blob: 0b7755acf19455badc053fff9635ba5b9257c521 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
<samba:parameter name="server signing"
context="G"
type="enum"
enumlist="enum_smb_signing_vals"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This controls whether the client is allowed or required to use SMB1 and SMB2 signing. Possible values
are <emphasis>default</emphasis>, <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis>
and <emphasis>disabled</emphasis>.
</para>
<para>By default, and when smb signing is set to
<emphasis>default</emphasis>, smb signing is required when
<smbconfoption name="server role"/> is <emphasis>active directory
domain controller</emphasis> and disabled otherwise.</para>
<para>When set to auto, SMB1 signing is offered, but not enforced.
When set to mandatory, SMB1 signing is required and if set
to disabled, SMB signing is not offered either.</para>
<para>For the SMB2 protocol, by design, signing cannot be disabled. In the case
where SMB2 is negotiated, if this parameter is set to <emphasis>disabled</emphasis>,
it will be treated as <emphasis>auto</emphasis>. Setting it to <emphasis>mandatory</emphasis>
will still require SMB2 clients to use signing.</para>
</description>
<value type="default">default</value>
</samba:parameter>
|
