From 172766eea7a374e910ea91c857fcce45996783a2 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 14 Aug 2003 01:08:00 +0000 Subject: Change Samba to always use extended security for it's guest logins, (ie, NTLMSSP with "" username, NULL password), and add --machine-pass (-P) to all of Samba's clients. When connecting to an Active Directory DC, you must initiate the CIFS level session setup with Kerberos, not a guest login. If you don't, your machine account is demoted to NT4. Andrew Bartlett (This used to be commit 3547cb3def45a90f99f67829a533eac1ccba5e77) --- source3/rpc_client/cli_pipe.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/rpc_client/cli_pipe.c') diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 5467c022f2..52395b39c9 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -1586,7 +1586,7 @@ NTSTATUS cli_nt_setup_netsec(struct cli_state *cli, int sec_chan, const uchar trust_password[16]) { NTSTATUS result; - uint32 neg_flags = 0x000001ff; + uint32 neg_flags = 0x000701ff; cli->pipe_auth_flags = 0; if (lp_client_schannel() == False) { -- cgit