Depricate auth parameters in 3.6, remove in master?
yaberger at ca.ibm.com
yaberger at ca.ibm.com
Tue Feb 8 09:38:05 MST 2011
Hi Andrew,
Regarding this post on samba-technical mailing list
http://lists.samba.org/archive/samba-technical/2011-January/076053.html
We are still using these two settings on different SMB services:
security = share
encrypt passwords = no
For "security = share", it's a public SMB service that provides read-only
or write-only access.
No id/password need to be provided but this would not be the case with
"security = user" from my understanding.
Is it possible to provide the same kind of SMB service without security =
share?
As for "encrypt password = no", well... we have plans to get rid of it but
we currently rely on PAM authentication (which needs to be clear text) and
DCE behind PAM for authentication/authorization.
We're still many months away from replacing DCE by a LDAP/KRB solution.
The current discussion regarding the release of Samba 4.0 and the future
of Samba 3.x is also getting my attention.
As I would enjoy to see the release of Samba 4.0 and understand that the
focus should be toward this one , I'm hoping that Samba 3.x last release
to remain in maintenance mode / security fixes only for a longer period.
Current status is:
Samba 3.0 - discontinued
Samba 3.2 - discontinued
Samba 3.3 - security fixes only
Samba 3.4 - maintenance mode
Samba 3.5 - current series
Samba 3.6 - upcoming release series
Once 3.6 is released, I'm expecting to see:
Samba 3.3 - discontinued
Samba 3.4 - security fixes only
Samba 3.5 - maintenance mode
Samba 3.6 - current series
But after that, depending on the release planning and schedule, it could
become a problem for us.
Lets just imagine that 4.0 could be released on January 2012 and 3.6 is
the last 3.x release.
With a 9 months release schedule, 4.2 could be out in mid 2013.
Samba statement of maintenance would looks like:
Samba 3.6 - discontinued
Samba 4.0 - security fixes only
Samba 4.1 - maintenance mode
Samba 4.2 - current series
Will we have removed our dependency on these two settings in mid 2013?
I hope... But it's possible we'll not have completed our transition.
Best regards,
Yannick Bergeron
yaberger at ca.ibm.com
IT Specialist
AIX / Samba / Load Balancer / DCE/DFS / SCM / Apache / Security / Perl
scripting / etc.
More information about the samba-technical
mailing list