Ignore:
Timestamp:
May 24, 2009, 7:17:10 AM (16 years ago)
Author:
Herwig Bauernfeind
Message:

Update Samba 3.3 to 3.3.1

Location:
branches/samba-3.3.x/docs-xml/smbdotconf
Files:
19 edited

Legend:

Unmodified
Added
Removed

  • branches/samba-3.3.x/docs-xml/smbdotconf/browse/enhancedbrowsing.xml

    r217 r221  
    1818        <para>You may wish to disable this option if you have a problem with empty
    1919        workgroups not disappearing from browse lists. Due to the restrictions
    20         of the browse protocols these enhancements can cause a empty workgroup
     20        of the browse protocols, these enhancements can cause a empty workgroup
    2121        to stay around forever which can be annoying.</para>
    2222

  • branches/samba-3.3.x/docs-xml/smbdotconf/ldap/ldapssl.xml

    r217 r221  
    1414
    1515        <para>LDAP connections should be secured where possible. This may be
    16         done setting either this parameter to
     16        done setting <emphasis>either</emphasis> this parameter to
    1717        <parameter moreinfo="none">Start_tls</parameter>
    18         or by specifying <parameter moreinfo="none">ldaps://</parameter> in
     18        <emphasis>or</emphasis> by specifying <parameter moreinfo="none">ldaps://</parameter> in
    1919        the URL argument of <smbconfoption name="passdb backend"/>.</para>
    2020
     
    3333                </listitem>
    3434        </itemizedlist>
     35        <para>
     36        Please note that this parameter does only affect <emphasis>rpc</emphasis>
     37        methods. To enable the LDAPv3 StartTLS extended operation (RFC2830) for
     38        <emphasis>ads</emphasis>, set
     39        <smbconfoption name="ldap ssl">yes</smbconfoption>
     40        <emphasis>and</emphasis>
     41        <smbconfoption name="ldap ssl ads">yes</smbconfoption>.
     42        See <refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum>
     43        for more information on <smbconfoption name="ldap ssl ads"/>.
     44        </para>
     45
    3546</description>
    3647<value type="default">start tls</value>

  • branches/samba-3.3.x/docs-xml/smbdotconf/locking/strictlocking.xml

    r217 r221  
    1313        When strict locking is set to Auto (the default), the server performs file lock checks only on non-oplocked files.
    1414        As most Windows redirectors perform file locking checks locally on oplocked files this is a good trade off for
    15         inproved performance.
     15        improved performance.
    1616        </para>
    1717

  • branches/samba-3.3.x/docs-xml/smbdotconf/misc/remoteannounce.xml

    r217 r221  
    77        <para>
    88        This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
    9         <manvolnum>8</manvolnum></citerefentry>to periodically announce itself
     9        <manvolnum>8</manvolnum></citerefentry> to periodically announce itself
    1010        to arbitrary IP addresses with an arbitrary workgroup name.
    1111        </para>
     
    2424        the above line would cause <command moreinfo="none">nmbd</command> to announce itself
    2525        to the two given IP addresses using the given workgroup names. If you leave out the
    26         workgroup name then the one given in the <smbconfoption name="workgroup"/> parameter
     26        workgroup name, then the one given in the <smbconfoption name="workgroup"/> parameter
    2727        is used instead.
    2828        </para>

  • branches/samba-3.3.x/docs-xml/smbdotconf/misc/usershareallowguests.xml

    r217 r221  
    99        of allowing people who can create a share the option of setting
    1010        <parameter moreinfo="none">guest ok = yes</parameter> in a share
    11         definition. Due to the security sensitive nature of this the default
     11        definition. Due to its security sensitive nature, the default
    1212        is set to off.</para>
    1313

  • branches/samba-3.3.x/docs-xml/smbdotconf/misc/usershareprefixallowlist.xml

    r217 r221  
    77        <para>This parameter specifies a list of absolute pathnames
    88        the root of which are allowed to be exported by user defined share definitions.
    9         If the pathname exported doesn't start with one of the strings in this
    10         list the user defined share will not be allowed. This allows the Samba
     9        If the pathname to be exported doesn't start with one of the strings in this
     10        list, the user defined share will not be allowed. This allows the Samba
    1111        administrator to restrict the directories on the system that can be
    1212        exported by user defined shares.

  • branches/samba-3.3.x/docs-xml/smbdotconf/misc/usersharetemplateshare.xml

    r217 r221  
    66<description>
    77        <para>User defined shares only have limited possible parameters
    8         such as path, guest ok etc. This parameter allows usershares to
     8        such as path, guest ok, etc. This parameter allows usershares to
    99        "cloned" from an existing share. If "usershare template share"
    1010        is set to the name of an existing share, then all usershares

  • branches/samba-3.3.x/docs-xml/smbdotconf/printing/useclientdriver.xml

    r217 r221  
    3030    to open the printer with the PRINTER_ACCESS_ADMINISTER right is mapped
    3131    to PRINTER_ACCESS_USE instead.  Thus allowing the OpenPrinterEx()
    32     call to succeed.  <emphasis>This parameter MUST not be able enabled
     32    call to succeed.  <emphasis>This parameter MUST not be enabled
    3333    on a print share which has valid print driver installed on the Samba
    3434        server.</emphasis></para>

  • branches/samba-3.3.x/docs-xml/smbdotconf/protocol/aclcheckpermissions.xml

    r217 r221  
    2222    discovered at close time, which is too late for the Windows user tools to display an error message
    2323    to the user. The symptom of this is files that appear to have been deleted "magically" re-appearing
    24     on a Windows explorer refersh. This is an extremely advanced protocol option which should not
     24    on a Windows explorer refresh. This is an extremely advanced protocol option which should not
    2525    need to be changed. This parameter was introduced in its final form in 3.0.21, an earlier version
    2626    with slightly different semantics was introduced in 3.0.20. That older version is not documented here.

  • branches/samba-3.3.x/docs-xml/smbdotconf/protocol/enableasusupport.xml

    r217 r221  
    66<description>
    77    <para>Hosts running the "Advanced Server for Unix (ASU)" product
    8     require some special accomodations such as creating a builting [ADMIN$]
     8    require some special accomodations such as creating a builtin [ADMIN$]
    99    share that only supports IPC connections.  The has been the default
    1010    behavior in smbd for many years.  However, certain Microsoft applications

  • branches/samba-3.3.x/docs-xml/smbdotconf/security/clientlanmanauth.xml

    r217 r221  
    1212    Windows 95/98) will be able to be connected from the Samba client.</para>
    1313
    14     <para>The LANMAN encrypted response is easily broken, due to it's
     14    <para>The LANMAN encrypted response is easily broken, due to its
    1515    case-insensitive nature, and the choice of algorithm.  Clients
    1616    without Windows 95/98 servers are advised to disable

  • branches/samba-3.3.x/docs-xml/smbdotconf/security/clientsigning.xml

    r217 r221  
    55                 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
    66<description>
    7     <para>This controls whether the client offers or requires
    8     the server it talks to to use SMB signing. Possible values
     7    <para>This controls whether the client is allowed or required to use SMB signing. Possible values
    98    are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis>
    109    and <emphasis>disabled</emphasis>.

  • branches/samba-3.3.x/docs-xml/smbdotconf/security/lanmanauth.xml

    r217 r221  
    1313    connect to the Samba host.</para>
    1414
    15     <para>The LANMAN encrypted response is easily broken, due to it's
     15    <para>The LANMAN encrypted response is easily broken, due to its
    1616    case-insensitive nature, and the choice of algorithm.  Servers
    1717    without Windows 95/98/ME or MS DOS clients are advised to disable

  • branches/samba-3.3.x/docs-xml/smbdotconf/security/passwordserver.xml

    r217 r221  
    88    or Active Directory domain controller with this option,
    99    and using <command moreinfo="none">security = [ads|domain|server]</command>
    10     it is possible to get Samba to
     10    it is possible to get Samba
    1111    to do all its username/password validation using a specific remote server.</para>
    1212

  • branches/samba-3.3.x/docs-xml/smbdotconf/security/security.xml

    r217 r221  
    4848    is commonly used for a shared printer server. It is more difficult
    4949    to setup guest shares with <command moreinfo="none">security = user</command>, see
    50     the <smbconfoption name="map to guest"/>parameter for details.</para>
     50    the <smbconfoption name="map to guest"/> parameter for details.</para>
    5151               
    5252    <para>It is possible to use <command moreinfo="none">smbd</command> in a <emphasis>
     
    5959    <para><anchor id="SECURITYEQUALSSHARE"/><emphasis>SECURITY = SHARE</emphasis></para>
    6060               
    61     <para>When clients connect to a share level security server they
     61    <para>When clients connect to a share level security server, they
    6262    need not log onto the server with a valid username and password before
    6363    attempting to connect to a shared resource (although modern clients
     
    212212
    213213        <note><para>From the client's point of
    214     view <command moreinfo="none">security = server</command> is the
     214    view, <command moreinfo="none">security = server</command> is the
    215215    same as <command moreinfo="none">security = user</command>.  It
    216216    only affects how the server deals  with the authentication, it does

  • branches/samba-3.3.x/docs-xml/smbdotconf/security/serverschannel.xml

    r217 r221  
    1414
    1515    <para>
    16         Please note that with this set to <literal>no</literal> you will have to apply the WindowsXP
     16        Please note that with this set to <literal>no</literal>, you will have to apply the WindowsXP
    1717        <filename>WinXP_SignOrSeal.reg</filename> registry patch found in the docs/registry subdirectory of the Samba distribution tarball.
    1818        </para>

  • branches/samba-3.3.x/docs-xml/smbdotconf/security/serversigning.xml

    r217 r221  
    66<description>
    77
    8     <para>This controls whether the server offers or requires
    9     the client it talks to to use SMB signing. Possible values
     8    <para>This controls whether the client is allowed or required to use SMB signing. Possible values
    109    are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis>
    1110    and <emphasis>disabled</emphasis>.

  • branches/samba-3.3.x/docs-xml/smbdotconf/security/smbencrypt.xml

    r217 r221  
    1717    </para>
    1818
    19     <para>This controls whether the server offers or requires
    20     the client it talks to to use SMB encryption. Possible values
     19    <para>This controls whether the remote client is allowed or required to use SMB encryption. Possible values
    2120    are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis>
    2221    and <emphasis>disabled</emphasis>. This may be set on a per-share

  • branches/samba-3.3.x/docs-xml/smbdotconf/security/updateencrypted.xml

    r217 r221  
    1010        password in the smbpasswd file to be updated automatically as they log on. This option allows a site to
    1111        migrate from plaintext password authentication (users authenticate with plaintext password over the
    12         wire, and are checked against a UNIX account atabase) to encrypted password authentication (the SMB
     12        wire, and are checked against a UNIX account database) to encrypted password authentication (the SMB
    1313        challenge/response authentication mechanism) without forcing all users to re-enter their passwords via
    1414        smbpasswd at the time the change is made. This is a convenience option to allow the change over to encrypted
     
    2525
    2626    <para>
    27         Note that even when this parameter is set a user authenticating to <command moreinfo="none">smbd</command>
     27        Note that even when this parameter is set, a user authenticating to <command moreinfo="none">smbd</command>
    2828        must still enter a valid password in order to connect correctly, and to update their hashed (smbpasswd)
    2929        passwords.
Note: See TracChangeset for help on using the changeset viewer.