Add new framework for smb.conf(5). Please read README before trying to compile.

I will commit more meta-information updates during week-end.
(This used to be commit 8d684dffab6a90b3d612a1aa2b2c457a2bc2e6ac)

1 files changed, 15 insertions, 0 deletions

diff --git a/docs/docbook/smbdotconf/security/obeypamrestrictions.xml b/docs/docbook/smbdotconf/security/obeypamrestrictions.xml
new file mode 100644
index 0000000000..92a6bce22d
--- /dev/null
+++ b/docs/docbook/smbdotconf/security/obeypamrestrictions.xml
@@ -0,0 +1,15 @@
+<samba:parameter xmlns:samba="http://samba.org/common">
+		<term><anchor id="OBEYPAMRESTRICTIONS"/>obey pam restrictions (G)</term>
+		<listitem><para>When Samba 2.2 is configured to enable PAM support
+		(i.e. --with-pam), this parameter will control whether or not Samba
+		should obey PAM's account and session management directives.  The 
+		default behavior is to use PAM for clear text authentication only
+		and to ignore any account or session management.  Note that Samba
+		always ignores PAM for authentication in the case of <link linkend="ENCRYPTPASSWORDS"><parameter moreinfo="none">encrypt passwords = yes</parameter>
+		</link>.  The reason is that PAM modules cannot support the challenge/response
+		authentication mechanism needed in the presence of SMB password encryption.
+		</para>
+
+		<para>Default: <command moreinfo="none">obey pam restrictions = no</command></para>
+		</listitem>
+		</samba:parameter>