Lpcfg_do_global_parameter: WARNING

TRHH · 28 December 2025 05:31

Below an an internal Samba process message (3 X WARNING) when running testparm

WARNING: The "..." option is deprecated: This is the key part; older options are no longer recommended (e.g., encrypt passwords) because newer security standards exist (like smb3).

I am running Dietpi (Trixie) and everything is updated (SW).

Not sure what action is needed?

root@DietPi:~# testparm -s
Load smb config files from /etc/samba/smb.conf
lpcfg_do_global_parameter: WARNING: The "syslog only" option is deprecated
lpcfg_do_global_parameter: WARNING: The "syslog" option is deprecated
lpcfg_do_global_parameter: WARNING: The "encrypt passwords" option is deprecated
Loaded services file OK.
Weak crypto is allowed by GnuTLS (e.g. NTLM as a compatibility fallback)

Server role: ROLE_STANDALONE

# Global parameters
[global]
        disable spoolss = Yes
        dns proxy = No
        load printers = No
        log file = /var/log/samba/log.%m
        map to guest = Bad User
        max log size = 1000
        obey pam restrictions = Yes
        pam password change = Yes
        panic action = /usr/share/samba/panic-action %d
        passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
        passwd program = /usr/bin/passwd %u
        printcap name = /dev/null
        security = USER
        server string = %h server
        syslog = 0
        unix password sync = Yes
        idmap config * : backend = tdb


[DietPi]
        comment = DietPi Share
        create mask = 0664
        directory mask = 0775
        max connections = 32
        path = /mnt/dietpi_userdata
        read only = No
        valid users = root
root@DietPi:~#

Below /etc/samba/smb.conf

[global]

	workgroup = WORKGROUP
	server string = %h server
	dns proxy = no
	log file = /var/log/samba/log.%m
	max log size = 1000
	syslog only = no
	syslog = 0

	panic action = /usr/share/samba/panic-action %d

	security = user
	encrypt passwords = true
	passdb backend = tdbsam
	obey pam restrictions = yes
	unix password sync = yes

	passwd program = /usr/bin/passwd %u
	passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
	pam password change = yes
	map to guest = bad user

	load printers = no
	printcap name = /dev/null
	disable spoolss = yes

[DietPi]
	comment = DietPi Share
	path = /mnt/dietpi_userdata
	browseable = yes
	create mask = 0664
	directory mask = 0775
	valid users = root
	writeable = yes
max connections = 32

Thanks and a happy new year

Torben

Jappe · 28 December 2025 10:20

No action is needed, samba is working as expected, it’s just a warning about a deprecated options. This warning is only informative.

DietPi uses “old” options to stay compatible with older client versions.

It probably complains about:

syslog only = no
syslog = 0
encrypt passwords = true

You could just remove these lines, logging is managed by log file option and encrypted passwords are default since SMBv2.
If you remove these lines you probably want to add

server min protocol = SMB2
client min protocol = SMB2