| blob | 1ccf88e06f3e4f867bb71b32e0dbcf1fea74c2c9 |
1 <samba:parameter name="client use kerberos"
2 context="G"
3 type="enum"
4 function="_client_use_kerberos"
5 enumlist="enum_use_kerberos_vals"
6 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
7 <description>
8 <para>
9 This parameter determines whether Samba client tools will try
10 to authenticate using Kerberos. For Kerberos authentication you
11 need to use dns names instead of IP addresses when connecting
12 to a service.
13 </para>
15 <para>Possible option settings are:</para>
16 <itemizedlist>
17 <listitem>
18 <para>
19 <emphasis>desired</emphasis> - Kerberos
20 authentication will be tried first and if it fails it
21 automatically fallback to NTLM.
22 </para>
23 </listitem>
25 <listitem>
26 <para>
27 <emphasis>required</emphasis> - Kerberos
28 authentication will be required. There will be no
29 fallback to NTLM or a different alternative.
30 </para>
31 </listitem>
33 <listitem>
34 <para>
35 <emphasis>off</emphasis> - Don't use
36 Kerberos, use NTLM instead or another
37 alternative.
38 </para>
39 </listitem>
40 </itemizedlist>
42 <para>
43 In case that weak cryptography is not allowed (e.g. FIPS mode)
44 the default will be forced to <emphasis>required</emphasis>.
45 </para>
46 </description>
48 <value type="default">desired</value>
49 </samba:parameter>