diff options
| author | Gerald W. Carter <jerry@samba.org> | 2008-04-22 10:09:40 -0500 |
|---|---|---|
| committer | Gerald W. Carter <jerry@samba.org> | 2008-04-23 08:47:48 -0500 |
| commit | 8f8a9f01909ba29e2b781310baeeaaddc3f15f0d (patch) | |
| tree | 90c6b720ad3a7bc815245c0ef28820424f89d658 /docs-xml/smbdotconf/security/updateencrypted.xml | |
| parent | 197238246389c40edc60c6630d18d6913086e630 (diff) | |
| download | samba-8f8a9f01909ba29e2b781310baeeaaddc3f15f0d.tar.gz samba-8f8a9f01909ba29e2b781310baeeaaddc3f15f0d.tar.bz2 samba-8f8a9f01909ba29e2b781310baeeaaddc3f15f0d.zip | |
Moving docs tree to docs-xml to make room for generated docs in the release tarball.
(This used to be commit 9f672c26d63955f613088489c6efbdc08b5b2d14)
Diffstat (limited to 'docs-xml/smbdotconf/security/updateencrypted.xml')
| -rw-r--r-- | docs-xml/smbdotconf/security/updateencrypted.xml | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/security/updateencrypted.xml b/docs-xml/smbdotconf/security/updateencrypted.xml new file mode 100644 index 0000000000..da493665cf --- /dev/null +++ b/docs-xml/smbdotconf/security/updateencrypted.xml @@ -0,0 +1,34 @@ +<samba:parameter name="update encrypted" + context="G" + type="boolean" + basic="1" advanced="1" developer="1" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + + <para> + This boolean parameter allows a user logging on with a plaintext password to have their encrypted (hashed) + password in the smbpasswd file to be updated automatically as they log on. This option allows a site to + migrate from plaintext password authentication (users authenticate with plaintext password over the + wire, and are checked against a UNIX account atabase) to encrypted password authentication (the SMB + challenge/response authentication mechanism) without forcing all users to re-enter their passwords via + smbpasswd at the time the change is made. This is a convenience option to allow the change over to encrypted + passwords to be made over a longer period. Once all users have encrypted representations of their passwords + in the smbpasswd file this parameter should be set to <constant>no</constant>. + </para> + + <para> + In order for this parameter to be operative the <smbconfoption name="encrypt passwords"/> parameter must + be set to <constant>no</constant>. The default value of <smbconfoption name="encrypt + passwords">Yes</smbconfoption>. Note: This must be set to <constant>no</constant> for this <smbconfoption + name="update encrypted"/> to work. + </para> + + <para> + Note that even when this parameter is set a user authenticating to <command moreinfo="none">smbd</command> + must still enter a valid password in order to connect correctly, and to update their hashed (smbpasswd) + passwords. + </para> +</description> + +<value type="default">no</value> +</samba:parameter> |