Depricate auth parameters in 3.6, remove in master?

[Andrew Bartlett]

I would like to remove in master (for the 4.0 release) the following
parameters, and to give our users fair warning, I would like these
marked as deprecated in 3.6:

security=share (per the discussion)
username (only part of security=share username guessing)
security=server
encrypt passwords = no
password level
update encrypted
use spnego = no
server schannel = no
auth methods
enable privileges = no
domain master = yes (when domain logons = no, ie not a DC)
null passwords = yes (the meaning of the ACB_NOPWREQ isn't what we
thought it was)

I would like to remove these in master, so that I can work to bring more
of our auth code in common, and by reducing the combinational complexity
I can better assure that the changes are well tested, and allow a
simpler long term solution. 

I would also like to deprecate the running of the smbd file server as a
domain member without winbindd running.  (It need not be providing
nsswitch, but having each connection contact the DC is very inefficient
and creates races we have to lock against etc). 

I'm not wed to any of the above, but removing these configuration
options would make it easier to merge the codebases for 4.0, which I
would like to start on again soon.  Over the next few months, we can
take feedback from our users running 3.6 about if we need to put any of
these features back, or explain better how to work around features we
remove. 

Thanks,

Andrew Bartlett

 
-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.