at lists.samba.org, Anthony Linux <anthony.linux at gmail.com>
        Subject:        Re: [Samba] Strong Session Key and XP
On Tue, Mar 22, 2005 at 05:10:18AM -0600, Gerald (Jerry) Carter wrote:
> Hash: SHA1
> Anthony Linux wrote:
> ...
> | I did a diff of the default Win XP security settings
> | and what was applied by the template.  Found the
> | culprit:  Domain Member -- Require Strong
> | (Windows 2000 or later) Session Key: Enabled.
> |
> | Once I disabled that, it worked fine.  Users
> | could login now, no problems.
> |
> | So, I wanted to share that tidbit, in case anyone
> | else is having this problem.
> |
> | Also, I was wondering if Samba can satisfy this
> | security setting?  That is, keep the Strong Session
> | Key enabled on the XP workstation and configure the
> | server to comply?  I'm worried that my security people
> | won't like me deviating from their default template
> | -- but if it's the only way to make it work, then so be
> | it.
> This is the 128-bit session key right ?  Andrew Bartlett
> was working on that but has since jumped ship to work on
> Samba 4.  So right now, no one is looking at this for
> Samba 3.  But things can change.

It's on my list of things to do after the EA support for
OS/2 and the per-file-change-notify patch. So many things,
so little time.... I'll be bugging Mr. Bartlett about it
too :-).



So, you're saying that OS/2 EA support is not currently in Samba3 ?

More information about the samba mailing list