[Samba] How to disable NTLM authentication on Samba
Rowland Penny
rpenny at samba.org
Wed Oct 10 20:19:48 UTC 2018
On Wed, 10 Oct 2018 16:07:24 -0400
Gaiseric Vandal via samba <samba at lists.samba.org> wrote:
> How would samba forward any requests on to any other service ?
> You can have sssd setup on a server if you also need to support
> things like ssh, sftp, and nfs but that is separate from samba's
> "Windows" services.
>
> Or do you mean it forwards NTLM requests to a different server ?
>
>
> Disabling NTLM altogether would be a useful feature if you are trying
> to minimize the attack surface.
>
smbd used to be able to do authentication, it now passes this to
winbind.
You should not run winbind with sssd because it has its own winbind
lib. So, if you are using sssd, you are not using winbind, so how can
it pass anything to sssd ?
I do not understand why people run sssd with Samba, there is very
little that sssd can do, that winbind cannot.
As I said, if you run sssd and are having problems, ask the sssd-users
mailing list first.
Rowland
More information about the samba
mailing list