+<samba:parameter name="client ipc signing"
+ context="G"
+ type="enum"
+ function="_client_ipc_signing"
+ enumlist="enum_smb_signing_vals"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+ <para>This controls whether the client is allowed or required to use SMB signing for IPC$
+ connections as DCERPC transport. Possible values
+ are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis>
+ and <emphasis>disabled</emphasis>.
+ </para>
+
+ <para>The default value is the same as the effective value of
+ <smbconfoption name="client signing"/> if the effective value of
+ <smbconfoption name="client ipc min protocol"/> is
+ <constant>NT1</constant>. In any other case the default value is
+ <constant>mandatory</constant>.</para>
+
+ <para>Note that the default value will be changed to <constant>mandatory</constant>
+ in all cases for Samba 4.5</para>
+
+ <para>When the effective value of this option is <constant>mandatory</constant>, SMB signing is required.</para>
+
+ <para>When set to auto, SMB signing is offered, but not enforced and if set
+ to disabled, SMB signing is not offered either.</para>
+
+ <para>Connections from winbindd to Active Directory Domain Controllers
+ always enforce signing.</para>
+</description>
+
+<related>client signing</related>
+
+<value type="default">default</value>
+</samba:parameter>