Forgotten from WHATSNEW: security=share and security=server removal
Michael Adam
obnox at smba.org
Wed Dec 19 16:15:06 MST 2012
Hi Andrew,
On 2012-12-20 at 10:01 +1100, Andrew Bartlett wrote:
> I just realised while explaining to other users what Samba 4.0 is and is
> not, that we forgot to mention that security=server and security=share
> went away in Samba 4.0. We should probably fix that.
Thanks for bringing this up.
The removal was at least mentioned in the "whitepaper":
http://wiki.samba.org/index.php/Samba_4.0_Whitepaper
which was referenced in the release notes.
Cheers - Michael
> Both of these security= options were neat hacks in their time, but like
> all hacks they came at a cost, particularly in the complexity of the
> internal code and their reliability in the face of clients that use
> NTLMv2 by default.
>
> For security=server, we recommend joining the domain and using
> security=ads (or server role = 'domain member'). For security=share the
> default security=user covers most use cases, but specifically for public
> servers see https://wiki.samba.org/index.php/Public_Samba_Server
>
> Andrew Bartlett
> --
> Andrew Bartlett http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20121220/341d1451/attachment.pgp>
More information about the samba-technical
mailing list