|
Last change
on this file was 988, checked in by Silvan Scherrer, 9 years ago |
|
Samba Server: update vendor to version 4.4.3
|
|
File size:
1.3 KB
|
| Line | |
|---|
| 1 | <samba:parameter name="restrict anonymous"
|
|---|
| 2 | type="integer"
|
|---|
| 3 | context="G"
|
|---|
| 4 | xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
|---|
| 5 | <description>
|
|---|
| 6 | <para>The setting of this parameter determines whether user and
|
|---|
| 7 | group list information is returned for an anonymous connection.
|
|---|
| 8 | and mirrors the effects of the
|
|---|
| 9 | <programlisting>
|
|---|
| 10 | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
|
|---|
| 11 | Control\LSA\RestrictAnonymous
|
|---|
| 12 | </programlisting>
|
|---|
| 13 | registry key in Windows 2000 and Windows NT. When set to 0, user
|
|---|
| 14 | and group list information is returned to anyone who asks. When set
|
|---|
| 15 | to 1, only an authenticated user can retrieve user and
|
|---|
| 16 | group list information. For the value 2, supported by
|
|---|
| 17 | Windows 2000/XP and Samba, no anonymous connections are allowed at
|
|---|
| 18 | all. This can break third party and Microsoft
|
|---|
| 19 | applications which expect to be allowed to perform
|
|---|
| 20 | operations anonymously.</para>
|
|---|
| 21 |
|
|---|
| 22 | <para>
|
|---|
| 23 | The security advantage of using restrict anonymous = 1 is dubious,
|
|---|
| 24 | as user and group list information can be obtained using other
|
|---|
| 25 | means.
|
|---|
| 26 | </para>
|
|---|
| 27 |
|
|---|
| 28 | <note>
|
|---|
| 29 | <para>
|
|---|
| 30 | The security advantage of using restrict anonymous = 2 is removed
|
|---|
| 31 | by setting <smbconfoption name="guest ok">yes</smbconfoption> on any share.
|
|---|
| 32 | </para>
|
|---|
| 33 | </note>
|
|---|
| 34 | </description>
|
|---|
| 35 |
|
|---|
| 36 | <value type="default">0</value>
|
|---|
| 37 | </samba:parameter>
|
|---|
Note:
See
TracBrowser
for help on using the repository browser.
