[Samba] NTLM auth, better on a DC or on a DM?
Rowland Penny
rpenny at samba.org
Mon Sep 10 14:53:56 UTC 2018
On Mon, 10 Sep 2018 10:05:32 -0400
Gaiseric Vandal via samba <samba at lists.samba.org> wrote:
> Would squid and freeradius support LDAP authentication with AD ? I
> don't know if you are using NTLM or NTLMv2.
>
Yes, they both support ldap authentication, this is why, even though by
default NTLMv1 is now turned off, there is an option to turn it on for
this very reason: mschapv2-and-ntlmv2-only
Reading the man page has this:
mschapv2-and-ntlmv2-only - Only allow NTLMv1 when the client promises
that it is providing MSCHAPv2 authentication (such as the ntlm_auth
tool).
Rowland
More information about the samba
mailing list