From 09b8816b8f733570f25d3d67365b611767e223ab Mon Sep 17 00:00:00 2001
From: Garming Sam <garming@catalyst.net.nz>
Date: Tue, 7 Jan 2014 17:55:35 +1300
Subject: [PATCH] param: fixup security default to AUTO to permit server role =
 domain member

When this is set to AUTO, it behaves as security = user unless server role = domain member has been set.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
---
 docs-xml/smbdotconf/security/security.xml | 2 +-
 source3/param/loadparm.c                  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs-xml/smbdotconf/security/security.xml b/docs-xml/smbdotconf/security/security.xml
index 2f5c3f73b03..5db1e0158c2 100644
--- a/docs-xml/smbdotconf/security/security.xml
+++ b/docs-xml/smbdotconf/security/security.xml
@@ -109,6 +109,6 @@
 <related>realm</related>
 <related>encrypt passwords</related>
 
-<value type="default">USER</value>
+<value type="default">AUTO</value>
 <value type="example">DOMAIN</value>
 </samba:parameter>
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index c5e94d494f7..126a29d4983 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -827,7 +827,7 @@ static void init_globals(bool reinit_globals)
 	Globals.srv_minprotocol = PROTOCOL_LANMAN1;
 	Globals.cli_maxprotocol = PROTOCOL_NT1;
 	Globals.cli_minprotocol = PROTOCOL_CORE;
-	Globals.security = SEC_USER;
+	Globals.security = SEC_AUTO;
 	Globals.encrypted_passwords = true;
 	Globals.client_schannel = Auto;
 	Globals.winbind_sealed_pipes = true;
-- 
2.11.4.GIT