CA-408843: XSI-1852: Set encryption type of machine account #6403
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
liulinC
force-pushed
the
private/linl/etype
branch
from
04e6799 to
6583745
Compare
|
This xapi will require new version of samba. |
lindig
reviewed
Apr 3, 2025
edwintorok
reviewed
Apr 3, 2025
edwintorok
reviewed
Apr 3, 2025
liulinC
force-pushed
the
private/linl/etype
branch
from
6583745 to
ac0ea24
Compare
edwintorok
reviewed
Apr 8, 2025
liulinC
force-pushed
the
private/linl/etype
branch
2 times, most recently
from
726c764 to
1753219
Compare
changlei-li
approved these changes
Apr 9, 2025
liulinC
force-pushed
the
private/linl/etype
branch
from
1753219 to
0d49ea7
Compare
psafont
reviewed
Apr 9, 2025
According to https://techcommunity.microsoft.com/blog/coreinfrastructureandsecurityblog/decrypting-the-selection-of-supported-kerberos-encryption-types/1628797 msDS-SupportedEncryptionTypes of machine account help to decide Service Ticket encryption type Some customer IT teams have strict encryption types limitation in their domains This commit add winbind_set_machine_account_kerberos_encryption_type and default to false. When enabled, xapi set the machine account encryption types consistent with the samba client Signed-off-by: Lin Liu <[email protected]>
liulinC
force-pushed
the
private/linl/etype
branch
from
0d49ea7 to
cbeb0fc
Compare
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
According to https://techcommunity.microsoft.com/blog/coreinfrastructureandsecurityblog/decrypting-the-selection-of-supported-kerberos-encryption-types/1628797 msDS-SupportedEncryptionTypes of machine account help to decide Service Ticket encryption type
Some customer IT teams have strict encryption types limitation in their domains
This commit add winbind_set_machine_account_kerberos_encryption_type and default to false. When enabled, xapi set the machine account encryption types consistent with the samba client