summaryrefslogtreecommitdiffstats
path: root/docs-xml/smbdotconf/security/serversigning.xml
diff options
context:
space:
mode:
Diffstat (limited to 'docs-xml/smbdotconf/security/serversigning.xml')
-rw-r--r--docs-xml/smbdotconf/security/serversigning.xml29
1 files changed, 29 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/security/serversigning.xml b/docs-xml/smbdotconf/security/serversigning.xml
new file mode 100644
index 0000000..0b7755a
--- /dev/null
+++ b/docs-xml/smbdotconf/security/serversigning.xml
@@ -0,0 +1,29 @@
+<samba:parameter name="server signing"
+ context="G"
+ type="enum"
+ enumlist="enum_smb_signing_vals"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+
+ <para>This controls whether the client is allowed or required to use SMB1 and SMB2 signing. Possible values
+ are <emphasis>default</emphasis>, <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis>
+ and <emphasis>disabled</emphasis>.
+ </para>
+
+ <para>By default, and when smb signing is set to
+ <emphasis>default</emphasis>, smb signing is required when
+ <smbconfoption name="server role"/> is <emphasis>active directory
+ domain controller</emphasis> and disabled otherwise.</para>
+
+ <para>When set to auto, SMB1 signing is offered, but not enforced.
+ When set to mandatory, SMB1 signing is required and if set
+ to disabled, SMB signing is not offered either.</para>
+
+ <para>For the SMB2 protocol, by design, signing cannot be disabled. In the case
+ where SMB2 is negotiated, if this parameter is set to <emphasis>disabled</emphasis>,
+ it will be treated as <emphasis>auto</emphasis>. Setting it to <emphasis>mandatory</emphasis>
+ will still require SMB2 clients to use signing.</para>
+</description>
+
+<value type="default">default</value>
+</samba:parameter>
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 06:08:13 +0000