1 <samba:parameter name="send spnego principal"
4 advanced="1" developer="1"
5 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
7 <para>This parameter determines whether or not
8 <citerefentry><refentrytitle>smbd</refentrytitle>
9 <manvolnum>8</manvolnum></citerefentry> will send the
10 server-supplied principal sometimes given in the SPNEGO
13 <para>If enabled, Samba can attempt to help clients to use
14 Kerberos to contact it, even when known only by IP address or a
15 name not registered with our KDC as a service principal name.
16 Kerberos relies on names, so ordinarily cannot function in this
19 <para>If disabled, Samba will send the string
20 not_defined_in_RFC4178@please_ignore as the 'rfc4178 hint',
21 following the updated RFC and Windows 2008 behaviour in this area.
24 <para>Note that Windows XP SP2 and later versions already ignored
25 this value in all circumstances. </para>
27 <value type="default">no</value>