[Samba] Samba send SPNEGO if Extended Security is ON

Jewelyn Catingub jeweldaj at yahoo.com
Tue Apr 22 12:02:03 GMT 2008

Thanks for your reply.

But in Windows, we encountered Raw NTLMSSP (not wrapped by spnego)
even if Extended Security bit is ON when there is no KDC in the workgroup. 
(Well, we are not sure if that was really the reason)
Why is that so?

----- Original Message ----
From: Gerald (Jerry) Carter <jerry at samba.org>
To: Jewelyn Catingub <jeweldaj at yahoo.com>
Cc: samba at lists.samba.org
Sent: Monday, April 21, 2008 10:18:19 PM
Subject: Re: [Samba] Samba send SPNEGO if Extended Security is ON

Hash: SHA1

Jewelyn Catingub wrote:
> I've checked the samba code (sessetup) and found out that samba 
> always send spnego packet when Extended Security capability is ON.
> (This can't be turned off/on ie. "use spnego = false")
> Does it mean I can "never" connect to smb server that doesn't 
> support spnego if Extended Security is supported by server?
> Is my understanding correct?

The extended security bit == spnego support.  See section 4.1.1
in the SNIA CIFS tech reference.

cheers, jerry
- --
Samba                                    ------- http://www.samba.org
Likewise Software          ---------  http://www.likewisesoftware.com
"What man is a man who does not make the world better?"      --Balian
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ

More information about the samba mailing list