Forgotten from WHATSNEW: security=share and security=server removal

Michael Adam obnox at
Wed Dec 19 16:15:06 MST 2012

Hi Andrew,

On 2012-12-20 at 10:01 +1100, Andrew Bartlett wrote:
> I just realised while explaining to other users what Samba 4.0 is and is
> not, that we forgot to mention that security=server and security=share
> went away in Samba 4.0.  We should probably fix that.

Thanks for bringing this up.

The removal was at least mentioned in the "whitepaper":

which was referenced in the release notes.

Cheers - Michael

> Both of these security= options were neat hacks in their time, but like
> all hacks they came at a cost, particularly in the complexity of the
> internal code and their reliability in the face of clients that use
> NTLMv2 by default.  
> For security=server, we recommend joining the domain and using
> security=ads (or server role = 'domain member').  For security=share the
> default security=user covers most use cases, but specifically for public
> servers see
> Andrew Bartlett
> -- 
> Andrew Bartlett                      
> Authentication Developer, Samba Team 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: not available
URL: <>

More information about the samba-technical mailing list