|
Last change
on this file was 988, checked in by Silvan Scherrer, 9 years ago |
|
Samba Server: update vendor to version 4.4.3
|
|
File size:
1.1 KB
|
| Line | |
|---|
| 1 | <samba:parameter name="allow dcerpc auth level connect"
|
|---|
| 2 | context="G"
|
|---|
| 3 | type="boolean"
|
|---|
| 4 | xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
|---|
| 5 | <description>
|
|---|
| 6 | <para>This option controls whether DCERPC services are allowed to
|
|---|
| 7 | be used with DCERPC_AUTH_LEVEL_CONNECT, which provides authentication,
|
|---|
| 8 | but no per message integrity nor privacy protection.</para>
|
|---|
| 9 |
|
|---|
| 10 | <para>Some interfaces like samr, lsarpc and netlogon have a hard-coded default of
|
|---|
| 11 | <constant>no</constant> and epmapper, mgmt and rpcecho have a hard-coded default of
|
|---|
| 12 | <constant>yes</constant>.
|
|---|
| 13 | </para>
|
|---|
| 14 |
|
|---|
| 15 | <para>The behavior can be overwritten per interface name (e.g. lsarpc, netlogon, samr, srvsvc,
|
|---|
| 16 | winreg, wkssvc ...) by using 'allow dcerpc auth level connect:interface = yes' as option.</para>
|
|---|
| 17 |
|
|---|
| 18 | <para>This option yields precedence to the implementation specific restrictions.
|
|---|
| 19 | E.g. the drsuapi and backupkey protocols require DCERPC_AUTH_LEVEL_PRIVACY.
|
|---|
| 20 | The dnsserver protocol requires DCERPC_AUTH_LEVEL_INTEGRITY.
|
|---|
| 21 | </para>
|
|---|
| 22 | </description>
|
|---|
| 23 |
|
|---|
| 24 | <value type="default">no</value>
|
|---|
| 25 | <value type="example">yes</value>
|
|---|
| 26 |
|
|---|
| 27 | </samba:parameter>
|
|---|
Note:
See
TracBrowser
for help on using the repository browser.
