[Samba] Are the connections between Domain Controlers encrypted?

Andrew Bartlett abartlet at samba.org
Fri Jul 10 20:35:14 UTC 2015

On Wed, 2015-07-01 at 14:54 +0200, Daniel Carrasco MarĂ­n wrote:
> Hi,
> Just that is my question: Are the connection between DC encripted?.
> I'm planning to create a secondary DC on a external dedicated server and i
> want to know if the connections are secure, because is not a good idea to
> have authentication data traveling through internet without any kind of
> encription...
> My main DC have ldap through ssl activated and working fine, but i don't
> know if that cares or i've to change anything to allow to secondary DC to
> use secure connections too.
> Another question: I've to consider anything, for example connection speed?
> (besides the sysvol syncronization of course).

They should be done over a VPN, as while parts are encrypted, Samba
isn't recommended to be exposed to the public internet (just too many
protocols, too large an attack surface).


Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list