[Samba] Remove LanMan auth from the AD DC and possibly file server?
Rowland Penny
rpenny at samba.org
Tue Feb 8 20:48:52 UTC 2022
On Tue, 2022-02-08 at 14:35 -0600, Patrick Goetz via samba wrote:
>
> On 2/7/22 23:13, Jeremy Allison via samba wrote:
> > On Tue, Feb 08, 2022 at 06:04:01PM +1300, Andrew Bartlett via samba
> > wrote:
> > > On Mon, 2022-02-07 at 18:38 +0100, Ralph Boehme via samba wrote:
> > > > On 1/26/22 04:50, Andrew Bartlett via samba wrote:
> > > > > What do folks think?
> > > >
> > > > I would vote for removing it and if people still require it to
> > > > work
> > > > with
> > > > old shit they can just continue using the latest Samba version
> > > > that
> > > > supports it.
> > >
> > > Thanks!
> >
> > Yes, to be honest I'm more leaning on supporting Ralph
> > now than trying to split hairs :-).
> >
> > If people want LANMAN auth they can just keep running
> > the last version that supports it. It's not like they're
> > worried about security anyway :-) :-).
> >
>
> Or more likely they're running it in a completely isolated (or DMZ
> gatewayed) environment with equipment that can't be upgraded (e.g.
> instrumentation control PC's running old versions of Windows which
> can't
> be upgraded). That's what we do; there's no good alternative unless
> your user has, for example, a million dollars to shell out for a new
> machine with new PCs, and even then. We just got a new 1.5 million
> dollar microscope and the control PC is running Windows 2012. \o/
If you are paying 1.5 million dollars for something that contains a PC,
then it should have been part of the contract that the OS was the
latest version.
Rowland
More information about the samba
mailing list