Apparently we do support RA=2.

author Tim Potter <tpot@samba.org>

Thu, 1 May 2003 02:00:32 +0000 (02:00 +0000)

committer Tim Potter <tpot@samba.org>

Thu, 1 May 2003 02:00:32 +0000 (02:00 +0000)
author Tim Potter <tpot@samba.org>
Thu, 1 May 2003 02:00:32 +0000 (02:00 +0000)
committer Tim Potter <tpot@samba.org>
Thu, 1 May 2003 02:00:32 +0000 (02:00 +0000)
diff --git a/docs/docbook/smbdotconf/security/restrictanonymous.xml b/docs/docbook/smbdotconf/security/restrictanonymous.xml

index 3bd19833de28495cabcbd2a22098474783e9d374..803bc06b2bf784ef809353f8fad12bd33fb9888e 100644 (file)
--- a/docs/docbook/smbdotconf/security/restrictanonymous.xml
+++ b/docs/docbook/smbdotconf/security/restrictanonymous.xml
@@ -10,8 +10,15 @@
      2000 and Windows NT.  When set to 0, user and group list
      information is returned to anyone who asks.  When set
      to 1, only an authenticated user can retrive user and
-    group list information.  The value 2, supported by
-    Windows 2000 and higher, is not supported by Samba.
+    group list information.  For the value 2, supported by
+    Windows 2000/XP and Samba, no anonymous connections are allowed at
+    all.  This can break third party and Microsoft
+    applications which expect to be allowed to perform
+    operations anonymously.
+
+    The security advantage of using restrict anonymous = 1 is dubious,
+    as user and group list information can be obtained using other
+    means.
      </para>
  
      <para>Default: <command moreinfo="none">restrict anonymous = 0</command></para>
author	Tim Potter <tpot@samba.org>
	Thu, 1 May 2003 02:00:32 +0000 (02:00 +0000)
committer	Tim Potter <tpot@samba.org>
	Thu, 1 May 2003 02:00:32 +0000 (02:00 +0000)