diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2012-02-03 18:03:10 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2012-03-04 23:33:05 +0100 |
| commit | d7bb961859a3501aec4d28842bfffb6190d19a73 (patch) | |
| tree | e472b543e1e88914fbcf7bf68a3e431ff7314afd /docs-xml/smbdotconf/security/serverrole.xml | |
| parent | acfa107ec64ceb6bf3a28df14585cfb0ccc79f41 (diff) | |
| download | samba-d7bb961859a3501aec4d28842bfffb6190d19a73.tar.gz samba-d7bb961859a3501aec4d28842bfffb6190d19a73.tar.bz2 samba-d7bb961859a3501aec4d28842bfffb6190d19a73.zip | |
s3-auth: Remove security=share (depricated since 3.6).
This patch removes security=share, which Samba implemented by matching
the per-share password provided by the client in the Tree Connect with
a selection of usernames supplied by the client, the smb.conf or
guessed from the environment.
The rationale for the removal is that for the bulk of security=share
users, we just we need a very simple way to run a 'trust the network'
Samba server, where users mark shares as guest ok. This is still
supported, and the smb.conf options are documented at
https://wiki.samba.org/index.php/Public_Samba_Server
At the same time, this closes the door on one of the most arcane areas
of Samba authentication.
Naturally, full user-name/password authentication remain available in
security=user and above.
This includes documentation updates for username and only user, which
now only do a small amount of what they used to do.
Andrew Bartlett
--------------
/ \
/ REST \
/ IN \
/ PEACE \
/ \
| SEC_SHARE |
| security=share |
| |
| |
| 5 March |
| |
| 2012 |
*| * * * | *
_________)/\\_//(\/(/\)/\//\/\///|_)_______
Diffstat (limited to 'docs-xml/smbdotconf/security/serverrole.xml')
| -rw-r--r-- | docs-xml/smbdotconf/security/serverrole.xml | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/docs-xml/smbdotconf/security/serverrole.xml b/docs-xml/smbdotconf/security/serverrole.xml index 5832887040..e4e65c297b 100644 --- a/docs-xml/smbdotconf/security/serverrole.xml +++ b/docs-xml/smbdotconf/security/serverrole.xml @@ -51,9 +51,6 @@ exist as well as the account on the Domain Controller to allow Samba to have a valid UNIX account to map file access to. Winbind can provide this.</para> - <para>See also the section <link linkend="VALIDATIONSECT"> - NOTE ABOUT USERNAME/PASSWORD VALIDATION</link>.</para> - <para><anchor id="DC"/><emphasis>SERVER ROLE = DOMAIN CONTROLLER</emphasis></para> <para>This mode of operation runs Samba as a domain controller, providing domain logon services to Windows and Samba clients of the domain. Clients must be joined to the domain to create a secure, trusted path across the network.</para> |