|
Last change
on this file was 988, checked in by Silvan Scherrer, 9 years ago |
|
Samba Server: update vendor to version 4.4.3
|
|
File size:
888 bytes
|
| Line | |
|---|
| 1 | <samba:parameter name="reject md5 servers"
|
|---|
| 2 | context="G"
|
|---|
| 3 | type="boolean"
|
|---|
| 4 | xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
|---|
| 5 | <description>
|
|---|
| 6 | <para>This option controls whether winbindd requires support
|
|---|
| 7 | for aes support for the netlogon secure channel.</para>
|
|---|
| 8 |
|
|---|
| 9 | <para>The following flags will be required NETLOGON_NEG_ARCFOUR,
|
|---|
| 10 | NETLOGON_NEG_SUPPORTS_AES, NETLOGON_NEG_PASSWORD_SET2 and NETLOGON_NEG_AUTHENTICATED_RPC.</para>
|
|---|
| 11 |
|
|---|
| 12 | <para>You can set this to yes if all domain controllers support aes.
|
|---|
| 13 | This will prevent downgrade attacks.</para>
|
|---|
| 14 |
|
|---|
| 15 | <para>The behavior can be controlled per netbios domain
|
|---|
| 16 | by using 'reject md5 servers:NETBIOSDOMAIN = yes' as option.</para>
|
|---|
| 17 |
|
|---|
| 18 | <para>This option takes precedence to the <smbconfoption name="require strong key"/> option.</para>
|
|---|
| 19 | </description>
|
|---|
| 20 |
|
|---|
| 21 | <value type="default">no</value>
|
|---|
| 22 | </samba:parameter>
|
|---|
Note:
See
TracBrowser
for help on using the repository browser.
