smbsrv should use SPNEGO (outbound authentication)
When smbsrv connects to AD servers for authentication work, it uses old security protocols. This can cause some AD servers to refuse connections from this server.
(See: http://support.microsoft.com/kb/942564 )
The authentication support in libsmbfs already supports SPNEGO (a.k.a. "extended security") so this feature will replace the smbsrv "smbrdr" library with a thin "shim" on libsmbfs.
Note: the inbound side of this problem is issue 1122
Updated by Gordon Ross almost 11 years ago
- Status changed from In Progress to Resolved
changeset: 13396:c1f01cd09a07 tag: tip user: Gordon Ross <email@example.com> date: Thu Jul 07 13:45:10 2011 -0400 description: 1121 smbsrv should use SPNEGO (outbound authentication) Reviewed by: Albert Lee <firstname.lastname@example.org> Reviewed by: Garrett D'Amore <email@example.com> Reviewed by: Robert Gordon <firstname.lastname@example.org> Approved by: Garrett D'Amore <email@example.com>