From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 5 Sep 2019 04:55:35 +0000 (+1200)
Subject: docs: deprecate "raw NTLMv2 auth"
X-Git-Tag: talloc-2.3.2~839
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8c9d9441edce2e8d7f0428d0ec5e209ed8a55dbc;p=thirdparty%2Fsamba.git

docs: deprecate "raw NTLMv2 auth"

This parameter is appicable only to SMBv1 and we are deprecating SMBv1 specific
authentication options for possible removal.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14460

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
---

diff --git a/docs-xml/smbdotconf/security/rawntlmv2auth.xml b/docs-xml/smbdotconf/security/rawntlmv2auth.xml
index 30e7280bc5d..c4d75546388 100644
--- a/docs-xml/smbdotconf/security/rawntlmv2auth.xml
+++ b/docs-xml/smbdotconf/security/rawntlmv2auth.xml
@@ -1,8 +1,16 @@
 <samba:parameter name="raw NTLMv2 auth"
                  context="G"
                  type="boolean"
+		 deprecated="1"
                  xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
 <description>
+    <para>This parameter has been deprecated since Samba 4.13 and
+    support for NTLMv2 authentication without NTLMSSP will be removed
+    in a future Samba release.</para>
+    <para>That is, in the future, the current default of
+    <command>raw NTLMv2 auth = no</command>
+    will be the enforced behaviour.</para>
+
     <para>This parameter determines whether or not <citerefentry><refentrytitle>smbd</refentrytitle>
     <manvolnum>8</manvolnum></citerefentry> will allow SMB1 clients without
     extended security (without SPNEGO) to use NTLMv2 authentication.</para>