When setting up a samba 4 server acting as Active Directory, it is
possible to enable encryption with "smb encrypt = mandatory" entry in
configuration file for global section.
With this configuration, Windows machines (8 and 10) are able to
communicate (with encryption) with AD server.

But for linux stations, only smbclient works (using smbclient -e -m SMB3
\\\\<DNS AD>\\<SHARE>).

With cifs-utils (v. ), I get a "mount error(3): Permission denied" on
command line, and a "STATUS_ACCESS_DENIED" on logs.
I use following command : mount -t cifs //<DNS AD>//<SHARE> /mnt -o

As manpage (man 8 mount.cifs) contains this note for "vers" option:
"Note too that while this option governs the protocol version used, not
all features of each version are available."
and sec option seems to only protect password when authenticating

Do you have any information on when encryption feature could be
implemented ?


Benoît Jager

To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to