From b4abd3faaf3bdcbcd24fed8325960ccdee43bea9 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sat, 12 May 2012 12:00:00 +0200 Subject: s3-auth: remove "security=server" (depricated since 3.6) "security=server" has a lot of problems in the world with modern security (ntlmv2 and krb5). It was also not very reliable, as it needed a stable connection to the password server for the lifetime of the whole client connection! Please use "security=domain" or "security=ads" is you authentication against remote servers (domain controllers). metze -------------- / \ / REST \ / IN \ / PEACE \ / \ | SEC_SERVER | | security=server | | | | | | 12 May | | | | 2012 | *| * * * | * _________)/\\_//(\/(/\)/\//\/\///|_)_______ --- source3/utils/testparm.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index 9b224d4c1b..b75fc61b6e 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -129,11 +129,9 @@ cannot be set in the smb.conf file. nmbd will abort with this setting.\n"); * Password server sanity checks. */ - if((lp_security() == SEC_SERVER || lp_security() >= SEC_DOMAIN) && !*lp_passwordserver()) { + if((lp_security() >= SEC_DOMAIN) && !*lp_passwordserver()) { const char *sec_setting; - if(lp_security() == SEC_SERVER) - sec_setting = "server"; - else if(lp_security() == SEC_DOMAIN) + if(lp_security() == SEC_DOMAIN) sec_setting = "domain"; else if(lp_security() == SEC_ADS) sec_setting = "ads"; -- cgit