[Samba] freeradius + NTLM + samba AD 4.5.x
Rowland Penny
rpenny at samba.org
Mon Mar 26 12:37:23 UTC 2018
On Mon, 26 Mar 2018 14:06:24 +0200
"Dr. Peer-Joachim Koch via samba" <samba at lists.samba.org> wrote:
> Hi,
>
> we have updated our samba AD domain from 4.4.x to 4.5.x.
>
> The release notes for 4.5.0 included "NTLMv1 authentication disabled
> by default".
>
> So we had to enable it to get our radius (freeradius) server working
> (for 802.1x).
>
You would probably be better off asking freeradius.
> What would be the best way to change the freeradius configuration in
> such a way,
>
> that we can disable NTLMv1 again.
>
> The radius server is used for WLAN (802.1x) and for VPN.
>
> How insecure is NTLMv1 ?
>
Have you ever heard of 'wannacry' ? or to put it another way 'VERY
insecure'
Rowland
More information about the samba
mailing list