From 8daa83a594a2e98f39d764422bfbdbc62c9efd44 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 19:20:00 +0200 Subject: Adding upstream version 2:4.20.0+dfsg. Signed-off-by: Daniel Baumann --- docs-xml/smbdotconf/security/clientusekerberos.xml | 49 ++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 docs-xml/smbdotconf/security/clientusekerberos.xml (limited to 'docs-xml/smbdotconf/security/clientusekerberos.xml') diff --git a/docs-xml/smbdotconf/security/clientusekerberos.xml b/docs-xml/smbdotconf/security/clientusekerberos.xml new file mode 100644 index 0000000..1ccf88e --- /dev/null +++ b/docs-xml/smbdotconf/security/clientusekerberos.xml @@ -0,0 +1,49 @@ + + + + This parameter determines whether Samba client tools will try + to authenticate using Kerberos. For Kerberos authentication you + need to use dns names instead of IP addresses when connecting + to a service. + + + Possible option settings are: + + + + desired - Kerberos + authentication will be tried first and if it fails it + automatically fallback to NTLM. + + + + + + required - Kerberos + authentication will be required. There will be no + fallback to NTLM or a different alternative. + + + + + + off - Don't use + Kerberos, use NTLM instead or another + alternative. + + + + + + In case that weak cryptography is not allowed (e.g. FIPS mode) + the default will be forced to required. + + + +desired + -- cgit v1.2.3