[Samba] Change of kerberos encryption from DES to AES
rob.townley at gmail.com
Fri Aug 27 15:34:55 MDT 2010
On Thu, Aug 26, 2010 at 10:41 AM, Masopust, Christian
<christian.masopust at siemens.com> wrote:
> Hello all,
> as our Windows DCs will switch off DES encryption in the near future I
> have to change our
> Samba-Server to AES encryption.
> If I understand it correctly I have to change kerberos-configuration to
> new encryption type
> (aes256-cts-hmac-sha1-96) and then re-join my Samba-Server to the
> Is this correct? Any other things to consider?
> Thanks a lot,
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
i don't know how helpful this will be, but i will need to do the same.
i believe the samba server should generate the supported encryption
types from AD.
Not sure you have to manually change it, but the following blog posts
i have found helpful.
This is one 2006 howto video on migrating from DES to RC4.
More information about the samba