On Fri, 2002-11-22 at 08:00, Andrew Bartlett wrote: > On Fri, 2002-11-22 at 07:42, SALOME Alexandre wrote: > > Hi, > > this is a ploblem? (of /usr/local/samba/lib/var/log/log.xxxxxx) > > > > > > 2002/11/21 17:41:02, 0] smbd/nttrans.c:(1762) > > call_nt_transact_ioctl: Currently not implemented. > > 2002/11/21 17:41:06, 0] smbd/reply.c:(888) > > restrict anonymous is True and anonymous connection attempted. Denying > > access. > > Don't set 'restrict anonymous' in 2.2 - it is completely broken, and > does break things...
To clarify this a little. 'restrict anonymous' in 2.2 behaves exactly as per the manpage. This isn't what most people expect, and has all the side-effects described in the manpage. In Samba 3.0, we have implemented 'restrict anonymous' in terms of the MS registry key of the same name. The new behavior increases system security by restricting anonymous access to information. This is what people expect that setting to do, and should help to reduce some confusion. (This is also why I called the 2.2 code broken - it sounds like a security setting, but in 2.2 it doesn't provide a security benefit) Unfortunately the documentation there hasn't caught up, but I'll at least remove the erroneous part when I commit support for 'restrict anonymous = 2' shortly. (Getting all this fixed is one of the big things we need to audit before 3.0 goes gold). Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
