Changeset 221 for branches/samba-3.3.x/docs-xml
- Timestamp:
- May 24, 2009, 7:17:10 AM (16 years ago)
- Location:
- branches/samba-3.3.x/docs-xml
- Files:
-
- 23 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/samba-3.3.x/docs-xml/archives/THANKS
r217 r221 87 87 with a variety of environments (such as Windows, Windows NT and 88 88 Unix), tools and application areas, and can provide assistance for 89 development work ranging from a few days to tomultiple man-year89 development work ranging from a few days to multiple man-year 90 90 projects. You can find more information at http://www.metrics.com/. 91 91 -
branches/samba-3.3.x/docs-xml/manpages-3/eventlogadm.8.xml
r217 r221 92 92 <listitem><para> 93 93 The <command>-o write</command> reads event log 94 records from standard input and writes them to the Samba94 records from standard input and writes them to the Samba 95 95 event log store named by EVENTLOG. 96 96 </para> </listitem> … … 181 181 182 182 <listitem><para> 183 <command>SRN</command> - he name of the machine on183 <command>SRN</command> - The name of the machine on 184 184 which the eventlog was generated. This is typically the 185 185 host name. -
branches/samba-3.3.x/docs-xml/manpages-3/mount.cifs.8.xml
r217 r221 44 44 45 45 <para> 46 The mount.cifs utility attaches the UNC name (exported network resource) to 47 the local directory <emphasis>mount-point</emphasis>. It is possible to set the mode for mount.cifs to 48 setuid root to allow non-root users to mount shares to directories for which they 49 have write permission. 46 The mount.cifs utility attaches the UNC name (exported network resource) 47 specified as <emphasis>service</emphasis> (using //server/share syntax, 48 where "server" is the server name or IP address and "share" is the name 49 of the share) to the local directory <emphasis>mount-point</emphasis>. 50 It is possible to set the mode for mount.cifs to setuid root to allow 51 non-root users to mount shares to directories for which they 52 have write permission. 50 53 </para> 51 54 … … 138 141 the server supports the Unix Extensions then the uid 139 142 and gid can be retrieved from the server (and uid 140 and gid would not have to be specif ed on the mount.143 and gid would not have to be specified on the mount. 141 144 For servers which do not support the CIFS Unix 142 145 extensions, the default uid (and gid) returned on lookup … … 370 373 <listitem><para>Do not allow POSIX ACL operations even if server would support them.</para><para> 371 374 The CIFS client can get and set POSIX ACLs (getfacl, setfacl) to Samba servers 372 version 3. 10 and later. Setting POSIX ACLs requires enabling both XATTR and375 version 3.0.10 and later. Setting POSIX ACLs requires enabling both XATTR and 373 376 then POSIX support in the CIFS configuration options when building the cifs 374 module. POSIX ACL support can be disabled on a per mount basi cby specifying377 module. POSIX ACL support can be disabled on a per mount basis by specifying 375 378 "noacl" on mount.</para> 376 379 </listitem> -
branches/samba-3.3.x/docs-xml/manpages-3/vfs_smb_traffic_analyzer.8.xml
r217 r221 118 118 </varlistentry> 119 119 120 <varlistentry> 121 <term>smb_traffic_analyzer:total_anonymization = STRING</term> 122 <listitem> 123 <para>If STRING matches to 'yes', the module will replace 124 any user name with the string given by the option 125 smb_traffic_analyzer:anonymize_prefix, without generating 126 an additional hash number. This means that any transfer data 127 will be mapped to a single user, leading to a total 128 anonymization of user related data.</para> 129 </listitem> 130 </varlistentry> 120 131 121 132 </variablelist> -
branches/samba-3.3.x/docs-xml/smbdotconf/browse/enhancedbrowsing.xml
r217 r221 18 18 <para>You may wish to disable this option if you have a problem with empty 19 19 workgroups not disappearing from browse lists. Due to the restrictions 20 of the browse protocols these enhancements can cause a empty workgroup20 of the browse protocols, these enhancements can cause a empty workgroup 21 21 to stay around forever which can be annoying.</para> 22 22 -
branches/samba-3.3.x/docs-xml/smbdotconf/ldap/ldapssl.xml
r217 r221 14 14 15 15 <para>LDAP connections should be secured where possible. This may be 16 done setting eitherthis parameter to16 done setting <emphasis>either</emphasis> this parameter to 17 17 <parameter moreinfo="none">Start_tls</parameter> 18 orby specifying <parameter moreinfo="none">ldaps://</parameter> in18 <emphasis>or</emphasis> by specifying <parameter moreinfo="none">ldaps://</parameter> in 19 19 the URL argument of <smbconfoption name="passdb backend"/>.</para> 20 20 … … 33 33 </listitem> 34 34 </itemizedlist> 35 <para> 36 Please note that this parameter does only affect <emphasis>rpc</emphasis> 37 methods. To enable the LDAPv3 StartTLS extended operation (RFC2830) for 38 <emphasis>ads</emphasis>, set 39 <smbconfoption name="ldap ssl">yes</smbconfoption> 40 <emphasis>and</emphasis> 41 <smbconfoption name="ldap ssl ads">yes</smbconfoption>. 42 See <refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum> 43 for more information on <smbconfoption name="ldap ssl ads"/>. 44 </para> 45 35 46 </description> 36 47 <value type="default">start tls</value> -
branches/samba-3.3.x/docs-xml/smbdotconf/locking/strictlocking.xml
r217 r221 13 13 When strict locking is set to Auto (the default), the server performs file lock checks only on non-oplocked files. 14 14 As most Windows redirectors perform file locking checks locally on oplocked files this is a good trade off for 15 i nproved performance.15 improved performance. 16 16 </para> 17 17 -
branches/samba-3.3.x/docs-xml/smbdotconf/misc/remoteannounce.xml
r217 r221 7 7 <para> 8 8 This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle> 9 <manvolnum>8</manvolnum></citerefentry> to periodically announce itself9 <manvolnum>8</manvolnum></citerefentry> to periodically announce itself 10 10 to arbitrary IP addresses with an arbitrary workgroup name. 11 11 </para> … … 24 24 the above line would cause <command moreinfo="none">nmbd</command> to announce itself 25 25 to the two given IP addresses using the given workgroup names. If you leave out the 26 workgroup name then the one given in the <smbconfoption name="workgroup"/> parameter26 workgroup name, then the one given in the <smbconfoption name="workgroup"/> parameter 27 27 is used instead. 28 28 </para> -
branches/samba-3.3.x/docs-xml/smbdotconf/misc/usershareallowguests.xml
r217 r221 9 9 of allowing people who can create a share the option of setting 10 10 <parameter moreinfo="none">guest ok = yes</parameter> in a share 11 definition. Due to the security sensitive nature of thisthe default11 definition. Due to its security sensitive nature, the default 12 12 is set to off.</para> 13 13 -
branches/samba-3.3.x/docs-xml/smbdotconf/misc/usershareprefixallowlist.xml
r217 r221 7 7 <para>This parameter specifies a list of absolute pathnames 8 8 the root of which are allowed to be exported by user defined share definitions. 9 If the pathname exported doesn't start with one of the strings in this10 list the user defined share will not be allowed. This allows the Samba9 If the pathname to be exported doesn't start with one of the strings in this 10 list, the user defined share will not be allowed. This allows the Samba 11 11 administrator to restrict the directories on the system that can be 12 12 exported by user defined shares. -
branches/samba-3.3.x/docs-xml/smbdotconf/misc/usersharetemplateshare.xml
r217 r221 6 6 <description> 7 7 <para>User defined shares only have limited possible parameters 8 such as path, guest ok etc. This parameter allows usershares to8 such as path, guest ok, etc. This parameter allows usershares to 9 9 "cloned" from an existing share. If "usershare template share" 10 10 is set to the name of an existing share, then all usershares -
branches/samba-3.3.x/docs-xml/smbdotconf/printing/useclientdriver.xml
r217 r221 30 30 to open the printer with the PRINTER_ACCESS_ADMINISTER right is mapped 31 31 to PRINTER_ACCESS_USE instead. Thus allowing the OpenPrinterEx() 32 call to succeed. <emphasis>This parameter MUST not be ableenabled32 call to succeed. <emphasis>This parameter MUST not be enabled 33 33 on a print share which has valid print driver installed on the Samba 34 34 server.</emphasis></para> -
branches/samba-3.3.x/docs-xml/smbdotconf/protocol/aclcheckpermissions.xml
r217 r221 22 22 discovered at close time, which is too late for the Windows user tools to display an error message 23 23 to the user. The symptom of this is files that appear to have been deleted "magically" re-appearing 24 on a Windows explorer ref ersh. This is an extremely advanced protocol option which should not24 on a Windows explorer refresh. This is an extremely advanced protocol option which should not 25 25 need to be changed. This parameter was introduced in its final form in 3.0.21, an earlier version 26 26 with slightly different semantics was introduced in 3.0.20. That older version is not documented here. -
branches/samba-3.3.x/docs-xml/smbdotconf/protocol/enableasusupport.xml
r217 r221 6 6 <description> 7 7 <para>Hosts running the "Advanced Server for Unix (ASU)" product 8 require some special accomodations such as creating a builtin g[ADMIN$]8 require some special accomodations such as creating a builtin [ADMIN$] 9 9 share that only supports IPC connections. The has been the default 10 10 behavior in smbd for many years. However, certain Microsoft applications -
branches/samba-3.3.x/docs-xml/smbdotconf/security/clientlanmanauth.xml
r217 r221 12 12 Windows 95/98) will be able to be connected from the Samba client.</para> 13 13 14 <para>The LANMAN encrypted response is easily broken, due to it 's14 <para>The LANMAN encrypted response is easily broken, due to its 15 15 case-insensitive nature, and the choice of algorithm. Clients 16 16 without Windows 95/98 servers are advised to disable -
branches/samba-3.3.x/docs-xml/smbdotconf/security/clientsigning.xml
r217 r221 5 5 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> 6 6 <description> 7 <para>This controls whether the client offers or requires 8 the server it talks to to use SMB signing. Possible values 7 <para>This controls whether the client is allowed or required to use SMB signing. Possible values 9 8 are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis> 10 9 and <emphasis>disabled</emphasis>. -
branches/samba-3.3.x/docs-xml/smbdotconf/security/lanmanauth.xml
r217 r221 13 13 connect to the Samba host.</para> 14 14 15 <para>The LANMAN encrypted response is easily broken, due to it 's15 <para>The LANMAN encrypted response is easily broken, due to its 16 16 case-insensitive nature, and the choice of algorithm. Servers 17 17 without Windows 95/98/ME or MS DOS clients are advised to disable -
branches/samba-3.3.x/docs-xml/smbdotconf/security/passwordserver.xml
r217 r221 8 8 or Active Directory domain controller with this option, 9 9 and using <command moreinfo="none">security = [ads|domain|server]</command> 10 it is possible to get Samba to10 it is possible to get Samba 11 11 to do all its username/password validation using a specific remote server.</para> 12 12 -
branches/samba-3.3.x/docs-xml/smbdotconf/security/security.xml
r217 r221 48 48 is commonly used for a shared printer server. It is more difficult 49 49 to setup guest shares with <command moreinfo="none">security = user</command>, see 50 the <smbconfoption name="map to guest"/> parameter for details.</para>50 the <smbconfoption name="map to guest"/> parameter for details.</para> 51 51 52 52 <para>It is possible to use <command moreinfo="none">smbd</command> in a <emphasis> … … 59 59 <para><anchor id="SECURITYEQUALSSHARE"/><emphasis>SECURITY = SHARE</emphasis></para> 60 60 61 <para>When clients connect to a share level security server they61 <para>When clients connect to a share level security server, they 62 62 need not log onto the server with a valid username and password before 63 63 attempting to connect to a shared resource (although modern clients … … 212 212 213 213 <note><para>From the client's point of 214 view <command moreinfo="none">security = server</command> is the214 view, <command moreinfo="none">security = server</command> is the 215 215 same as <command moreinfo="none">security = user</command>. It 216 216 only affects how the server deals with the authentication, it does -
branches/samba-3.3.x/docs-xml/smbdotconf/security/serverschannel.xml
r217 r221 14 14 15 15 <para> 16 Please note that with this set to <literal>no</literal> you will have to apply the WindowsXP16 Please note that with this set to <literal>no</literal>, you will have to apply the WindowsXP 17 17 <filename>WinXP_SignOrSeal.reg</filename> registry patch found in the docs/registry subdirectory of the Samba distribution tarball. 18 18 </para> -
branches/samba-3.3.x/docs-xml/smbdotconf/security/serversigning.xml
r217 r221 6 6 <description> 7 7 8 <para>This controls whether the server offers or requires 9 the client it talks to to use SMB signing. Possible values 8 <para>This controls whether the client is allowed or required to use SMB signing. Possible values 10 9 are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis> 11 10 and <emphasis>disabled</emphasis>. -
branches/samba-3.3.x/docs-xml/smbdotconf/security/smbencrypt.xml
r217 r221 17 17 </para> 18 18 19 <para>This controls whether the server offers or requires 20 the client it talks to to use SMB encryption. Possible values 19 <para>This controls whether the remote client is allowed or required to use SMB encryption. Possible values 21 20 are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis> 22 21 and <emphasis>disabled</emphasis>. This may be set on a per-share -
branches/samba-3.3.x/docs-xml/smbdotconf/security/updateencrypted.xml
r217 r221 10 10 password in the smbpasswd file to be updated automatically as they log on. This option allows a site to 11 11 migrate from plaintext password authentication (users authenticate with plaintext password over the 12 wire, and are checked against a UNIX account atabase) to encrypted password authentication (the SMB12 wire, and are checked against a UNIX account database) to encrypted password authentication (the SMB 13 13 challenge/response authentication mechanism) without forcing all users to re-enter their passwords via 14 14 smbpasswd at the time the change is made. This is a convenience option to allow the change over to encrypted … … 25 25 26 26 <para> 27 Note that even when this parameter is set a user authenticating to <command moreinfo="none">smbd</command>27 Note that even when this parameter is set, a user authenticating to <command moreinfo="none">smbd</command> 28 28 must still enter a valid password in order to connect correctly, and to update their hashed (smbpasswd) 29 29 passwords.
Note:
See TracChangeset
for help on using the changeset viewer.