[Samba] Domain DFS on new share

Jonathan Hunter jmhunter1 at gmail.com
Fri Apr 21 10:39:44 UTC 2017

Thanks Louis, some good info there!

On 21 April 2017 at 10:58, L.P.H. van Belle via samba
<samba at lists.samba.org> wrote:
> Did you configure mutual authentication and integrity for the new share?
> [..]
> Good info here :
> https://blogs.technet.microsoft.com/askpfeplat/2015/02/22/guidance-on-deployment-of-ms15-011-and-ms15-014/

This led me to
which, on my Windows 7 VM, was completely empty.
Adding "\\*\dfs" and "\\*\notdfs" keys as string values, with
"RequireMutualAuthentication=0" as data, hasn't helped, unfortunately.
I also tried \\mydomain\dfs, and restarted the Windows machine each
time - no change.

I would have thought that if there are no registry values in the
HardenedPaths section, then this hasn't been configured.. not sure
though. One of the comments here indicates that this is off by default
on Windows 7, anyway:

Have you had to configure these explicitly on Windows 7 machines? Mine
are all effectively on 'defaults' as far as this is concerned.


"If we knew what it was we were doing, it would not be called
research, would it?"
      - Albert Einstein

More information about the samba mailing list