On Thu, Aug 26, 2010 at 10:41 AM, Masopust, Christian
christian.masop...@siemens.com wrote:
Hello all,
as our Windows DCs will switch off DES encryption in the near future I
have to change our
Samba-Server to AES encryption.
If I understand it correctly I have to change kerberos-configuration to
new encryption type
(aes256-cts-hmac-sha1-96) and then re-join my Samba-Server to the
domain.
Is this correct? Any other things to consider?
Thanks a lot,
Christian
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
i don't know how helpful this will be, but i will need to do the same.
i believe the samba server should generate the supported encryption
types from AD.
Not sure you have to manually change it, but the following blog posts
i have found helpful.
http://blogs.msdn.com/b/alextch/archive/tags/ad+interop/
This is one 2006 howto video on migrating from DES to RC4.
http://blogs.msdn.com/b/alextch/archive/2006/07/18/MITtoADRC4.aspx
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba