Change Samba to always use extended security for it's guest logins, (ie,

NTLMSSP with "" username, NULL password), and add --machine-pass (-P) to all of Samba's clients. When connecting to an Active Directory DC, you must initiate the CIFS level session setup with Kerberos, not a guest login. If you don't, your machine account is demoted to NT4. Andrew Bartlett (This used to be commit 3547cb3def45a90f99f67829a533eac1ccba5e77)
author: Andrew Bartlett <abartlet@samba.org> 2003-08-14 01:08:00 +0000
committer: Andrew Bartlett <abartlet@samba.org> 2003-08-14 01:08:00 +0000
commit: 172766eea7a374e910ea91c857fcce45996783a2 (patch)
tree: f666ba3739092714c6175f8e1adf834fa68f0f00 /source3/libsmb/smbencrypt.c
parent: 1eb7fe8eaf9306e9ef1447a6b47a5b91df8584cb (diff)
download: samba-172766eea7a374e910ea91c857fcce45996783a2.tar.gz
samba-172766eea7a374e910ea91c857fcce45996783a2.tar.bz2
samba-172766eea7a374e910ea91c857fcce45996783a2.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index 7a1a2d7d18..ada6a423f2 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -247,7 +247,7 @@ BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[
 	return True;
 }
 
-/* Does the md5 encryption from the NT hash for NTLMv2. */
+/* Does the md5 encryption from the Key Response for NTLMv2. */
 void SMBOWFencrypt_ntv2(const uchar kr[16],
 			const DATA_BLOB *srv_chal,
 			const DATA_BLOB *cli_chal,
author	Andrew Bartlett <abartlet@samba.org>	2003-08-14 01:08:00 +0000
committer	Andrew Bartlett <abartlet@samba.org>	2003-08-14 01:08:00 +0000
commit	172766eea7a374e910ea91c857fcce45996783a2 (patch)
tree	f666ba3739092714c6175f8e1adf834fa68f0f00 /source3/libsmb/smbencrypt.c
parent	1eb7fe8eaf9306e9ef1447a6b47a5b91df8584cb (diff)
download	samba-172766eea7a374e910ea91c857fcce45996783a2.tar.gz samba-172766eea7a374e910ea91c857fcce45996783a2.tar.bz2 samba-172766eea7a374e910ea91c857fcce45996783a2.zip