git.samba.org / samba.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
CVE-2016-2112: docs-xml: add "ldap server require strong auth" option
[samba.git] / lib / param / loadparm.c
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 9a3451f4e352a8f5527f5f35ee39b739e0f9dfb0..d26a3f819c19b5bca25b04c3a02a3e6274b7c2c3 100644 (file)
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -2629,6 +2629,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
        lpcfg_do_global_parameter(lp_ctx, "ClientNTLMv2Auth", "True");
        lpcfg_do_global_parameter(lp_ctx, "LanmanAuth", "False");
        lpcfg_do_global_parameter(lp_ctx, "NTLMAuth", "True");
+       lpcfg_do_global_parameter(lp_ctx, "RawNTLMv2Auth", "False");
        lpcfg_do_global_parameter(lp_ctx, "client use spnego principal", "False");
 
        lpcfg_do_global_parameter(lp_ctx, "UnixExtensions", "True");
@@ -2809,6 +2810,8 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
 
        lpcfg_do_global_parameter(lp_ctx, "client ldap sasl wrapping", "sign");
 
+       lpcfg_do_global_parameter(lp_ctx, "ldap server require strong auth", "no");
+
        lpcfg_do_global_parameter(lp_ctx, "follow symlinks", "yes");
 
        lpcfg_do_global_parameter(lp_ctx, "machine password timeout", "604800");
Samba Shared Repository