Web lists-archives.com

Re: [Samba] NTLM auth, better on a DC or on a DM?




On Mon, 10 Sep 2018 10:05:32 -0400
Gaiseric Vandal via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Would squid and freeradius support LDAP authentication with AD ?   I 
> don't know if you are using NTLM or NTLMv2.
> 

Yes, they both support ldap authentication, this is why, even though by
default NTLMv1 is now turned off, there is an option to turn it on for
this very reason: mschapv2-and-ntlmv2-only

Reading the man page has this:

mschapv2-and-ntlmv2-only - Only allow NTLMv1 when the client promises
that it is providing MSCHAPv2 authentication (such as the ntlm_auth
tool).

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba