[Samba] Digitially Signed Communications [SOLVED]

support at remsnet.de support at remsnet.de
Tue Jun 25 05:51:14 MDT 2013 

Hello Shaun,

You are wellcome.

Software been evolving over the Years , i.e Samba its self has an different Support lines then RHEL Has.
i.e RHEL evolved allready to PROD version 6.4 :-) .

Most of the Distrubions today add 2 or more samba releases - i.e with or without AD



--
Mit freundlichen Grüßen / Best Regards

Horst Venzke ; PGP NET : 1024G/082F2E6D ;  http://www.remsnet.de

Legal Notice: This transmittal and/or attachments may be privileged or confidential. It is intended solely for the addressee named above. Any review, dissemination, or copying is strictly prohibited. If you received this transmittal in error, please notify us immediately by reply and immediately delete this message and all its attachments. Thank you.


> Gesendet: Dienstag, 25. Juni 2013 um 13:27 Uhr
> Von: "Shaun Glass - Business Connexion" <Shaun.Glass at bcx.co.za>
> An: "Horst Venzke-Fa Remsnet Ltd" <support at remsnet.de>
> Cc: "samba at lists.samba.or" <samba at lists.samba.or>
> Betreff: RE: [Samba] Digitially Signed Communications [SOLVED]
>
> Dear Horst,
>
> I have done as requested and can now see the shares ... thanks. Unfortunately somebody else had done the installs so I was unaware of the availability of two separate versions for RHEL 5.x.
>
> Regards
>
> ________________________________________
> From: Horst Venzke-Fa Remsnet Ltd [support at remsnet.de]
> Sent: Tuesday, June 25, 2013 12:35 PM
> To: Shaun Glass - Business Connexion
> Cc: samba at lists.samba.or
> Subject: Aw: [Samba] Digitially Signed Communications
>
> Hello Shaun,
>
>
> The samba 3.0.x release are allmost unsupported since it EOL at 2009.
>
>
> Withing RHEL 5.9 the 3.6.x releases are provided, please update and try again.
>
>
>
> --
> Mit freundlichen Grüßen / Best Regards
>
> Horst Venzke ; PGP NET : 1024G/082F2E6D ;  http://www.remsnet.de
>
> Legal Notice: This transmittal and/or attachments may be privileged or confidential. It is intended solely for the addressee named above. Any review, dissemination, or copying is strictly prohibited. If you received this transmittal in error, please notify us immediately by reply and immediately delete this message and all its attachments. Thank you.
>
>
> > Gesendet: Dienstag, 25. Juni 2013 um 12:05 Uhr
> > Von: "Shaun Glass - Business Connexion" <Shaun.Glass at bcx.co.za>
> > An: "samba at lists.samba.org" <samba at lists.samba.org>
> > Betreff: [Samba] Digitially Signed Communications
> >
> > Dear All,
> >
> > The below are snippets of the policies that are causing connection issues for me from Windows 7 workstations, connected to a Domain, to Samba Shares :
> >
> > Microsoft network client: Digitally sign communications (always)    Enabled
> > Microsoft network client: Digitally sign communications (if server agrees)    Enabled
> >
> > Microsoft network server: Digitally sign communications (always)    Disabled
> > Microsoft network server: Digitally sign communications (if client agrees)    Enabled
> >
> > Now the above cannot be altered due to security audit requirements.
> >
> > From trouble shooting it seems the following may also be relevant, but as before more than likely cannot be changed :
> >
> > Network security: LAN Manager authentication level    Send NTLMv2 response only
> >
> > Network security: Minimum session security for NTLM SSP based (including secure RPC) clients    Require NTLMv2 session security,Require 128-bit encryption
> > Network security: Minimum session security for NTLM SSP based (including secure RPC) servers    Require NTLMv2 session security,Require 128-bit encryption
> >
> > The Samba configuration is as follows :
> >
> > [global]
> >         netbios name = SRV002769
> >         socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
> >         idmap uid = 10000-50000
> >         winbind enum users = yes
> >         winbind gid = 10000-50000
> >         workgroup = MUD
> >         os level = 20
> >         winbind enum groups = yes
> >         socket address = 10.12.18.160
> >         password server = *
> >         preferred master = no
> >         winbind separator = +
> >         max log size = 50
> >         log file = /var/log/samba/log.%m
> >         dns proxy = no
> >         realm = MUD.INTERNAL.CO.ZA
> >         security = ADS
> >         wins server = 10.11.1.13
> >         wins proxy = no
> >         client use spnego = yes
> >         client ntlmv2 auth = yes
> >         encrypt passwords = yes
> >         server signing = yes
> >         client signing = yes
> >
> > Error messages when trying to connect :
> >
> > [2013/06/25 11:40:41, 0] lib/util_sock.c:read_data(540)
> >   read_data: read failure for 4 bytes to client 172.27.30.20. Error = Connection reset by peer
> >
> > The Samba servers have been added to the Domain via "net ads join" and here is some version info :
> >
> > Red Hat Enterprise Linux Server release 5.9 (Tikanga)
> >
> > samba-3.0.33-3.39.el5_8
> > samba-common-3.0.33-3.39.el5_8
> >
> > Anybody encountered a resolution to this issue ?
> >
> > Regards
> >
> >
> > Disclaimer
> >
> > The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation of the contents of this information is strictly prohibited and may be unlawful.
> >
> > This email has been scanned for viruses and malware, and automatically archived by Mimecast SA (Pty) Ltd, an innovator in Software as a Service (SaaS) for business.  Mimecast Unified Email Management (UEM) offers email continuity, security, archiving and compliance with all current legislation.  To find out more, visit http://www.mimecast.co.za/uem.
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba
> >
>
>
> Disclaimer
>
> The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation of the contents of this information is strictly prohibited and may be unlawful.
>
> This email has been scanned for viruses and malware, and automatically archived by Mimecast SA (Pty) Ltd, an innovator in Software as a Service (SaaS) for business.  Mimecast Unified Email Management (UEM) offers email continuity, security, archiving and compliance with all current legislation.  To find out more, visit http://www.mimecast.co.za/uem.

More information about the samba mailing list