diff options
-rw-r--r-- | docs-xml/smbdotconf/security/serverschannel.xml | 13 | ||||
-rw-r--r-- | lib/param/loadparm.c | 2 | ||||
-rw-r--r-- | source3/param/loadparm.c | 2 |
3 files changed, 13 insertions, 4 deletions
diff --git a/docs-xml/smbdotconf/security/serverschannel.xml b/docs-xml/smbdotconf/security/serverschannel.xml index a2dca1bbdb4..489492d79b1 100644 --- a/docs-xml/smbdotconf/security/serverschannel.xml +++ b/docs-xml/smbdotconf/security/serverschannel.xml @@ -2,8 +2,17 @@ context="G" type="enum" enumlist="enum_bool_auto" + deprecated="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> <description> + + <para> + This option is deprecated with Samba 4.8 and will be removed in future. + At the same time the default changed to yes, which will be the + hardcoded behavior in future. If you have the need for the behavior of "auto" + to be kept, please file a bug at https://bugzilla.samba.org. + </para> + <para> This controls whether the server offers or even demands the use of the netlogon schannel. <smbconfoption name="server schannel">no</smbconfoption> does not offer the schannel, <smbconfoption @@ -18,6 +27,6 @@ </para> </description> -<value type="default">auto</value> -<value type="example">yes</value> +<value type="default">yes</value> +<value type="example">auto</value> </samba:parameter> diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c index f6ee112c127..a18407d9c07 100644 --- a/lib/param/loadparm.c +++ b/lib/param/loadparm.c @@ -2784,7 +2784,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx) lpcfg_do_global_parameter(lp_ctx, "winbind nss info", "template"); - lpcfg_do_global_parameter(lp_ctx, "server schannel", "Auto"); + lpcfg_do_global_parameter(lp_ctx, "server schannel", "True"); lpcfg_do_global_parameter(lp_ctx, "short preserve case", "True"); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 9f79f132def..582c8756ffa 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -654,7 +654,7 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals) Globals.client_schannel = true; Globals.winbind_sealed_pipes = true; Globals.require_strong_key = true; - Globals.server_schannel = Auto; + Globals.server_schannel = true; Globals.read_raw = true; Globals.write_raw = true; Globals.null_passwords = false; |