diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2003-06-01 06:40:35 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2003-06-01 06:40:35 +0000 |
| commit | c49b32e492580f774ef7faa323e244749196027d (patch) | |
| tree | 773c61fc89af061a9ea22b08f0629eb99e725a58 /docs/docbook/smbdotconf/security/restrictanonymous.xml | |
| parent | 72cc0c82c415c872e270d924c795d6ac907a32fb (diff) | |
| download | samba-c49b32e492580f774ef7faa323e244749196027d.tar.gz samba-c49b32e492580f774ef7faa323e244749196027d.tar.bz2 samba-c49b32e492580f774ef7faa323e244749196027d.zip | |
Update the doco on 'restrict anonymous' (note that 'guest ok' kills off the
benifit of RA=2), explain better what 'ntlm auth' and 'lanman auth' do, and
fix use spnego - all win2k clients use spnego.
Work on the client-side still needs to be done, but I realised that I need
to add a paramter to close off all plaintext authentication before documenting
'client lanman auth' will make any sense.
Andrew Bartlett
(This used to be commit f264846537d7aa66e7bbb71c17bf215dc23f07e2)
Diffstat (limited to 'docs/docbook/smbdotconf/security/restrictanonymous.xml')
| -rw-r--r-- | docs/docbook/smbdotconf/security/restrictanonymous.xml | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/docs/docbook/smbdotconf/security/restrictanonymous.xml b/docs/docbook/smbdotconf/security/restrictanonymous.xml index 803bc06b2b..8ec860c17e 100644 --- a/docs/docbook/smbdotconf/security/restrictanonymous.xml +++ b/docs/docbook/smbdotconf/security/restrictanonymous.xml @@ -19,6 +19,11 @@ The security advantage of using restrict anonymous = 1 is dubious, as user and group list information can be obtained using other means. + + The security advantage of using restrict anonymous = 2 is removed + by setting <link linkend="GUESTOK"><parameter moreinfo="none">guest + ok</parameter></link> = yes</para> on any share. + </para> <para>Default: <command moreinfo="none">restrict anonymous = 0</command></para> |