Displaying 4 results from an estimated 4 matches for "hardening_samba_as_an_ad_dc".
2024 May 17
1
Setting up Samba as a Domain Member when AD DC is set to enforced LDAP Signing
...is enforced in the Active
> Directory DC?
>
> Thanks
> Andrea
I don't think there is anything you can set on a Samba Unix domain
member, it will have little or nothing to do with any arbitrary ldap
searches run on it.
You might like to read this:
https://wiki.samba.org/index.php/Hardening_Samba_as_an_AD_DC
Where it says this:
Microsoft has chosen a different path to addressing this issue, and
instead would like AD clients to include a session-specific value in
the NTLMv2 response, known a channel binding. Samba doesn't set this as
a client nor does it check this as a server, at this time.
I kn...
2024 Jun 05
1
Classicupgrade FL 2012_R2 NTLM/Kerberos logon
...elp you I need some more information. Are you migrating from a
Windows Server environment? If so, what version. I think a 2008_R2
domain level should not be much of an issue. From a security aspect you
can do a few things like only using SMB3 and strong encryption.
https://wiki.samba.org/index.php/Hardening_Samba_as_an_AD_DC
Darin
2024 May 17
1
Setting up Samba as a Domain Member when AD DC is set to enforced LDAP Signing
Hello,
I have configured a Samba server (Version 4.15.13-Ubuntu) as an Active
Directory domain member, and it joined successfully to the domain and it's
working fine, I have used the following Samba wiki:
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
Now, my customer decided to enforce the LDAP signing in the Active
Directory DC.
I can't find any specific setting
2024 Jun 06
2
Classicupgrade FL 2012_R2 NTLM/Kerberos logon
...ait before
moving to FL 2012_R2 at least until Samba 4.20 is released on FreeBSD
(currently only 4.19 is available), regardless of the migration method
we choose. I will replay the classicupgrade today after adapting my
Ansible playbooks accordingly.
>
> https://wiki.samba.org/index.php/Hardening_Samba_as_an_AD_DC
>
> Darin
>
Regards,