From bcd558eb50814dfdc68bf49f082f9f644651cb38 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 22 Mar 2017 12:11:26 +0100
Subject: [PATCH] docs-xml: change the default for "map untrusted to domain" to
 "auto"

This makes the behaviour much more robust, particularly with forest child
domains over one-way forest trusts.

Sadly we don't support this kind of setup with our current ADDC, so
there's no way to have automated tests for this behaviour, but
at least we know it doesn't break any existing tests.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=8630

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 .../smbdotconf/security/mapuntrustedtodomain.xml  | 15 +++++++++++----
 lib/param/loadparm.c                              |  2 ++
 source3/param/loadparm.c                          |  2 +-
 3 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml b/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml
index 095ce6e5760..f782a512204 100644
--- a/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml
+++ b/docs-xml/smbdotconf/security/mapuntrustedtodomain.xml
@@ -6,7 +6,7 @@
                  xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
 <description>
     <para>
-    With <smbconfoption name="map untrusted to domain">auto</smbconfoption>
+    By default, and with <smbconfoption name="map untrusted to domain">auto</smbconfoption>
     smbd will defer the decision whether the domain name provided by the
     client is a valid domain name to the Domain Controller (DC) of
     the domain it is a member of, if it is not a DC.  If the DC indicates
@@ -16,7 +16,7 @@
     </para>
 
     <para>
-    By default, and with <smbconfoption name="map untrusted to domain">no</smbconfoption>,
+    With <smbconfoption name="map untrusted to domain">no</smbconfoption>,
     if a client connects to smbd using an untrusted domain name, such as
     BOGUS\user, smbd replaces the BOGUS domain with it's SAM name
     (forcing local authentication) before
@@ -38,11 +38,18 @@
     This will be DOMAIN\user in all server roles except active directory domain controller.
     </para>
 
+    <para>
+    <smbconfoption name="map untrusted to domain">no</smbconfoption>,
+    was the default up to Samba 4.6.
+    </para>
+
     <para>
     <smbconfoption name="map untrusted to domain">auto</smbconfoption> was added
-    with Samba 4.7.0.
+    and become the default with Samba 4.7.0. As the option is marked as
+    <constant>deprecated</constant> it will be removed in a future release, while the behavior of
+    <smbconfoption name="map untrusted to domain">auto</smbconfoption> will be kept.
     </para>
 </description>
 
-<value type="default">no</value>
+<value type="default">auto</value>
 </samba:parameter>
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 860f3e2c96c..9f32d7b27b0 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -2835,6 +2835,8 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
 
 	lpcfg_do_global_parameter(lp_ctx, "guest account", GUEST_ACCOUNT);
 
+	lpcfg_do_global_parameter(lp_ctx, "map untrusted to domain", "auto");
+
 	lpcfg_do_global_parameter(lp_ctx, "client schannel", "auto");
 
 	lpcfg_do_global_parameter(lp_ctx, "smb encrypt", "default");
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 91ecba88ad8..297a7e9175a 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -859,7 +859,7 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
 
 	Globals.min_receivefile_size = 0;
 
-	Globals.map_untrusted_to_domain = false;
+	Globals.map_untrusted_to_domain = Auto;
 	Globals.multicast_dns_register = true;
 
 	Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;