Web lists-archives.com

Re: [Samba] How to disable NTLM authentication on Samba




On Wed, 10 Oct 2018 16:07:24 -0400
Gaiseric Vandal via samba <samba@xxxxxxxxxxxxxxx> wrote:

> How would samba forward any requests on to any other service ?
> You can have sssd setup on a server if you also need to support
> things like ssh, sftp, and nfs but that is separate from samba's
> "Windows" services.
> 
> Or do you mean it forwards NTLM requests to a different server ?
> 
> 
> Disabling NTLM altogether would be a useful feature if you are trying
> to minimize the attack surface.
> 

smbd used to be able to do authentication, it now passes this to
winbind.

You should not run winbind with sssd because it has its own winbind
lib. So, if you are using sssd, you are not using winbind, so how can
it pass anything to sssd ?

I do not understand why people run sssd with Samba, there is very
little that sssd can do, that winbind cannot.

As I said, if you run sssd and are having problems, ask the sssd-users
mailing list first.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba