[Samba] Kerberos and NTLMv2 authentication
Rowland penny
rpenny at samba.org
Sat Jun 15 08:59:40 UTC 2019
On 15/06/2019 01:40, eguigne--- via samba wrote:
> Dear Samba Users,
>
> I set a samba share (4.8.1) on a linux (centos 7) as server member ;
> authentication is done against a AD win 2012 R2 server through winbind.
>
> I thought authentication was using kerberos, but I checked log and found :
>
> Auth: [SMB2,(null)] user [MYDOMAIN]\[mydomainuser] at [mar., 11 juin 2019
> 10:21:42.000927 -03] with [NTLMv2] status [NT_STATUS_OK] workstation
> [CANONDCE0BD]
>
> Below, part of my smb.cnf :
>
> security = ads
>
> realm = MYDOMAIN
> workgroup = MYDOMAIN
Why is your workgroup and realm the same ?
>
> kerberos method = secrets and keytab
>
> server signing = mandatory
>
> client signing = mandatory
>
> How can I tell samba using kerberos instead of NTLMv2 ? Or is it in
> winbind configuration ?
Do you have libpam-krb5 installed ?
Rowland
More information about the samba
mailing list