Ignore:
Timestamp:
May 24, 2009, 7:17:10 AM (16 years ago)
Author:
Herwig Bauernfeind
Message:

Update Samba 3.3 to 3.3.1

Location:
branches/samba-3.3.x/docs-xml
Files:
23 edited

Legend:

Unmodified
Added
Removed
  • branches/samba-3.3.x/docs-xml/archives/THANKS

    r217 r221  
    8787    with a variety of environments (such as Windows, Windows NT and
    8888    Unix), tools and application areas, and can provide assistance for
    89     development work ranging from a few days to to multiple man-year
     89    development work ranging from a few days to multiple man-year
    9090    projects.  You can find more information at http://www.metrics.com/.
    9191   
  • branches/samba-3.3.x/docs-xml/manpages-3/eventlogadm.8.xml

    r217 r221  
    9292                <listitem><para>
    9393                The <command>-o write</command> reads event log
    94                 records from standard input and writes them to theSamba
     94                records from standard input and writes them to the Samba
    9595                event log store named by EVENTLOG.
    9696                </para> </listitem>
     
    181181
    182182                <listitem><para>
    183                 <command>SRN</command> - he name of the machine on
     183                <command>SRN</command> - The name of the machine on
    184184                which the eventlog was generated. This is typically the
    185185                host name.
  • branches/samba-3.3.x/docs-xml/manpages-3/mount.cifs.8.xml

    r217 r221  
    4444
    4545        <para>
    46         The mount.cifs utility attaches the UNC name (exported network resource) to
    47         the local directory <emphasis>mount-point</emphasis>. It is possible to set the mode for mount.cifs to
    48 setuid root to allow non-root users to mount shares to directories for which they
    49 have write permission.
     46        The mount.cifs utility attaches the UNC name (exported network resource)
     47        specified as <emphasis>service</emphasis> (using //server/share syntax,
     48        where "server" is the server name or IP address and "share" is the name
     49        of the share) to the local directory <emphasis>mount-point</emphasis>.
     50        It is possible to set the mode for mount.cifs to setuid root to allow
     51        non-root users to mount shares to directories for which they
     52        have write permission.
    5053        </para>
    5154
     
    138141                the server supports the Unix Extensions then the uid
    139142                and gid can be retrieved from the server (and uid
    140                 and gid would not have to be specifed on the mount.
     143                and gid would not have to be specified on the mount.
    141144                For servers which do not support the CIFS Unix
    142145                extensions, the default uid (and gid) returned on lookup
     
    370373                <listitem><para>Do not allow POSIX ACL operations even if server would support them.</para><para>
    371374                The CIFS client can get and set POSIX ACLs (getfacl, setfacl) to Samba servers
    372                 version 3.10 and later.  Setting POSIX ACLs requires enabling both XATTR and
     375                version 3.0.10 and later.  Setting POSIX ACLs requires enabling both XATTR and
    373376                then POSIX support in the CIFS configuration options when building the cifs
    374                 module.  POSIX ACL support can be disabled on a per mount basic by specifying
     377                module.  POSIX ACL support can be disabled on a per mount basis by specifying
    375378                "noacl" on mount.</para>
    376379                </listitem>
  • branches/samba-3.3.x/docs-xml/manpages-3/vfs_smb_traffic_analyzer.8.xml

    r217 r221  
    118118                </varlistentry>
    119119
     120                <varlistentry>
     121                <term>smb_traffic_analyzer:total_anonymization = STRING</term>
     122                <listitem>
     123                <para>If STRING matches to 'yes', the module will replace
     124                any user name with the string given by the option
     125                smb_traffic_analyzer:anonymize_prefix, without generating
     126                an additional hash number. This means that any transfer data
     127                will be mapped to a single user, leading to a total
     128                anonymization of user related data.</para>
     129                </listitem>
     130                </varlistentry>
    120131
    121132        </variablelist>
  • branches/samba-3.3.x/docs-xml/smbdotconf/browse/enhancedbrowsing.xml

    r217 r221  
    1818        <para>You may wish to disable this option if you have a problem with empty
    1919        workgroups not disappearing from browse lists. Due to the restrictions
    20         of the browse protocols these enhancements can cause a empty workgroup
     20        of the browse protocols, these enhancements can cause a empty workgroup
    2121        to stay around forever which can be annoying.</para>
    2222
  • branches/samba-3.3.x/docs-xml/smbdotconf/ldap/ldapssl.xml

    r217 r221  
    1414
    1515        <para>LDAP connections should be secured where possible. This may be
    16         done setting either this parameter to
     16        done setting <emphasis>either</emphasis> this parameter to
    1717        <parameter moreinfo="none">Start_tls</parameter>
    18         or by specifying <parameter moreinfo="none">ldaps://</parameter> in
     18        <emphasis>or</emphasis> by specifying <parameter moreinfo="none">ldaps://</parameter> in
    1919        the URL argument of <smbconfoption name="passdb backend"/>.</para>
    2020
     
    3333                </listitem>
    3434        </itemizedlist>
     35        <para>
     36        Please note that this parameter does only affect <emphasis>rpc</emphasis>
     37        methods. To enable the LDAPv3 StartTLS extended operation (RFC2830) for
     38        <emphasis>ads</emphasis>, set
     39        <smbconfoption name="ldap ssl">yes</smbconfoption>
     40        <emphasis>and</emphasis>
     41        <smbconfoption name="ldap ssl ads">yes</smbconfoption>.
     42        See <refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum>
     43        for more information on <smbconfoption name="ldap ssl ads"/>.
     44        </para>
     45
    3546</description>
    3647<value type="default">start tls</value>
  • branches/samba-3.3.x/docs-xml/smbdotconf/locking/strictlocking.xml

    r217 r221  
    1313        When strict locking is set to Auto (the default), the server performs file lock checks only on non-oplocked files.
    1414        As most Windows redirectors perform file locking checks locally on oplocked files this is a good trade off for
    15         inproved performance.
     15        improved performance.
    1616        </para>
    1717
  • branches/samba-3.3.x/docs-xml/smbdotconf/misc/remoteannounce.xml

    r217 r221  
    77        <para>
    88        This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
    9         <manvolnum>8</manvolnum></citerefentry>to periodically announce itself
     9        <manvolnum>8</manvolnum></citerefentry> to periodically announce itself
    1010        to arbitrary IP addresses with an arbitrary workgroup name.
    1111        </para>
     
    2424        the above line would cause <command moreinfo="none">nmbd</command> to announce itself
    2525        to the two given IP addresses using the given workgroup names. If you leave out the
    26         workgroup name then the one given in the <smbconfoption name="workgroup"/> parameter
     26        workgroup name, then the one given in the <smbconfoption name="workgroup"/> parameter
    2727        is used instead.
    2828        </para>
  • branches/samba-3.3.x/docs-xml/smbdotconf/misc/usershareallowguests.xml

    r217 r221  
    99        of allowing people who can create a share the option of setting
    1010        <parameter moreinfo="none">guest ok = yes</parameter> in a share
    11         definition. Due to the security sensitive nature of this the default
     11        definition. Due to its security sensitive nature, the default
    1212        is set to off.</para>
    1313
  • branches/samba-3.3.x/docs-xml/smbdotconf/misc/usershareprefixallowlist.xml

    r217 r221  
    77        <para>This parameter specifies a list of absolute pathnames
    88        the root of which are allowed to be exported by user defined share definitions.
    9         If the pathname exported doesn't start with one of the strings in this
    10         list the user defined share will not be allowed. This allows the Samba
     9        If the pathname to be exported doesn't start with one of the strings in this
     10        list, the user defined share will not be allowed. This allows the Samba
    1111        administrator to restrict the directories on the system that can be
    1212        exported by user defined shares.
  • branches/samba-3.3.x/docs-xml/smbdotconf/misc/usersharetemplateshare.xml

    r217 r221  
    66<description>
    77        <para>User defined shares only have limited possible parameters
    8         such as path, guest ok etc. This parameter allows usershares to
     8        such as path, guest ok, etc. This parameter allows usershares to
    99        "cloned" from an existing share. If "usershare template share"
    1010        is set to the name of an existing share, then all usershares
  • branches/samba-3.3.x/docs-xml/smbdotconf/printing/useclientdriver.xml

    r217 r221  
    3030    to open the printer with the PRINTER_ACCESS_ADMINISTER right is mapped
    3131    to PRINTER_ACCESS_USE instead.  Thus allowing the OpenPrinterEx()
    32     call to succeed.  <emphasis>This parameter MUST not be able enabled
     32    call to succeed.  <emphasis>This parameter MUST not be enabled
    3333    on a print share which has valid print driver installed on the Samba
    3434        server.</emphasis></para>
  • branches/samba-3.3.x/docs-xml/smbdotconf/protocol/aclcheckpermissions.xml

    r217 r221  
    2222    discovered at close time, which is too late for the Windows user tools to display an error message
    2323    to the user. The symptom of this is files that appear to have been deleted "magically" re-appearing
    24     on a Windows explorer refersh. This is an extremely advanced protocol option which should not
     24    on a Windows explorer refresh. This is an extremely advanced protocol option which should not
    2525    need to be changed. This parameter was introduced in its final form in 3.0.21, an earlier version
    2626    with slightly different semantics was introduced in 3.0.20. That older version is not documented here.
  • branches/samba-3.3.x/docs-xml/smbdotconf/protocol/enableasusupport.xml

    r217 r221  
    66<description>
    77    <para>Hosts running the "Advanced Server for Unix (ASU)" product
    8     require some special accomodations such as creating a builting [ADMIN$]
     8    require some special accomodations such as creating a builtin [ADMIN$]
    99    share that only supports IPC connections.  The has been the default
    1010    behavior in smbd for many years.  However, certain Microsoft applications
  • branches/samba-3.3.x/docs-xml/smbdotconf/security/clientlanmanauth.xml

    r217 r221  
    1212    Windows 95/98) will be able to be connected from the Samba client.</para>
    1313
    14     <para>The LANMAN encrypted response is easily broken, due to it's
     14    <para>The LANMAN encrypted response is easily broken, due to its
    1515    case-insensitive nature, and the choice of algorithm.  Clients
    1616    without Windows 95/98 servers are advised to disable
  • branches/samba-3.3.x/docs-xml/smbdotconf/security/clientsigning.xml

    r217 r221  
    55                 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
    66<description>
    7     <para>This controls whether the client offers or requires
    8     the server it talks to to use SMB signing. Possible values
     7    <para>This controls whether the client is allowed or required to use SMB signing. Possible values
    98    are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis>
    109    and <emphasis>disabled</emphasis>.
  • branches/samba-3.3.x/docs-xml/smbdotconf/security/lanmanauth.xml

    r217 r221  
    1313    connect to the Samba host.</para>
    1414
    15     <para>The LANMAN encrypted response is easily broken, due to it's
     15    <para>The LANMAN encrypted response is easily broken, due to its
    1616    case-insensitive nature, and the choice of algorithm.  Servers
    1717    without Windows 95/98/ME or MS DOS clients are advised to disable
  • branches/samba-3.3.x/docs-xml/smbdotconf/security/passwordserver.xml

    r217 r221  
    88    or Active Directory domain controller with this option,
    99    and using <command moreinfo="none">security = [ads|domain|server]</command>
    10     it is possible to get Samba to
     10    it is possible to get Samba
    1111    to do all its username/password validation using a specific remote server.</para>
    1212
  • branches/samba-3.3.x/docs-xml/smbdotconf/security/security.xml

    r217 r221  
    4848    is commonly used for a shared printer server. It is more difficult
    4949    to setup guest shares with <command moreinfo="none">security = user</command>, see
    50     the <smbconfoption name="map to guest"/>parameter for details.</para>
     50    the <smbconfoption name="map to guest"/> parameter for details.</para>
    5151               
    5252    <para>It is possible to use <command moreinfo="none">smbd</command> in a <emphasis>
     
    5959    <para><anchor id="SECURITYEQUALSSHARE"/><emphasis>SECURITY = SHARE</emphasis></para>
    6060               
    61     <para>When clients connect to a share level security server they
     61    <para>When clients connect to a share level security server, they
    6262    need not log onto the server with a valid username and password before
    6363    attempting to connect to a shared resource (although modern clients
     
    212212
    213213        <note><para>From the client's point of
    214     view <command moreinfo="none">security = server</command> is the
     214    view, <command moreinfo="none">security = server</command> is the
    215215    same as <command moreinfo="none">security = user</command>.  It
    216216    only affects how the server deals  with the authentication, it does
  • branches/samba-3.3.x/docs-xml/smbdotconf/security/serverschannel.xml

    r217 r221  
    1414
    1515    <para>
    16         Please note that with this set to <literal>no</literal> you will have to apply the WindowsXP
     16        Please note that with this set to <literal>no</literal>, you will have to apply the WindowsXP
    1717        <filename>WinXP_SignOrSeal.reg</filename> registry patch found in the docs/registry subdirectory of the Samba distribution tarball.
    1818        </para>
  • branches/samba-3.3.x/docs-xml/smbdotconf/security/serversigning.xml

    r217 r221  
    66<description>
    77
    8     <para>This controls whether the server offers or requires
    9     the client it talks to to use SMB signing. Possible values
     8    <para>This controls whether the client is allowed or required to use SMB signing. Possible values
    109    are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis>
    1110    and <emphasis>disabled</emphasis>.
  • branches/samba-3.3.x/docs-xml/smbdotconf/security/smbencrypt.xml

    r217 r221  
    1717    </para>
    1818
    19     <para>This controls whether the server offers or requires
    20     the client it talks to to use SMB encryption. Possible values
     19    <para>This controls whether the remote client is allowed or required to use SMB encryption. Possible values
    2120    are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis>
    2221    and <emphasis>disabled</emphasis>. This may be set on a per-share
  • branches/samba-3.3.x/docs-xml/smbdotconf/security/updateencrypted.xml

    r217 r221  
    1010        password in the smbpasswd file to be updated automatically as they log on. This option allows a site to
    1111        migrate from plaintext password authentication (users authenticate with plaintext password over the
    12         wire, and are checked against a UNIX account atabase) to encrypted password authentication (the SMB
     12        wire, and are checked against a UNIX account database) to encrypted password authentication (the SMB
    1313        challenge/response authentication mechanism) without forcing all users to re-enter their passwords via
    1414        smbpasswd at the time the change is made. This is a convenience option to allow the change over to encrypted
     
    2525
    2626    <para>
    27         Note that even when this parameter is set a user authenticating to <command moreinfo="none">smbd</command>
     27        Note that even when this parameter is set, a user authenticating to <command moreinfo="none">smbd</command>
    2828        must still enter a valid password in order to connect correctly, and to update their hashed (smbpasswd)
    2929        passwords.
Note: See TracChangeset for help on using the changeset viewer.