[Samba] ntlm_auth and SMBv2/v3
lkelmeni at mairie-saint-ouen.fr
Tue Oct 17 12:52:51 UTC 2017
Do you plan to release the patch for "ntlm auth =
mschapv2-only" option soon ?
We need this on order to use freeradius in
a "more safe" scenario than with "ntlm auth = yes"
Direction des Systèmes d'Information
Le 08/06/2017 21:36, Andrew Bartlett via samba a écrit :
On Thu, 2017-06-08 at 15:30 +0200, L.P.H. van Belle via samba wrote:
>> hai, Please keep it mailing to the list, this way is shows up of
others also. A workaround for disabling SMBv1, you can make your server
less secure but thats not what i would do. Setting these to enable NTLM
v1 again. lanman auth = yes
> NEVER set this.
>> ntlm auth = yes
> This enables NTLMv1. To be clear, this isn't related to SMBv1. This
is the only change required to re-enable MSCHAPv2. I plan to create a
ntlm auth = mschapv2-only option (indeed I have been given such a
patch) but I need to finish the test.
> raw NTLMv2 aut
>> n networks.
> cause Samba folklore grows so quickly, and folks rapidly
paste in whatever setting they find, even if they reduce security
dramatically. Thanks, Andrew Bartlett -- Andrew Bartlett
http://samba.org/~abartlet/  Authentication Developer, Samba Team
http://samba.org  Samba Developer, Catalyst IT
More information about the samba