Disabling SMB1 by default
Rowland Penny
rpenny at samba.org
Wed Jun 21 08:08:14 UTC 2017
On Wed, 21 Jun 2017 15:28:51 +1200
Andrew Bartlett <abartlet at samba.org> wrote:
> On Tue, 2017-06-20 at 17:37 +0100, Rowland Penny via samba-technical
> wrote:
> >
> > I think that there may be a problem if SMB1 is disabled, probably
> > every
> > NT4-style domain will stop working after Samba is upgraded.
> >
> > Is this the time to admit that we need to stop supporting them ?
>
> Not until the last site stops using it (more or less).
>
> At the moment it isn't a high maintainence cost (every file server is
> a mini-DC under the hood, with the SAM anyway) and there is a lot of
> it still in use.
>
> I won't give examples in public, but I keep expecting it will just
> stop working and force a migration, and I keep finding that folks
> make it work and still have large organisations running on it!
>
> Hopefully some future work to make our AD DC scale as well as OpenLDAP
> and have more posix-helpful features will push more folks to finally
> switch it off, but the lifetime is still measured in years!
>
> Sorry,
>
> Andrew Bartlett
Hi Andrew, in which case, I think you better help this guy:
https://lists.samba.org/archive/samba/2017-June/209138.html
It looks like Samba may have already have broken classic domains.
I am not saying we should just announce that Samba no longer supports
classic domains. Samba should accept that keeping them working is
taking emphasis away from the core work of making AD better and as
such, Samba should announce that Classic domains are deprecated and
state a date when Samba will no longer support them.
It is not as if there isn't an upgrade path, but some people will not
upgrade unless you force them.
Rowland
More information about the samba-technical
mailing list