[Samba] Attaching a VOIP appliance

Stefan G. Weichinger lists at xunil.at
Thu Nov 17 11:39:16 UTC 2022

A customer where I run a samba-AD-domain gets a new VOIP PBX thingie ...

so I am writing port forwardings, firewall rules and what not to allow 
that beast access to this and that.

One feature is some kind of "Netlogon": the software on the PCs should 
be able to access AD-users for its authentication.


I created a computer account ... on the shell, because the DC (samba) 
doesn't run PowerShell ...

The PBX gets a connection somehow, but the users fail.

Look at the wiki:

"Currently NTLMv1 is used"


I added this for a short test:

lm announce = no
lanman auth = no
ntlm auth = yes
client lanman auth = no
client ntlmv2 auth = yes

Took that out of a thread here in 2017:


For sure that isn't safe, and I don't like allowing unsafe stuff.


More information about the samba mailing list