diff options
| author | Gerald W. Carter <jerry@samba.org> | 2008-04-22 10:09:40 -0500 |
|---|---|---|
| committer | Gerald W. Carter <jerry@samba.org> | 2008-04-23 08:47:48 -0500 |
| commit | 8f8a9f01909ba29e2b781310baeeaaddc3f15f0d (patch) | |
| tree | 90c6b720ad3a7bc815245c0ef28820424f89d658 /docs-xml/smbdotconf/security/passwordlevel.xml | |
| parent | 197238246389c40edc60c6630d18d6913086e630 (diff) | |
| download | samba-8f8a9f01909ba29e2b781310baeeaaddc3f15f0d.tar.gz samba-8f8a9f01909ba29e2b781310baeeaaddc3f15f0d.tar.bz2 samba-8f8a9f01909ba29e2b781310baeeaaddc3f15f0d.zip | |
Moving docs tree to docs-xml to make room for generated docs in the release tarball.
(This used to be commit 9f672c26d63955f613088489c6efbdc08b5b2d14)
Diffstat (limited to 'docs-xml/smbdotconf/security/passwordlevel.xml')
| -rw-r--r-- | docs-xml/smbdotconf/security/passwordlevel.xml | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/security/passwordlevel.xml b/docs-xml/smbdotconf/security/passwordlevel.xml new file mode 100644 index 0000000000..1da11e406b --- /dev/null +++ b/docs-xml/smbdotconf/security/passwordlevel.xml @@ -0,0 +1,48 @@ +<samba:parameter name="password level" + context="G" + type="integer" + advanced="1" developer="1" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>Some client/server combinations have difficulty + with mixed-case passwords. One offending client is Windows for + Workgroups, which for some reason forces passwords to upper + case when using the LANMAN1 protocol, but leaves them alone when + using COREPLUS! Another problem child is the Windows 95/98 + family of operating systems. These clients upper case clear + text passwords even when NT LM 0.12 selected by the protocol + negotiation request/response.</para> + + <para>This parameter defines the maximum number of characters + that may be upper case in passwords.</para> + + <para>For example, say the password given was "FRED". If <parameter moreinfo="none"> + password level</parameter> is set to 1, the following combinations + would be tried if "FRED" failed:</para> + + <para>"Fred", "fred", "fRed", "frEd","freD"</para> + + <para>If <parameter moreinfo="none">password level</parameter> was set to 2, + the following combinations would also be tried: </para> + + <para>"FRed", "FrEd", "FreD", "fREd", "fReD", "frED", ..</para> + + <para>And so on.</para> + + <para>The higher value this parameter is set to the more likely + it is that a mixed case password will be matched against a single + case password. However, you should be aware that use of this + parameter reduces security and increases the time taken to + process a new connection.</para> + + <para>A value of zero will cause only two attempts to be + made - the password as is and the password in all-lower case.</para> + + <para>This parameter is used only when using plain-text passwords. It is + not at all used when encrypted passwords as in use (that is the default + since samba-3.0.0). Use this only when <smbconfoption name="encrypt passwords">No</smbconfoption>.</para> +</description> + +<value type="default">0</value> +<value type="example">4</value> +</samba:parameter> |