Web lists-archives.com

Re: [Samba] freeradius + NTLM + samba AD 4.5.x




On Mon, 26 Mar 2018 14:06:24 +0200
"Dr. Peer-Joachim Koch via samba" <samba@xxxxxxxxxxxxxxx> wrote:

> Hi,
> 
> we have updated our samba AD domain from 4.4.x to 4.5.x.
> 
> The release notes for 4.5.0 included  "NTLMv1 authentication disabled
> by default".
> 
> So we had to enable it to get our radius (freeradius) server working 
> (for 802.1x).
> 

You would probably be better off asking freeradius.

> What would be the best way to change the freeradius configuration in 
> such a way,
> 
> that we can disable NTLMv1 again.
> 
> The radius server is used for WLAN (802.1x) and for VPN.
> 
> How insecure is NTLMv1 ?
> 

Have you ever heard of 'wannacry' ? or to put it another way 'VERY
insecure'

Rowland
 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba