samba-mirror/clientusespnego.xml at d216db5cd5411d1a4a62ce0b7f43b685f9cd107f

mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00

Stefan Metzmacher 6cd48add11 CVE-2016-2111: docs-xml: document the new "client NTLMv2 auth" and "client use spnego" interaction

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

2016-04-12 19:25:24 +02:00

20 lines

850 B

XML

Raw Blame History

 <samba:parameter name="client use spnego"
                  context="G"
                  type="boolean"
                  xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
 <description>
     <para> This variable controls whether Samba clients will try
     to use Simple and Protected NEGOciation (as specified by rfc2478) with
     supporting servers (including WindowsXP, Windows2000 and Samba
 .0) to agree upon an authentication
     mechanism.  This enables Kerberos authentication in particular.</para>
     <para>When <smbconfoption name="client NTLMv2 auth"/> is also set to
     <constant>yes</constant> extended security (SPNEGO) is required
     in order to use NTLMv2 only within NTLMSSP. This behavior was
     introduced with the patches for CVE-2016-2111.</para>
 </description>
 <value type="default">yes</value>
 </samba:parameter>

20 lines 850 B XML Raw Blame History

20 lines

850 B

XML

Raw Blame History