search for: ldapenforcechannelbind

Displaying 12 results from an estimated 12 matches for "ldapenforcechannelbind".

2018 Mar 16
0
Samba, AD and devices compatibility...
...t.com/en-us/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements If they say 'just use SSL', then the allow_sasl_over_tls part of that option is to address this issue: https://support.microsoft.com/en-us/help/4034879/how-to-add-the-ldapenforcechannelbinding-registry-entry We (and likely they) don't support the channel bindings (patches welcome!), but the protocol flaw (no link between the SSL and the NTLM/Kerberos handshake inside) is the one we are trying to avoid. The manpage is vague because we fixed our implementation before they did the...
2024 Aug 02
0
[Announce] Samba 4.20.3 Available for Download
...rrect tls channel bindings are required 'ldap server require strong auth = allow_sasl_without_tls_channel_bindings' should be used now, as 'allow_sasl_over_tls' will generate a warning in every start of 'samba', as well as '[samba-tool ]testparm'. This is similar to LdapEnforceChannelBinding under HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters on Windows. All client tools using ldaps also include the correct channel bindings now. smb.conf changes ================ Parameter Name Description Default -------------- --...
2024 Aug 02
0
[Announce] Samba 4.20.3 Available for Download
...rrect tls channel bindings are required 'ldap server require strong auth = allow_sasl_without_tls_channel_bindings' should be used now, as 'allow_sasl_over_tls' will generate a warning in every start of 'samba', as well as '[samba-tool ]testparm'. This is similar to LdapEnforceChannelBinding under HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters on Windows. All client tools using ldaps also include the correct channel bindings now. smb.conf changes ================ Parameter Name Description Default -------------- --...
2024 Jul 29
1
[Announce] Samba 4.21.0rc1 Available for Download
...rrect tls channel bindings are required 'ldap server require strong auth = allow_sasl_without_tls_channel_bindings' should be used now, as 'allow_sasl_over_tls' will generate a warning in every start of 'samba', as well as '[samba-tool ]testparm'. This is similar to LdapEnforceChannelBinding under HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters on Windows. All client tools using ldaps also include the correct channel bindings now. NEW FEATURES/CHANGES ==================== LDB no longer a standalone tarball ---------------------------------- LDB, Samba's LDAP-like loc...
2024 Jul 29
1
[Announce] Samba 4.21.0rc1 Available for Download
...rrect tls channel bindings are required 'ldap server require strong auth = allow_sasl_without_tls_channel_bindings' should be used now, as 'allow_sasl_over_tls' will generate a warning in every start of 'samba', as well as '[samba-tool ]testparm'. This is similar to LdapEnforceChannelBinding under HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters on Windows. All client tools using ldaps also include the correct channel bindings now. NEW FEATURES/CHANGES ==================== LDB no longer a standalone tarball ---------------------------------- LDB, Samba's LDAP-like loc...
2018 Mar 14
2
Samba, AD and devices compatibility...
Mandi! Andrew Bartlett via samba In chel di` si favelave... > > This mean that the printer try to auth in LDAP 'plain' (no SSL, no > > TLS), and so samba refuse that? > No, it means that Samba is refusing to accept a NTLM or Kerberos > authenticated connection without SIGN or SEAL negotiated, as an > attacker could take over an unprotected network connection and do
2024 Aug 20
0
[Announce] Samba 4.21.0rc3 Available for Download
...rrect tls channel bindings are required 'ldap server require strong auth = allow_sasl_without_tls_channel_bindings' should be used now, as 'allow_sasl_over_tls' will generate a warning in every start of 'samba', as well as '[samba-tool ]testparm'. This is similar to LdapEnforceChannelBinding under HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters on Windows. All client tools using ldaps also include the correct channel bindings now. NEW FEATURES/CHANGES ==================== LDB no longer a standalone tarball ---------------------------------- LDB, Samba's LDAP-like loc...
2024 Aug 20
0
[Announce] Samba 4.21.0rc3 Available for Download
...rrect tls channel bindings are required 'ldap server require strong auth = allow_sasl_without_tls_channel_bindings' should be used now, as 'allow_sasl_over_tls' will generate a warning in every start of 'samba', as well as '[samba-tool ]testparm'. This is similar to LdapEnforceChannelBinding under HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters on Windows. All client tools using ldaps also include the correct channel bindings now. NEW FEATURES/CHANGES ==================== LDB no longer a standalone tarball ---------------------------------- LDB, Samba's LDAP-like loc...
2024 Aug 27
0
[Announce] Samba 4.21.0rc4 Available for Download
...rrect tls channel bindings are required 'ldap server require strong auth = allow_sasl_without_tls_channel_bindings' should be used now, as 'allow_sasl_over_tls' will generate a warning in every start of 'samba', as well as '[samba-tool ]testparm'. This is similar to LdapEnforceChannelBinding under HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters on Windows. All client tools using ldaps also include the correct channel bindings now. NEW FEATURES/CHANGES ==================== LDB no longer a standalone tarball ---------------------------------- LDB, Samba's LDAP-like loc...
2024 Aug 27
0
[Announce] Samba 4.21.0rc4 Available for Download
...rrect tls channel bindings are required 'ldap server require strong auth = allow_sasl_without_tls_channel_bindings' should be used now, as 'allow_sasl_over_tls' will generate a warning in every start of 'samba', as well as '[samba-tool ]testparm'. This is similar to LdapEnforceChannelBinding under HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters on Windows. All client tools using ldaps also include the correct channel bindings now. NEW FEATURES/CHANGES ==================== LDB no longer a standalone tarball ---------------------------------- LDB, Samba's LDAP-like loc...
2024 Sep 02
0
[Announce] Samba 4.21.0 Available for Download
...rrect tls channel bindings are required 'ldap server require strong auth = allow_sasl_without_tls_channel_bindings' should be used now, as 'allow_sasl_over_tls' will generate a warning in every start of 'samba', as well as '[samba-tool ]testparm'. This is similar to LdapEnforceChannelBinding under HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters on Windows. All client tools using ldaps also include the correct channel bindings now. NEW FEATURES/CHANGES ==================== LDB no longer a standalone tarball ---------------------------------- LDB, Samba's LDAP-like loc...
2024 Sep 02
0
[Announce] Samba 4.21.0 Available for Download
...rrect tls channel bindings are required 'ldap server require strong auth = allow_sasl_without_tls_channel_bindings' should be used now, as 'allow_sasl_over_tls' will generate a warning in every start of 'samba', as well as '[samba-tool ]testparm'. This is similar to LdapEnforceChannelBinding under HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters on Windows. All client tools using ldaps also include the correct channel bindings now. NEW FEATURES/CHANGES ==================== LDB no longer a standalone tarball ---------------------------------- LDB, Samba's LDAP-like loc...