Auth question.
Andrew Bartlett
abartlet at samba.org
Wed Jan 22 14:31:38 GMT 2003
On Wed, Jan 22, 2003 at 12:41:34AM -0600, Christopher R. Hertel wrote:
> On Wed, Jan 22, 2003 at 05:30:45AM +0000, Andrew Bartlett wrote:
> > On Tue, Jan 21, 2003 at 09:13:38PM -0600, Christopher R. Hertel wrote:
> > > I *think* it's a rule that Kerberos authentication is always used with
> > > SMB over TCP (port 445) and that Kerberos is *not* used with SMB over NBT
> > > (port 139).
> > >
> > > Am I wrong?
> >
> > I think you are wrong. As far as I know there is no per-port stuff.
>
> Quite possibly. That's why I asked. :)
>
> ...but which clients would actually do this, and under what conditions?
>
> Of the Windows clients and servers, only W2K and XP-pro know how to work
> with Kerberos (does /Me handled Kerberos auth?). I *imagine* that those
> systems use port 445 instead of 139 whenever they can. If both client and
> server know how to handle Kerberos then they likely also know how to use
> port 445.
>
> So, unless I'm totally insane, the likelihood of Kerberos auth being used
> over port 139 is low.
Samba 3.0 listening on 139 only. This can and does happen. Firewall rules,
or anything else that makes the 445 connect fail. I would not attempt to
draw this genralisation in a published work ;-)
Andrew Bartlett
More information about the samba-technical
mailing list