Depricate auth parameters in 3.6, remove in master?

Gennady G. Marchenko gennady.marchenko at itv.ru
Mon Jan 31 02:50:04 MST 2011


Hi Andrew

 >enable privileges = no
Why need delete this? As example I use this to delegate privil to user 
on multiple BDC... So i realy NEED to set this parameter to "yes".


Gennady.

> I would like to remove in master (for the 4.0 release) the following
> parameters, and to give our users fair warning, I would like these
> marked as deprecated in 3.6:
>
> security=share (per the discussion)
> username (only part of security=share username guessing)
> security=server
> encrypt passwords = no
> password level
> update encrypted
> use spnego = no
> server schannel = no
> auth methods
> enable privileges = no
> domain master = yes (when domain logons = no, ie not a DC)
> null passwords = yes (the meaning of the ACB_NOPWREQ isn't what we
> thought it was)
>
> I would like to remove these in master, so that I can work to bring more
> of our auth code in common, and by reducing the combinational complexity
> I can better assure that the changes are well tested, and allow a
> simpler long term solution.
>
> I would also like to deprecate the running of the smbd file server as a
> domain member without winbindd running.  (It need not be providing
> nsswitch, but having each connection contact the DC is very inefficient
> and creates races we have to lock against etc).
>
> I'm not wed to any of the above, but removing these configuration
> options would make it easier to merge the codebases for 4.0, which I
> would like to start on again soon.  Over the next few months, we can
> take feedback from our users running 3.6 about if we need to put any of
> these features back, or explain better how to work around features we
> remove.
>
> Thanks,
>
> Andrew Bartlett
>
>



More information about the samba-technical mailing list