Jeremy Allison <jra@samba.org>
Sent by: samba-bounces+webster=lexmark.com@lists.samba.org
03/22/05 12:11 PM
Please respond to Jeremy Allison
To: "Gerald (Jerry) Carter" <jerry@samba.org>
cc: samba@lists.samba.org, Anthony Linux
<anthony.linux@gmail.com>
Subject: Re: [Samba] Strong Session Key and XP
On Tue, Mar 22, 2005 at 05:10:18AM -0600, Gerald (Jerry) Carter
wrote:> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Anthony Linux wrote:
>
> ...
> | I did a diff of the default Win XP security settings
> | and what was applied by the template. Found the
> | culprit: Domain Member -- Require Strong
> | (Windows 2000 or later) Session Key: Enabled.
> |
> | Once I disabled that, it worked fine. Users
> | could login now, no problems.
> |
> | So, I wanted to share that tidbit, in case anyone
> | else is having this problem.
> |
> | Also, I was wondering if Samba can satisfy this
> | security setting? That is, keep the Strong Session
> | Key enabled on the XP workstation and configure the
> | server to comply? I'm worried that my security people
> | won't like me deviating from their default template
> | -- but if it's the only way to make it work, then so be
> | it.
>
> This is the 128-bit session key right ? Andrew Bartlett
> was working on that but has since jumped ship to work on
> Samba 4. So right now, no one is looking at this for
> Samba 3. But things can change.
It's on my list of things to do after the EA support for
OS/2 and the per-file-change-notify patch. So many things,
so little time.... I'll be bugging Mr. Bartlett about it
too :-).
Jeremy.
----------------
So, you're saying that OS/2 EA support is not currently in Samba3 ?
