On Wed, Jan 22, 2003 at 12:41:34AM -0600, Christopher R. Hertel wrote: > On Wed, Jan 22, 2003 at 05:30:45AM +0000, Andrew Bartlett wrote: > > On Tue, Jan 21, 2003 at 09:13:38PM -0600, Christopher R. Hertel wrote: > > > I *think* it's a rule that Kerberos authentication is always used with > > > SMB over TCP (port 445) and that Kerberos is *not* used with SMB over NBT > > > (port 139). > > > > > > Am I wrong? > > > > I think you are wrong. As far as I know there is no per-port stuff. > > Quite possibly. That's why I asked. :) > > ...but which clients would actually do this, and under what conditions? > > Of the Windows clients and servers, only W2K and XP-pro know how to work > with Kerberos (does /Me handled Kerberos auth?). I *imagine* that those > systems use port 445 instead of 139 whenever they can. If both client and > server know how to handle Kerberos then they likely also know how to use > port 445. > > So, unless I'm totally insane, the likelihood of Kerberos auth being used > over port 139 is low.
Samba 3.0 listening on 139 only. This can and does happen. Firewall rules, or anything else that makes the 445 connect fail. I would not attempt to draw this genralisation in a published work ;-) Andrew Bartlett
