diff options
author | Volker Lendecke <vlendec@samba.org> | 2003-04-04 15:21:04 +0000 |
---|---|---|
committer | Volker Lendecke <vlendec@samba.org> | 2003-04-04 15:21:04 +0000 |
commit | 02bb4e1b8ae931d9eefa2fbd4a6f5456aca99b2b (patch) | |
tree | 099bc90dbf63fd218f7f6d45cf88223b172c0c34 /docs/docbook/smbdotconf/security/serverschannel.xml | |
parent | d9613a1a3c37dca9f695b1361a0fd5d2b3f503cd (diff) | |
download | samba-02bb4e1b8ae931d9eefa2fbd4a6f5456aca99b2b.tar.gz samba-02bb4e1b8ae931d9eefa2fbd4a6f5456aca99b2b.tar.bz2 samba-02bb4e1b8ae931d9eefa2fbd4a6f5456aca99b2b.zip |
This is a merge of the NETLOGON schannel server code from Samba
TNG. Actually, it exists in the main Samba cvs tree in APPLIANCE_TNG
as I found out later :-)
It adds a new parameter: server schannel = yes/auto/no defaulting to
auto.
What does this mean to the user: No requireSignOrSeal registry patch
for XP anymore.
Many thanks for this code to Luke Leighton, Elrond and anybody else I
forgot to mention.
My next thing will be to see if this applies cleanly to 3_0.
Please test and comment!
Volker
(This used to be commit e1f953241eb020f19fe657f29afdae28dcf5a03b)
Diffstat (limited to 'docs/docbook/smbdotconf/security/serverschannel.xml')
-rw-r--r-- | docs/docbook/smbdotconf/security/serverschannel.xml | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/docs/docbook/smbdotconf/security/serverschannel.xml b/docs/docbook/smbdotconf/security/serverschannel.xml new file mode 100644 index 0000000000..05261fa417 --- /dev/null +++ b/docs/docbook/smbdotconf/security/serverschannel.xml @@ -0,0 +1,24 @@ +<samba:parameter xmlns:samba="http://samba.org/common"> + <term><anchor id="SERVERSCHANNEL"/>server schannel (G)</term> + <listitem> + + <para>This controls whether the server offers or even + demands the use of the netlogon schannel. + <parameter>server schannel = no</parameter> does not + offer the schannel, <parameter>server schannel = + auto</parameter> offers the schannel but does not + enforce it, and <parameter>server schannel = + yes</parameter> denies access if the client is not + able to speak netlogon schannel. This is only the case + for Windows NT4 before SP4.</para> + + <para>Please note that with this set to + <parameter>no</parameter> you will have to apply the + WindowsXP requireSignOrSeal-Registry patch found in + the docs/Registry subdirectory.</para + + <para>Default: <command>server schannel = auto</command></para> + + <para>Example: <command>server schannel = yes</command>/para> + </listitem> + <samba:parameter>
\ No newline at end of file |