| Line | |
|---|
| 1 | <samba:parameter name="allow trusted domains"
|
|---|
| 2 | context="G"
|
|---|
| 3 | type="boolean"
|
|---|
| 4 | advanced="1" developer="1"
|
|---|
| 5 | xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
|---|
| 6 | <description>
|
|---|
| 7 | <para>
|
|---|
| 8 | This option only takes effect when the <smbconfoption name="security"/> option is set to
|
|---|
| 9 | <constant>server</constant>, <constant>domain</constant> or <constant>ads</constant>.
|
|---|
| 10 | If it is set to no, then attempts to connect to a resource from
|
|---|
| 11 | a domain or workgroup other than the one which smbd is running
|
|---|
| 12 | in will fail, even if that domain is trusted by the remote server
|
|---|
| 13 | doing the authentication.</para>
|
|---|
| 14 |
|
|---|
| 15 | <para>This is useful if you only want your Samba server to
|
|---|
| 16 | serve resources to users in the domain it is a member of. As
|
|---|
| 17 | an example, suppose that there are two domains DOMA and DOMB. DOMB
|
|---|
| 18 | is trusted by DOMA, which contains the Samba server. Under normal
|
|---|
| 19 | circumstances, a user with an account in DOMB can then access the
|
|---|
| 20 | resources of a UNIX account with the same account name on the
|
|---|
| 21 | Samba server even if they do not have an account in DOMA. This
|
|---|
| 22 | can make implementing a security boundary difficult.</para>
|
|---|
| 23 | </description>
|
|---|
| 24 |
|
|---|
| 25 | <value type="default">yes</value>
|
|---|
| 26 | </samba:parameter>
|
|---|
Note:
See
TracBrowser
for help on using the repository browser.
