[Samba] Attaching a VOIP appliance
Stefan G. Weichinger
lists at xunil.at
Thu Nov 17 11:39:16 UTC 2022
A customer where I run a samba-AD-domain gets a new VOIP PBX thingie ...
so I am writing port forwardings, firewall rules and what not to allow
that beast access to this and that.
One feature is some kind of "Netlogon": the software on the PCs should
be able to access AD-users for its authentication.
http://wiki.innovaphone.com/index.php?title=Reference13r1:Concept_Netlogon_Windows_Authentication
I created a computer account ... on the shell, because the DC (samba)
doesn't run PowerShell ...
The PBX gets a connection somehow, but the users fail.
Look at the wiki:
"Currently NTLMv1 is used"
:-(
I added this for a short test:
lm announce = no
lanman auth = no
ntlm auth = yes
client lanman auth = no
client ntlmv2 auth = yes
Took that out of a thread here in 2017:
https://lists.samba.org/archive/samba/2017-July/209983.html
For sure that isn't safe, and I don't like allowing unsafe stuff.
recommendations?
More information about the samba
mailing list