similar to: LDAP Migration

Hi All, Well, despite my general idiocy I've managed to get PDC and roving profiles working perfectly in my test situation. Obviously, this isn't good enough since computers are the devil, so I've run into some more problems. Fortunately for the Samba team, this isn't a problem with Samba - I think it's more a problem with how our network is set up here. Basically,

It is my understanding that roving profiles cannot be implemented without using encrypted passwords. It is also my understanding that encrypted passwords cannot be implemented without pointing smb.conf to a windows password server. I'm trying to set up a samba server on a Linux (RedHat 7.3) to act as a PDC and a provider for roving profiles - when I do things with cleartext (encryption

Hello, we migrate from Samba 2.2 to Samba 3.020b. We have the problem now, that some clients can not connect to the Samba Server. In the log there are messages like that: [2006/02/23 08:49:20, 2] smbd/sesssetup.c:setup_new_vc_session(704) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2006/02/23 08:49:20, 2] auth/pampass.c:smb_pam_auth(514)

Hi, I'm looking for some help to migrate from plain text to encrypted passwords. I'm using smbpasswd for authentication on a FreeBSD 4.9 server with samba 2.2.8. When we set up our server, we had Win95 clients with plain text passwords. As we introduced Win98 clients, we just kept with the plain text passwords. Now we are looking at XP clients and enctrypted passwords. My understanding

Hi, we have following situation: I migrated our company mailserver from POP3 only to dovecot with IMAP and POP. We need to have unencrypted POP3 from our internal network, and the subnet our mailserver is in. Additionally, we now want to allow encrypted IMAP from the internet (for some defined accounts), preferably with TLS (which means I open Port 143 in our firewall). Now, how can I

I'm terribly sorry for the double-post, but it seems there was a problem with the attachments the first time around. Here goes the second attempt. Am 07.01.19 um 15:58 schrieb René Bräuer via samba: > Hello everyone, > > I'm trying to mount a CIFS share served by Windows 10 Samba with encryption. > > On the Windows server side, I made a regular share and told Windows via

Hi, Is it possible to configure Dovecot to reject mail that is not encrypted. In other words: 1. If the user tries to send an unencrypted message from their MUA, the server rejects it. 2. If a third-party tries to send an unencrypted message to the user, the server rejects it. The end result would be that no mail stored on the server can be decrypted by the administrator. I am aware that: *

I was excited to update my system to CentOS 7.3/1611 yesterday when the release announcement came through, but since then I've been running into some serious kernel issues. I've been successfully running 7.2 on a Thinkpad X301 for about 6 months now, with an encrypted disk that unlocks with a password at boot time. I think that's LUKS on LVM? I didn't tinker with the default

Hello everyone, I'm trying to mount a CIFS share served by Windows 10 Samba with encryption. On the Windows server side, I made a regular share and told Windows via Powershell command Set-SmbServerConfiguration -EncryptData 1 to encrypt the data if possible, and via Set-SmbServerConfiguration -RejectUnencryptedAccess 1 to reject unencrypted connections instead of negotiating an unencrypted

Hi David, I don't know how to do what you want with dovecot, but what you are asking is easy and straightforward with Postfix. Postfix can easily be configured to feed mail through a milter ("mail filter") interface. You would just need to write a milter (there is a nice python library) that checks if the messages is "encrypted" to your specifications and tells Postfix

On 10/29/24 3:08 PM, Hans van Leeuwen wrote: > Kerberos is used to encrypt the SMB packages. encryption is done with one of the supported encryption ciphers like AES-CCM or AES-GCM. Encryption keys are derived from key material established when a connection is authenticated via NTLM or Kerberos, but generally the authentication protocol used (NTLM or Kerberos) is independent from

Hello, Now I'm trying to move the LDAP backend from the master OpenLDAP server to a slave one. The ACL rules for all directories requires a "ssf = 112" (Security Strength Factor) just to be sure that all connections are properly encrypted. Also the slave directory has a referral directive pointing the master directory. Samba works perfectly with the slave directory except when

https://bugzilla.mindrot.org/show_bug.cgi?id=1430 Summary: Restore support for "none" cipher, i.e., unencrypted connections Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: Other OS/Version: Other Status: NEW Severity: normal Priority: P2

Hello man smb.conf encrypt passwords says: "This boolean controls whether encrypted passwords will be negotiated with the client. Note that Windows NT 4.0 SP3 and above and also Windows 98 will by default expect encrypted passwords unless a registry entry is changed." What does this mean? From my point of view it can mean 4 totally different things: 1) That when I run smbd with

On Sat, 11 Nov 2017 11:02:31 +0100 "Stefan G. Weichinger via samba" <samba at lists.samba.org> wrote: > > A customer asked me if someone would be able to sniff (wireshark or > something like that) a password if plugging into the same switch as > their samba server. > > They use a desktop icon pointing at a plain old bat-file containing a > "net

Hello, I'm using geli on laptop PC with only one HDD. Disk is divided into two slices, ad0s1 and ad0s2. Second slice (ad0s2) is encrypted with GEOM ELI using two-factor authentication - passphrase plus keyfile on USB drive. FreeBSD is installed on ad0s2.eli and first slice is not used by this system so let's say that I've got a full disk encryption. Now my question - is it safe

I've documented a desire to do this for a while, time to actually follow through and support connecting as a client to a TCP server. Note that it is desirable to support the plugin connecting to an encrypted server over TCP, then exposing the raw data over a local Unix socket; that aspect requires yet more work, left for another day. But even allowing an old-style client to connect to an

Machine info- (names are netbios names) LINUXBOX OS: LFS-4.1 Linux SAMBA 2.2.8 No CUPS installed Ran SWAT once just to get a basic config file, no shares from this machine. DESKTOP OS: Windows XP Home SP1 Sharing a HP Deskjet 648C through LPT1 Sharing is enabled on LAN connection Only has one user, Mike, that has no password I can do "smbclient -L DESKTOP" and it will list its shares.

* Change the title so it's informative and searchable. * Remove references to the non-libnbd plugin. * Headings for examples. * Correct reference to qemu-nbd(8) man page. * General copy-editing to improve readability. * Change style in places so it matches other manual pages. --- plugins/nbd/nbdkit-nbd-plugin.pod | 192 +++++++++++++++++------------- 1 file changed, 109 insertions(+), 83

* Change the title so it's informative and searchable. * Remove references to the non-libnbd plugin. * Headings for examples. * Correct reference to qemu-nbd(8) man page. * General copy-editing to improve readability. * Change style in places so it matches other manual pages. --- plugins/nbd/nbdkit-nbd-plugin.pod | 192 +++++++++++++++++------------- 1 file changed, 109 insertions(+), 83