Deprecate SMBv1 options and NT4-like domains for Samba 4.13?
Andrew Bartlett
abartlet at samba.org
Sat Aug 8 05:42:32 UTC 2020
On Sat, 2020-08-08 at 07:19 +0200, Andreas Schneider wrote:
> On Saturday, 8 August 2020 00:42:38 CEST Andrew Bartlett via samba-technical
> wrote:
> > On Wed, 2020-07-29 at 12:02 -0700, Jeremy Allison via samba-technical
> >
> > wrote:
> > > On Wed, Jul 01, 2020 at 03:19:19PM +1200, Andrew Bartlett via samba-
> > >
> > > technical wrote:
> > > > So I present to you this MR:
> > > >
> > > > https://gitlab.com/samba-team/samba/-/merge_requests/1398
> > > >
> > > > Parameter
> > > > Name Description Default
> > > > -------------- ----------- -----
> > > > -
> > > > domain logons Deprecated no
> > > > raw NTLMv2 auth Deprecated no
> > > > client plaintext auth Deprecated no
> > > > client NTLMv2 auth Deprecated yes
> > > > client lanman auth Deprecated no
> > > > client use spnego Deprecated yes
> > > >
> > > > If I get time I also hope to fold the only-used-by-attackers LMv2
> > > > into
> > > > "raw NTLMv2 auth", so we can remove both in 4.14.
> > >
> > > Sorry for the delay, just catching up on old stuff
> > > in my inbox :-).
> > >
> > > That looks good to me ! It's really good to start
> > > marking obsolete stuff as, well, obsolete :-).
> > >
> > > Anyone else got comments ?
> >
> > Can I get some further consensus here? I would really like to merge my
> > branch once I add the last required test, but I don't want to blindside
> > anyone.
>
> I'm fine with deprecating them. But we can't remove them in 4.14. We need more
> time to communicate that in the Linux Enterprise world so that customers have
> time to find a solution to migrate too.
Thanks,
Indeed this is deprecation only.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list