[Samba] Kerberos and NTLMv2 authentication
rpenny at samba.org
Sat Jun 15 08:59:40 UTC 2019
On 15/06/2019 01:40, eguigne--- via samba wrote:
> Dear Samba Users,
> I set a samba share (4.8.1) on a linux (centos 7) as server member ;
> authentication is done against a AD win 2012 R2 server through winbind.
> I thought authentication was using kerberos, but I checked log and found :
> Auth: [SMB2,(null)] user [MYDOMAIN]\[mydomainuser] at [mar., 11 juin 2019
> 10:21:42.000927 -03] with [NTLMv2] status [NT_STATUS_OK] workstation
> Below, part of my smb.cnf :
> security = ads
> realm = MYDOMAIN
> workgroup = MYDOMAIN
Why is your workgroup and realm the same ?
> kerberos method = secrets and keytab
> server signing = mandatory
> client signing = mandatory
> How can I tell samba using kerberos instead of NTLMv2 ? Or is it in
> winbind configuration ?
Do you have libpam-krb5 installed ?
More information about the samba