From: Björn Jacke <bj@sernet.de>
Date: Fri, 2 Oct 2009 15:55:50 +0000 (+0200)
Subject: s3:doc: add some detail about lanman auth parameter
X-Git-Tag: talloc-2.0.1~157
X-Git-Url: http://git.samba.org/samba.git/?p=ira%2Fwip.git;a=commitdiff_plain;h=2aacca010da59c2521bddda3e004271008fe2b6f

s3:doc: add some detail about lanman auth parameter

add interesting detail: lm passwords will be removed from databaѕe with
lanman auth = no
---

diff --git a/docs-xml/smbdotconf/security/lanmanauth.xml b/docs-xml/smbdotconf/security/lanmanauth.xml
index 4e68c5e03aa..e055bd35f1a 100644
--- a/docs-xml/smbdotconf/security/lanmanauth.xml
+++ b/docs-xml/smbdotconf/security/lanmanauth.xml
@@ -16,6 +16,13 @@
     case-insensitive nature, and the choice of algorithm.  Servers
     without Windows 95/98/ME or MS DOS clients are advised to disable
     this option.  </para>
+
+    <para>When this parameter is set to <value>no</value> this
+    will also result in sambaLMPassword in Samba's passdb being
+    blanked after the next password change. As a result of that
+    lanman clients won't be able to authenticate, even if lanman
+    auth is reenabled later on.
+    </para>
 		
     <para>Unlike the <command moreinfo="none">encrypt
     passwords</command> option, this parameter cannot alter client