This variable controls whether Samba clients will try
to use Simple and Protected NEGOciation (as specified by rfc2478) with
supporting servers (including WindowsXP, Windows2000 and Samba
3.0) to agree upon an authentication
mechanism. This enables Kerberos authentication in particular.
When is also set to
yes extended security (SPNEGO) is required
in order to use NTLMv2 only within NTLMSSP. This behavior was
introduced with the patches for CVE-2016-2111.
|Registry Path||Software\Policies\Samba\smb_conf\client use spnego|
|Value Name||client use spnego|