docs/docbook/smbdotconf/security/serverschannel.xml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

<samba:parameter name="server schannel"
                 context="G"
                 basic="1"
		 xmlns:samba="http://samba.org/common">
<listitem>

    <para>This controls whether the server offers or even
    demands the use of the netlogon schannel.
    <parameter>server schannel = no</parameter> does not
    offer the schannel, <parameter>server schannel =
    auto</parameter> offers the schannel but does not
    enforce it, and <parameter>server schannel =
    yes</parameter> denies access if the client is not
    able to speak netlogon schannel. This is only the case
    for Windows NT4 before SP4.</para>

    <para>Please note that with this set to
    <parameter>no</parameter> you will have to apply the
    WindowsXP requireSignOrSeal-Registry patch found in
    the docs/Registry subdirectory.</para>

    <para>Default: <command>server schannel = auto</command></para>
    <para>Example: <command>server schannel = yes</command></para>
</listitem>
</samba:parameter>