Web lists-archives.com

Re: [Samba] ldap server require strong auth = no

On Wed, 2018-06-13 at 10:06 -0700, Gregory Sloop via samba wrote:
> I, perhaps amazingly, have FreeNAS working properly now.
> One of the issues was that I needed to set ldap server require strong auth = no
> on the Samba DC.
> So, what are the implications of doing that?
> Does authentication happen over LDAP, or just user/group enumeration?

Yes, LDAP is often used by clients for authentication (often via a
simple bind)

> Is there a wiki page that covers that somewhere?
> [And how does Windows not suffer from the same security issues, if it's obviously not using signed/sealed LDAP?]

In short, it does.

Andrew Bartlett
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba