From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 5 Sep 2019 04:55:23 +0000 (+1200)
Subject: docs: deprecate "client plaintext auth"
X-Git-Tag: talloc-2.3.2~840
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=37583b19d2c3dbf3e9d0498a39b8b9d9c727e1d4;p=thirdparty%2Fsamba.git

docs: deprecate "client plaintext auth"

This parameter is appicable only to SMBv1 and we are deprecating SMBv1 specific
authentication options for possible removal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
---

diff --git a/docs-xml/smbdotconf/security/clientplaintextauth.xml b/docs-xml/smbdotconf/security/clientplaintextauth.xml
index 1c4d3566f82..5a51c33216c 100644
--- a/docs-xml/smbdotconf/security/clientplaintextauth.xml
+++ b/docs-xml/smbdotconf/security/clientplaintextauth.xml
@@ -1,8 +1,17 @@
 <samba:parameter name="client plaintext auth"
                  context="G"
                  type="boolean"
+		 deprecated="1"
                  xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
 <description>
+    <para>This parameter has been deprecated since Samba 4.13 and
+    support for plaintext (as distinct from NTLM, NTLMv2 or
+    Kerberos authentication)
+    will be removed in a future Samba release.</para>
+    <para>That is, in the future, the current default of
+    <command>client plaintext auth = no</command>
+    will be the enforced behaviour.</para>
+
 	<para>Specifies whether a client should send a plaintext 
 		password if the server does not support encrypted passwords.</para>
 </description>