summaryrefslogtreecommitdiffstats
path: root/docs-xml/smbdotconf
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2014-09-05 17:38:38 +1200
committerStefan Metzmacher <metze@samba.org>2014-09-30 12:32:05 +0200
commitafe02d12f444ad9a6abf31a61f578320520263a9 (patch)
tree8826e55ffd9d93a8cde8db09679e9d147bee497a /docs-xml/smbdotconf
parente2cd3257141bd4a88cda1fff5bde9df60b253a97 (diff)
downloadsamba-afe02d12f444ad9a6abf31a61f578320520263a9.tar.gz
samba-afe02d12f444ad9a6abf31a61f578320520263a9.tar.xz
samba-afe02d12f444ad9a6abf31a61f578320520263a9.zip
winbindd: Change value of "ldap sasl wrapping" to sign
This is to disrupt MITM attacks between us and our DC Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'docs-xml/smbdotconf')
-rw-r--r--docs-xml/smbdotconf/ldap/clientldapsaslwrapping.xml8
1 files changed, 3 insertions, 5 deletions
diff --git a/docs-xml/smbdotconf/ldap/clientldapsaslwrapping.xml b/docs-xml/smbdotconf/ldap/clientldapsaslwrapping.xml
index 076b05ca16..e0ce700079 100644
--- a/docs-xml/smbdotconf/ldap/clientldapsaslwrapping.xml
+++ b/docs-xml/smbdotconf/ldap/clientldapsaslwrapping.xml
@@ -34,11 +34,9 @@
</para>
<para>
- The default value is <emphasis>plain</emphasis> which is not irritable
- to KRB5 clock skew errors. That implies synchronizing the time
- with the KDC in the case of using <emphasis>sign</emphasis> or
- <emphasis>seal</emphasis>.
+ The default value is <emphasis>sign</emphasis>. That implies synchronizing the time
+ with the KDC in the case of using <emphasis>Kerberos</emphasis>.
</para>
</description>
-<value type="default">plain</value>
+<value type="default">sign</value>
</samba:parameter>
generated by cgit (git 2.34.1) at 2024-09-24 02:16:37 +0000