[Samba] Effect of disabling LM/NTLMv1 auth on an AD?

Don Meyer dlmeyer at uiuc.edu
Tue Feb 21 16:14:54 GMT 2006


Folks,

Our campus AD team has decided that they ...

>Need to disable LM/NTLMv1 authentication support to provide greater 
>security and be consistent with the CITES authentication roadmap.

Noble thoughts, but there hasn't been much thought of the 
ramifications for other, interoperable systems like Samba.

I can see that modern Samba versions support NTLMv1 and NTLMv2 
methods.  Theoretically, that should leave support for NTLMv2, and 
all should work.     Practically, however, there is the question of 
"what really happens with Samba member servers when one disables 
LM/NTLMv1 on the domain controllers?"    Can anyone speak to this?

Thanks much,
-Don




Don Meyer                                           <dlmeyer at uiuc.edu>
Network Manager, ACES Academic Computing Facility
Technical System Manager, ACES TeleNet System
UIUC College of ACES, Information Technology and Communication Services

   "They that can give up essential liberty to obtain a little 
temporary safety,
         deserve neither liberty or safety."     -- Benjamin Franklin, 1759 



More information about the samba mailing list