diff options
author | Stefan Metzmacher <metze@samba.org> | 2017-06-19 10:48:49 +0200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-12-13 20:34:23 +0100 |
commit | 443984b8292e08f64c9af7794883d6434f8cf5db (patch) | |
tree | 155e8010bbcc6ec4318ec84da8acaea77783d34b /docs-xml | |
parent | e7bc23e44c014645964539aaf19892a8a187c4a4 (diff) | |
download | samba-443984b8292e08f64c9af7794883d6434f8cf5db.tar.gz |
docs-xml: remove unused "map untrusted to domain" option
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'docs-xml')
-rw-r--r-- | docs-xml/smbdotconf/security/mapuntrustedtodomain.xml | 55 |
1 files changed, 0 insertions, 55 deletions
diff --git a/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml b/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml deleted file mode 100644 index f782a512204..00000000000 --- a/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml +++ /dev/null @@ -1,55 +0,0 @@ -<samba:parameter name="map untrusted to domain" - context="G" - type="enum" - enumlist="enum_bool_auto" - deprecated="1" - xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> -<description> - <para> - By default, and with <smbconfoption name="map untrusted to domain">auto</smbconfoption> - smbd will defer the decision whether the domain name provided by the - client is a valid domain name to the Domain Controller (DC) of - the domain it is a member of, if it is not a DC. If the DC indicates - that the domain portion is unknown, then a local authentication is performed. - Standalone servers always ignore the domain. This is basically the same as - the behavior implemented in Windows. - </para> - - <para> - With <smbconfoption name="map untrusted to domain">no</smbconfoption>, - if a client connects to smbd using an untrusted domain name, such as - BOGUS\user, smbd replaces the BOGUS domain with it's SAM name - (forcing local authentication) before - attempting to authenticate that user. In the case where smbd is acting as - a NT4 PDC/BDC this will be DOMAIN\user. In the case where smbd is acting as a - domain member server or a standalone server this will be WORKSTATION\user. - While this appears similar to the behaviour of - <smbconfoption name="map untrusted to domain">auto</smbconfoption>, - the difference is that smbd will use a cached (maybe incomplete) list - of trusted domains in order to classify a domain as "untrusted" - before contacting any DC first. - </para> - - <para> - With <smbconfoption name="map untrusted to domain">yes</smbconfoption>, - smbd provides the legacy behavior matching that of versions of Samba pre 3.4: - the BOGUS domain name would always be replaced by the - primary domain before attempting to authenticate that user. - This will be DOMAIN\user in all server roles except active directory domain controller. - </para> - - <para> - <smbconfoption name="map untrusted to domain">no</smbconfoption>, - was the default up to Samba 4.6. - </para> - - <para> - <smbconfoption name="map untrusted to domain">auto</smbconfoption> was added - and become the default with Samba 4.7.0. As the option is marked as - <constant>deprecated</constant> it will be removed in a future release, while the behavior of - <smbconfoption name="map untrusted to domain">auto</smbconfoption> will be kept. - </para> -</description> - -<value type="default">auto</value> -</samba:parameter> |