Rowland Penny
2023-Mar-10 14:45 UTC
[Samba] AD Functional Level vs very old SaMBa member server
On 10/03/2023 14:18, Tam?s N?meth via samba wrote:> Okay then, this sounds very bad :-( One more thing: There is a system using > PAM SMB (https://www.samba.org/~airlied/) with lanman1 protocol on port > 139. After upgrading our domain level, will we be able to keep some MEMBER > servers, to which this PAM SMB remains to be able to authenticate via > TCP/139 and some kind of NTLM (let's say NTLMv1) authentication, or even > member servers will only authenticate via kerberos? >I have never used that module (to be honest, I had never heard of it), but a quick google shows that it seems to be no longer maintained, the last update appears to have been in 2005. Why do feel that you need it ? Perhaps if you explained your network as it is now and also (as I already asked you) post your existing smb.conf file(s) Rowland
Tamás Németh
2023-Mar-10 15:20 UTC
[Samba] AD Functional Level vs very old SaMBa member server
Well, thank you for still replying to me. The thing is that this particular SaMBa server is THE original Linux server of my working place, hosting tons of home made ancient perl and PHP programs written by former colleagues, and these programs interact with the dozens of SaMBa shares. This is why we never had the time to fully analyze its structure and upgrade it somehow while working on other projects. That PAM SMB module is used by the web server of the mentioned perl and PHP programs. Now we'd like to raise the functional level of our Windows domain, and we're afraid, we will have to completely analyze and replace this ancient server. The smb.conf is basically like the following: [global] netbios name = samba1 workgroup = AD interfaces = 192.168.0.8/24 bind interfaces only = yes security = domain username level = 0 password server = 192.168.0.8 encrypt passwords = yes name resolve order = wins bcast browsable = yes strict allocate = yes unix extensions = no dos charset = 852 unix charset = ISO8859-2 display charset = ISO8859-2 case sensitive = no default case = lower preserve case = yes short preserve case = yes Rowland Penny via samba <samba at lists.samba.org> ezt ?rta (id?pont: 2023. m?rc. 10., P, 15:46):> > > On 10/03/2023 14:18, Tam?s N?meth via samba wrote: > > Okay then, this sounds very bad :-( One more thing: There is a system > using > > PAM SMB (https://www.samba.org/~airlied/) with lanman1 protocol on port > > 139. After upgrading our domain level, will we be able to keep some > MEMBER > > servers, to which this PAM SMB remains to be able to authenticate via > > TCP/139 and some kind of NTLM (let's say NTLMv1) authentication, or even > > member servers will only authenticate via kerberos? > > > > I have never used that module (to be honest, I had never heard of it), > but a quick google shows that it seems to be no longer maintained, the > last update appears to have been in 2005. > > Why do feel that you need it ? > Perhaps if you explained your network as it is now and also (as I > already asked you) post your existing smb.conf file(s) > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Reasonably Related Threads
- AD Functional Level vs very old SaMBa member server
- AD Functional Level vs very old SaMBa member server
- AD Functional Level vs very old SaMBa member server
- AD Functional Level vs very old SaMBa member server
- AD Functional Level vs very old SaMBa member server