On Sat, 2004-04-17 at 03:31, Adrian Newby wrote: > Hello experts, > > I�ll try and keep this brief but detailed (if that�s possible.). I�m sure I > don�t understand the technologies sufficiently but I believe I�m seeing > counter-intuitive behavior with my Samba 3 setup. What I want is nice, > tight Win 2K3 security. What I�ve got is ADS integration, including domain > user authentication using winbind, but I can�t get the security level right. > > Problem summary: > ---------------------- > Samba 3.0.2a on Solaris 9 is configured with ADS security. > Lanman and NTLM authentication is prohibited. > Clients requesting NTLMv2 authentication result in NT_STATUS_ACCESS_DENIED, > even though the log suggests authentication is successful. > Clients requesting NTLM authentication are accepted and authenticated. > Also, cannot establish initial SMB session when packet signing enforced. > (log not provided)
Try all this with a current subversion checkout, or 3.0.3rc1. The ACCESS_DENIED is because the tree connect appears not to have a valid vuid (the token returned by a session setup), which is most odd.. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
