| commit | a9d543cdfce1d0ff2976a20bb8f15f68d9de0a41 | |
| author | Joseph Sutton <josephsutton@catalyst.net.nz> | |
| Mon, 3 Apr 2023 04:49:50 +0000 (3 16:49 +1200) | ||
| committer | Andrew Bartlett <abartlet@samba.org> | |
| Wed, 21 Jun 2023 19:08:37 +0000 (21 19:08 +0000) | ||
| tree | 2243b75e7948fe27cfea1615eea7130312d40eee | treesnapshot (tar.gz zip) |
| parent | c95813374a4fa92b446041696baf617d7b19a7f2 | commitdiff |
s4:kdc: Gate claims, auth policies and NTLM restrctions behind 2012/2016 FLs
Samba security features like AD claims, Authentication Policies and
Authentication Silos are enabled once the DC is at the required functional level.
We comment at the callers of of dsdb_dc_functional_level() to explain
why we do this.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Samba security features like AD claims, Authentication Policies and
Authentication Silos are enabled once the DC is at the required functional level.
We comment at the callers of of dsdb_dc_functional_level() to explain
why we do this.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
| WHATSNEW.txt | diffblobblamehistory | |
| source4/kdc/ad_claims.c | diffblobblamehistory | |
| source4/kdc/ad_claims.h | diffblobblamehistory | |
| source4/kdc/authn_policy_util.c | diffblobblamehistory |