|
|
In Win2k
A W2K server does not do this by default. W2K3 server expects to be used in a 'native environment' and thus acts this way per default.
I think the implications of this 'hint' are to be overlooked, since a mailicious machine must be a Samba client of some sort or a Windows client bound to Active Directory and have access to a known AD user's login and password, or at least know the ip-address of your AD servers and have access to a known AD user's login and password in order to do much.
Of course you will need to secure your subnet by turning off outside connections to your servers via ftp, telnet and smb.
This all said, this is still a corner stone in getting Single Sign-On, SSO, working for Mac OS X and Windows clients alike with your W2K3 Active Directory. -At least when integrating Open Directory services with AD servers through the LDAPv3 plugin. I do not know if this is actually the case with the AD plugin but expect it to be.
And yes: client ntlmv2 auth = yes works!!
For more information on Kerberos SSO and Mac OS X with W2K3 AD
In Win2k
This is a cool hint. Very helpful. We finally figured it out a while back - but it had us stumped for a LONG time.
But how do I make sure that our Macs are using NTLMv2 to connect? All running 10.3.8.
In Win2k
in /etc/ssmb.conf ensure that : |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.09 seconds |
|