Samba send SPNEGO if Extended Security is ON
in [Samba]
|
From: Gerald (Jerry) Carter on 21 Apr 2008 10:20 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jewelyn Catingub wrote: > I've checked the samba code (sessetup) and found out that samba > always send spnego packet when Extended Security capability is ON. > (This can't be turned off/on ie. "use spnego = false") > > Does it mean I can "never" connect to smb server that doesn't > support spnego if Extended Security is supported by server? > Is my understanding correct? The extended security bit == spnego support. See section 4.1.1 in the SNIA CIFS tech reference. cheers, jerry - -- ===================================================================== Samba ------- http://www.samba.org Likewise Software --------- http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIDKIrIR7qMdg1EfYRAsTNAKCT1HGkR463ksmWGmvRYE31AJq0KgCfapcM GbAuxzGltsPLa5qIOhdiwqc= =0lTR -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
From: Jewelyn Catingub on 22 Apr 2008 08:10 Thanks for your reply. But in Windows, we encountered Raw NTLMSSP (not wrapped by spnego) even if Extended Security bit is ON when there is no KDC in the workgroup. (Well, we are not sure if that was really the reason) Why is that so? ----- Original Message ---- From: Gerald (Jerry) Carter <jerry(a)samba.org> To: Jewelyn Catingub <jeweldaj(a)yahoo.com> Cc: samba(a)lists.samba.org Sent: Monday, April 21, 2008 10:18:19 PM Subject: Re: [Samba] Samba send SPNEGO if Extended Security is ON -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jewelyn Catingub wrote: > I've checked the samba code (sessetup) and found out that samba > always send spnego packet when Extended Security capability is ON. > (This can't be turned off/on ie. "use spnego = false") > > Does it mean I can "never" connect to smb server that doesn't > support spnego if Extended Security is supported by server? > Is my understanding correct? The extended security bit == spnego support. See section 4.1.1 in the SNIA CIFS tech reference. cheers, jerry - -- ===================================================================== Samba ------- http://www.samba.org Likewise Software --------- http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIDKIrIR7qMdg1EfYRAsTNAKCT1HGkR463ksmWGmvRYE31AJq0KgCfapcM GbAuxzGltsPLa5qIOhdiwqc= =0lTR -----END PGP SIGNATURE----- ____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
From: Gerald (Jerry) Carter on 22 Apr 2008 08:50 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jewelyn Catingub wrote: > Thanks for your reply. > > But in Windows, we encountered Raw NTLMSSP (not wrapped by spnego) > even if Extended Security bit is ON when there is no KDC in the workgroup. > (Well, we are not sure if that was really the reason) > Why is that so? Hmm...What clients ? cheers, jerry - -- ===================================================================== Samba ------- http://www.samba.org Likewise Software --------- http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIDdy3IR7qMdg1EfYRAnErAKDf1MQHPNcq7Mtt8TKc22DKY5EcjwCg0Ue9 Ta/07h63sBNVc2Vs1pubMFA= =8Bw6 -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
From: Jewelyn Catingub on 22 Apr 2008 09:10 ----- Original Message ---- From: Gerald (Jerry) Carter <jerry(a)samba.org> To: Jewelyn Catingub <jeweldaj(a)yahoo.com> Cc: samba(a)lists.samba.org Sent: Tuesday, April 22, 2008 8:40:23 PM Subject: Re: [Samba] Samba send SPNEGO if Extended Security is ON -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jewelyn Catingub wrote: > Thanks for your reply. > > But in Windows, we encountered Raw NTLMSSP (not wrapped by spnego) > even if Extended Security bit is ON when there is no KDC in the workgroup. > (Well, we are not sure if that was really the reason) > Why is that so? Hmm...What clients ? Windows clients cheers, jerry - -- ===================================================================== Samba ------- http://www.samba.org Likewise Software --------- http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIDdy3IR7qMdg1EfYRAnErAKDf1MQHPNcq7Mtt8TKc22DKY5EcjwCg0Ue9 Ta/07h63sBNVc2Vs1pubMFA= =8Bw6 -----END PGP SIGNATURE----- ____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
From: Gerald (Jerry) Carter on 22 Apr 2008 11:00 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jewelyn Catingub wrote: > > ----- Original Message ---- > From: Gerald (Jerry) Carter <jerry(a)samba.org> > To: Jewelyn Catingub <jeweldaj(a)yahoo.com> > Cc: samba(a)lists.samba.org > Sent: Tuesday, April 22, 2008 8:40:23 PM > Subject: Re: [Samba] Samba send SPNEGO if Extended Security is ON > > Jewelyn Catingub wrote: >> Thanks for your reply. > >> But in Windows, we encountered Raw NTLMSSP (not wrapped by spnego) >> even if Extended Security bit is ON when there is no KDC in the > workgroup. >> (Well, we are not sure if that was really the reason) >> Why is that so? > > Hmm...What clients ? > > Windows clients yes. I figured that. But what versions and service packs? cheers, jerry - -- ===================================================================== Samba ------- http://www.samba.org Likewise Software --------- http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIDfvgIR7qMdg1EfYRAinKAJ4/7g8moK3Kq98kgK5ykcy/seJOfwCfXisi OU47EbjF9zbpRiqiJudLaH4= =4Vjh -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
Next
|
Last
Pages: 1 2 Prev: [Samba] Samba send SPNEGO if Extended Security is ON Next: [Samba] samba pdc and xp host |