On 6/12/23 9:22 AM, Rowland Penny via samba wrote:>
>
> On 12/06/2023 14:06, Robert Marcano wrote:
>> On 6/12/23 9:02 AM, Rowland Penny via samba wrote:
>>>
>>>
>>> On 12/06/2023 13:53, Robert Marcano via samba wrote:
>>>
>>>>
>>>> There exist a way to setup crypto policies with support for old
AD
>>>> crypto.
>>>>
>>>> RHEL 8 and derivative:
>>>> ?? update-crypto-policies --set DEFAULT:AD-SUPPORT
>>>>
>>>> RHEL 9 and derivative
>>>> ?? update-crypto-policies --set DEFAULT:AD-SUPPORT-LEGACY
>>>
>>> I thought there may be a way to use the old crypto, but:
>>> A) I was posting how I got it work, using the default Samba
krb5.conf
>>> file.
>>> B) Why would you want use old insecure crypto anyway ?
>>
>> I am not using it. I am trying to help about how to setup things
>> without removing configuration from cryptopolicies
>
> I understood that, but I was just replying about a post I made, where I
> stated that I did 'this' and it worked and you basically said
'no you
> should have done this' or that was the way I read it (rightly or
wrongly).
>
> email is a horrible way of communicating .
>
>>
>>>
>>>>
>>>> From: https://access.redhat.com/solutions/7004158
>>>>
>>>
>>> Not much point in posting a link that is behind a login wall.
>>
>> the two commands are on the public question, the pay walled answer is
>> about why the name change. It is still useful.
>
> To a certain extent, the commands, without the reason why they changed,
> will never be as useful as the commands with the reason why they changed.
for you, Let others decide what is useful for them or not. That is the
only reason I still post in this usually hostile mailing list.
>
> Rowland
>
>