Ok, I talked to somebody from the Samba team, and was told: === cut === > > When I use a Windows client to connect to a NT style domain run on a > > number of Samba servers, and then connect to a share on a domain > > server, is the domain server authenticated to the client in any form? Only if the client demands smb signing, and the server offers it. Yeah, this sucks for security - currently only DCs demand that their clients connect with smb signing, and I don't know how to force a client to demand signing (or refuse to connect) :-) === cut === So, if I read this correctly, it should be possible to setup a domain client to use smb signing in order to authenticate the server, but I don't know how to do it. Authentication occurs in the other direction, that is the domain controller authenticates the client before the client is trusted. -- Brian May <bam at snoopy.apana.org.au> wpkg-users mailing list wpkg-users at lists.wpkg.org http://lists.wpkg.org/mailman/listinfo/wpkg-users |