Link to home
Start Free TrialLog in
Avatar of PaulADavis
PaulADavisFlag for United States of America

asked on

SMB Signing

How does SMB signing work for 2008/2012 servers that are not joined to a domain. In particular, i'm looking to set it to require digital signing always and i'd like to have a better understanding of the implications of doing that with non-domain joined servers.
How exactly is communication digitally signed? What mechanism is used and how will systems not in the same workgroup/domain react?
ASKER CERTIFIED SOLUTION
Avatar of Cliff Galiher
Cliff Galiher
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of PaulADavis

ASKER

Thanks Cliff. Do you know what is used to generate the key?
I don't specifically. Windows has a few standard API for generating such things so I'd assume it uses one of those mechanisms. I doubt they'd write their own non-standard variant.  But I don't know for sure, nor which API they'd likely have used.
I found this: https://blogs.msdn.microsoft.com/chiranth/2013/09/20/ntlm-want-to-know-how-it-works/ 
So looks like it uses credentials to generate a hash. That is the information that I was looking to confirm.

Thanks again Cliff.