diff options
author | Gerald Carter <jerry@samba.org> | 2003-09-09 02:58:53 +0000 |
---|---|---|
committer | Gerald Carter <jerry@samba.org> | 2003-09-09 02:58:53 +0000 |
commit | 99bde6889d3d8b7a9e950c86c30e82662e1dacdd (patch) | |
tree | bb7d34722e3b2b98ae7e36c11f4e7e4d4538b6fb /docs/docbook/smbdotconf | |
parent | a50367ee119d0acf1bcaaf93f8c6fcc8fa68c999 (diff) | |
download | samba-99bde6889d3d8b7a9e950c86c30e82662e1dacdd.tar.gz samba-99bde6889d3d8b7a9e950c86c30e82662e1dacdd.tar.bz2 samba-99bde6889d3d8b7a9e950c86c30e82662e1dacdd.zip |
syncing files from 3.0 into HEAD again
(This used to be commit bca0bba209255d0effbae6a3d3b6d298f0952c3a)
Diffstat (limited to 'docs/docbook/smbdotconf')
36 files changed, 303 insertions, 57 deletions
diff --git a/docs/docbook/smbdotconf/base/netbiosaliases.xml b/docs/docbook/smbdotconf/base/netbiosaliases.xml index a62fb8f7d6..ac8ffaf2b9 100644 --- a/docs/docbook/smbdotconf/base/netbiosaliases.xml +++ b/docs/docbook/smbdotconf/base/netbiosaliases.xml @@ -3,7 +3,7 @@ advanced="1" wizard="1" developer="1" xmlns:samba="http://samba.org/common"> <listitem> - <para>This is a list of NetBIOS names that <ulink url="nmbd.8.html">nmbd(8)</ulink> will + <para>This is a list of NetBIOS names that nmbd will advertise as additional names by which the Samba server is known. This allows one machine to appear in browse lists under multiple names. If a machine is acting as a browse server or logon server none of these names will be advertised as either browse server or logon diff --git a/docs/docbook/smbdotconf/domain/machinepasswordtimeout.xml b/docs/docbook/smbdotconf/domain/machinepasswordtimeout.xml index 06017fce59..7caf3058c9 100644 --- a/docs/docbook/smbdotconf/domain/machinepasswordtimeout.xml +++ b/docs/docbook/smbdotconf/domain/machinepasswordtimeout.xml @@ -5,8 +5,8 @@ <listitem> <para>If a Samba server is a member of a Windows NT Domain (see the <link linkend="SECURITYEQUALSDOMAIN">security = domain</link>) - parameter) then periodically a running <ulink url="smbd.8.html"> - smbd(8)</ulink> process will try and change the MACHINE ACCOUNT + parameter) then periodically a running smbd + process will try and change the MACHINE ACCOUNT PASSWORD stored in the TDB called <filename moreinfo="none">private/secrets.tdb </filename>. This parameter specifies how often this password will be changed, in seconds. The default is one week (expressed in diff --git a/docs/docbook/smbdotconf/filename/mangleprefix.xml b/docs/docbook/smbdotconf/filename/mangleprefix.xml index cbd41f973d..eff1f2b8fe 100644 --- a/docs/docbook/smbdotconf/filename/mangleprefix.xml +++ b/docs/docbook/smbdotconf/filename/mangleprefix.xml @@ -9,6 +9,10 @@ hash and therefore more name collisions. The minimum value is 1 and the maximum value is 6.</para> + <para> + mangle prefix is effective only when mangling method is hash2. + </para> + <para>Default: <command moreinfo="none">mangle prefix = 1</command></para> <para>Example: <command moreinfo="none">mangle prefix = 4</command></para> diff --git a/docs/docbook/smbdotconf/filename/manglingchar.xml b/docs/docbook/smbdotconf/filename/manglingchar.xml index 57c4fa2acd..de5f620fd9 100644 --- a/docs/docbook/smbdotconf/filename/manglingchar.xml +++ b/docs/docbook/smbdotconf/filename/manglingchar.xml @@ -5,7 +5,7 @@ <para>This controls what character is used as the <emphasis>magic</emphasis> character in <link linkend="NAMEMANGLINGSECT">name mangling</link>. The default is a '~' but this may interfere with some software. Use this option to set - it to whatever you prefer.</para> + it to whatever you prefer. This is effective only when mangling method is hash.</para> <para>Default: <command moreinfo="none">mangling char = ~</command></para> diff --git a/docs/docbook/smbdotconf/ldap/ldapgroupsuffix.xml b/docs/docbook/smbdotconf/ldap/ldapgroupsuffix.xml new file mode 100644 index 0000000000..5e6b9cc886 --- /dev/null +++ b/docs/docbook/smbdotconf/ldap/ldapgroupsuffix.xml @@ -0,0 +1,14 @@ +<samba:parameter name="ldap group suffix" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>This parameters specifies the suffix that is + used for groups when these are added to the LDAP directory. + If this parameter is unset, the value of <parameter>ldap suffix</parameter> will be used instead.</para> + + <para>Default: <emphasis>none</emphasis></para> + + <para>Example: <emphasis>dc=samba,ou=Groups</emphasis></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/ldap/ldapidmapsuffix.xml b/docs/docbook/smbdotconf/ldap/ldapidmapsuffix.xml new file mode 100644 index 0000000000..f826183c33 --- /dev/null +++ b/docs/docbook/smbdotconf/ldap/ldapidmapsuffix.xml @@ -0,0 +1,15 @@ +<samba:parameter name="ldap idmap suffix" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>This parameters specifies the suffix that is + used when storing idmap mappings. If this parameter + is unset, the value of <parameter>ldap suffix</parameter> + will be used instead.</para> + + <para>Default: <emphasis>none</emphasis></para> + + <para>Example: <emphasis>dc=samba,ou=Idmap</emphasis></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/ldap/ldapusersuffix.xml b/docs/docbook/smbdotconf/ldap/ldapusersuffix.xml index 731fba3420..93d450b5e4 100644 --- a/docs/docbook/smbdotconf/ldap/ldapusersuffix.xml +++ b/docs/docbook/smbdotconf/ldap/ldapusersuffix.xml @@ -3,7 +3,8 @@ advanced="1" developer="1" xmlns:samba="http://samba.org/common"> <listitem> - <para>It specifies where users are added to the tree.</para> + <para>This parameter specifies where users are added to the tree. + If this parameter is not specified, the value from <command>ldap suffix</command>.</para> <para>Default: <emphasis>none</emphasis></para> </listitem> diff --git a/docs/docbook/smbdotconf/locking/lockspincount.xml b/docs/docbook/smbdotconf/locking/lockspincount.xml index d308f5d845..eb5862699a 100644 --- a/docs/docbook/smbdotconf/locking/lockspincount.xml +++ b/docs/docbook/smbdotconf/locking/lockspincount.xml @@ -12,6 +12,6 @@ and FoxPro. </para> - <para>Default: <command moreinfo="none">lock spin count = 2</command></para> + <para>Default: <command moreinfo="none">lock spin count = 3</command></para> </listitem> </samba:parameter> diff --git a/docs/docbook/smbdotconf/logon/adduserscript.xml b/docs/docbook/smbdotconf/logon/adduserscript.xml index 34d3e7ea58..42f7b04563 100644 --- a/docs/docbook/smbdotconf/logon/adduserscript.xml +++ b/docs/docbook/smbdotconf/logon/adduserscript.xml @@ -11,7 +11,7 @@ created for all users accessing files on this server. For sites that use Windows NT account databases as their primary user database creating these users and keeping the user list in sync with the - Windows NT PDC is an onerous task. This option allows <ulink url="smbd.8.html">smbd</ulink> to create the required UNIX users + Windows NT PDC is an onerous task. This option allows smbd to create the required UNIX users <emphasis>ON DEMAND</emphasis> when a user accesses the Samba server.</para> <para>In order to use this option, <citerefentry><refentrytitle>smbd</refentrytitle> diff --git a/docs/docbook/smbdotconf/logon/logonscript.xml b/docs/docbook/smbdotconf/logon/logonscript.xml index 65b6253c0c..a1e8e0c03b 100644 --- a/docs/docbook/smbdotconf/logon/logonscript.xml +++ b/docs/docbook/smbdotconf/logon/logonscript.xml @@ -22,8 +22,8 @@ suggested command would be to add <command moreinfo="none">NET TIME \\SERVER /SET /YES</command>, to force every machine to synchronize clocks with the same time server. Another use would be to add <command moreinfo="none">NET USE - U: \\SERVER\UTILS</command> for commonly used utilities, or <command moreinfo="none"> - NET USE Q: \\SERVER\ISO9001_QA</command> for example.</para> + U: \\SERVER\UTILS</command> for commonly used utilities, or <screen> + <userinput>NET USE Q: \\SERVER\ISO9001_QA</userinput></screen> for example.</para> <para>Note that it is particularly important not to allow write access to the [netlogon] share, or to grant users write permission diff --git a/docs/docbook/smbdotconf/logon/shutdownscript.xml b/docs/docbook/smbdotconf/logon/shutdownscript.xml index 0eaffea747..8935714307 100644 --- a/docs/docbook/smbdotconf/logon/shutdownscript.xml +++ b/docs/docbook/smbdotconf/logon/shutdownscript.xml @@ -38,7 +38,7 @@ <para>Default: <emphasis>None</emphasis>.</para> - <para>Example: <command moreinfo="none">abort shutdown script = /usr/local/samba/sbin/shutdown %m %t %r %f</command></para> + <para>Example: <command moreinfo="none">shutdown script = /usr/local/samba/sbin/shutdown %m %t %r %f</command></para> <para>Shutdown script example: <programlisting format="linespecific"> diff --git a/docs/docbook/smbdotconf/misc/kernelchangenotify.xml b/docs/docbook/smbdotconf/misc/kernelchangenotify.xml new file mode 100644 index 0000000000..c6dc215b94 --- /dev/null +++ b/docs/docbook/smbdotconf/misc/kernelchangenotify.xml @@ -0,0 +1,17 @@ +<samba:parameter name="kernel change notify" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>This parameter specifies whether Samba should ask the + kernel for change notifications in directories so that + SMB clients can refresh whenever the data on the server changes. + </para> + + <para>This parameter is only usd when your kernel supports + change notification to user programs, using the F_NOTIFY fcntl. + </para> + + <para>Default: <emphasis>Yes</emphasis></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/misc/remoteannounce.xml b/docs/docbook/smbdotconf/misc/remoteannounce.xml index 019cc306a7..d03ea8b0e2 100644 --- a/docs/docbook/smbdotconf/misc/remoteannounce.xml +++ b/docs/docbook/smbdotconf/misc/remoteannounce.xml @@ -27,8 +27,7 @@ addresses of the remote networks, but can also be the IP addresses of known browse masters if your network config is that stable.</para> - <para>See the documentation file <ulink url="improved-browsing.html">BROWSING</ulink> - in the <filename moreinfo="none">docs/</filename> directory.</para> + <para>See <link linkend="NetworkBrowsing"/>.</para> <para>Default: <command moreinfo="none">remote announce = <empty string></command></para> </listitem> diff --git a/docs/docbook/smbdotconf/printing/os2drivermap.xml b/docs/docbook/smbdotconf/printing/os2drivermap.xml index 478031c7b9..ffaa58fe2a 100644 --- a/docs/docbook/smbdotconf/printing/os2drivermap.xml +++ b/docs/docbook/smbdotconf/printing/os2drivermap.xml @@ -14,9 +14,8 @@ LaserJet 5L</command>.</para> <para>The need for the file is due to the printer driver namespace - problem described in the <ulink url="printing.html">Samba - Printing HOWTO</ulink>. For more details on OS/2 clients, please - refer to the OS2-Client-HOWTO containing in the Samba documentation.</para> + problem described in <link linkiend="printing"/>. For more details on OS/2 clients, please + refer to <link linkend="Other-Clients"/>.</para> <para>Default: <command moreinfo="none">os2 driver map = <empty string></command></para> </listitem> diff --git a/docs/docbook/smbdotconf/protocol/clientusespnego.xml b/docs/docbook/smbdotconf/protocol/clientusespnego.xml index df25fbfb20..ce187a36fa 100644 --- a/docs/docbook/smbdotconf/protocol/clientusespnego.xml +++ b/docs/docbook/smbdotconf/protocol/clientusespnego.xml @@ -6,6 +6,9 @@ <para> This variable controls controls whether samba clients will try to use Simple and Protected NEGOciation (as specified by rfc2478) with WindowsXP and Windows2000 servers to agree upon an authentication mechanism. + SPNEGO client support for SMB Signing is currently broken, so + you might want to turn this option off when operating with + Windows 2003 domain controllers in particular. </para> <para>Default: <emphasis>client use spnego = yes</emphasis></para> diff --git a/docs/docbook/smbdotconf/protocol/nameresolveorder.xml b/docs/docbook/smbdotconf/protocol/nameresolveorder.xml index 4e88495489..45bc98843f 100644 --- a/docs/docbook/smbdotconf/protocol/nameresolveorder.xml +++ b/docs/docbook/smbdotconf/protocol/nameresolveorder.xml @@ -18,7 +18,7 @@ <para><constant>lmhosts</constant> : Lookup an IP address in the Samba lmhosts file. If the line in lmhosts has no name type attached to the NetBIOS name (see the <ulink - url="lmhosts.5.html">lmhosts(5)</ulink> for details) then + noescape="1" url="lmhosts.5.html">lmhosts(5)</ulink> for details) then any name type matches for lookup.</para> </listitem> diff --git a/docs/docbook/smbdotconf/protocol/profileacls.xml b/docs/docbook/smbdotconf/protocol/profileacls.xml index 6f2b3ec510..505f371809 100644 --- a/docs/docbook/smbdotconf/protocol/profileacls.xml +++ b/docs/docbook/smbdotconf/protocol/profileacls.xml @@ -10,7 +10,10 @@ Windows XP clients. New versions of Windows 2000 or Windows XP service packs do security ACL checking on the owner and ability to write of the profile directory stored on a local workstation when copied from a Samba - share. When not in domain mode with winbindd then the security info copied + share. +</para> + +<para>When not in domain mode with winbindd then the security info copied onto the local workstation has no meaning to the logged in user (SID) on that workstation so the profile storing fails. Adding this parameter onto a share used for profile storage changes two things about the @@ -19,15 +22,17 @@ BUILTIN\\Users respectively (SIDs S-1-5-32-544, S-1-5-32-545). Secondly it adds an ACE entry of "Full Control" to the SID BUILTIN\\Users to every returned ACL. This will allow any Windows 2000 or XP workstation - user to access the profile. Note that if you have multiple users logging + user to access the profile.</para> + + <para>Note that if you have multiple users logging on to a workstation then in order to prevent them from being able to access each others profiles you must remove the "Bypass traverse checking" advanced user right. This will prevent access to other users profile directories as the top level profile directory (named after the user) is created by the workstation profile code and has an ACL restricting entry to the directory tree to the owning user. - </para> - +</para> + <para>Default: <command moreinfo="none">profile acls = no</command></para> </listitem> </samba:parameter> diff --git a/docs/docbook/smbdotconf/protocol/unixextensions.xml b/docs/docbook/smbdotconf/protocol/unixextensions.xml index 2f68b9605e..e62ca1a2d4 100644 --- a/docs/docbook/smbdotconf/protocol/unixextensions.xml +++ b/docs/docbook/smbdotconf/protocol/unixextensions.xml @@ -10,6 +10,6 @@ These extensions require a similarly enabled client, and are of no current use to Windows clients.</para> - <para>Default: <command moreinfo="none">unix extensions = no</command></para> + <para>Default: <command moreinfo="none">unix extensions = yes</command></para> </listitem> </samba:parameter> diff --git a/docs/docbook/smbdotconf/security/allowtrusteddomains.xml b/docs/docbook/smbdotconf/security/allowtrusteddomains.xml index 63363d2607..8354f8b8da 100644 --- a/docs/docbook/smbdotconf/security/allowtrusteddomains.xml +++ b/docs/docbook/smbdotconf/security/allowtrusteddomains.xml @@ -7,7 +7,7 @@ <parameter moreinfo="none">security</parameter></link> option is set to <constant>server</constant> or <constant>domain</constant>. If it is set to no, then attempts to connect to a resource from - a domain or workgroup other than the one which <ulink url="smbd.8.html">smbd</ulink> is running + a domain or workgroup other than the one which smbd is running in will fail, even if that domain is trusted by the remote server doing the authentication.</para> diff --git a/docs/docbook/smbdotconf/security/clientntlmv2auth.xml b/docs/docbook/smbdotconf/security/clientntlmv2auth.xml index 0bf196488b..611ebcd094 100644 --- a/docs/docbook/smbdotconf/security/clientntlmv2auth.xml +++ b/docs/docbook/smbdotconf/security/clientntlmv2auth.xml @@ -13,6 +13,12 @@ (including NT4 < SP4, Win9x and Samba 2.2) are not compatible with NTLMv2. </para> + <para>Similarly, if enabled, NTLMv1, <command + moreinfo="none">client lanman auth</command> and <command + moreinfo="none">client plaintext auth</command> + authentication will be disabled. This also disables share-level + authentication. </para> + <para>If disabled, an NTLM response (and possibly a LANMAN response) will be sent by the client, depending on the value of <command moreinfo="none">client lanman auth</command>. </para> diff --git a/docs/docbook/smbdotconf/security/clientplaintextauth.xml b/docs/docbook/smbdotconf/security/clientplaintextauth.xml new file mode 100644 index 0000000000..ac90ef9fe5 --- /dev/null +++ b/docs/docbook/smbdotconf/security/clientplaintextauth.xml @@ -0,0 +1,12 @@ +<samba:parameter name="client plaintext auth" + context="G" + basic="1" advanced="1" wizard="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>Specifies whether a client should send a plaintext + password if the server does not support encrypted passwords.</para> + + <para>Default: <command moreinfo="none">client plaintext auth = yes</command></para> + +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/security/clientschannel.xml b/docs/docbook/smbdotconf/security/clientschannel.xml new file mode 100644 index 0000000000..f3ad682517 --- /dev/null +++ b/docs/docbook/smbdotconf/security/clientschannel.xml @@ -0,0 +1,19 @@ +<samba:parameter name="client schannel" + context="G" + basic="1" + xmlns:samba="http://samba.org/common"> +<listitem> + + <para>This controls whether the client offers or even + demands the use of the netlogon schannel. + <parameter>client schannel = no</parameter> does not + offer the schannel, <parameter>server schannel = + auto</parameter> offers the schannel but does not + enforce it, and <parameter>server schannel = + yes</parameter> denies access if the server is not + able to speak netlogon schannel. </para> + + <para>Default: <command>client schannel = auto</command></para> + <para>Example: <command>client schannel = yes</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/security/clientsigning.xml b/docs/docbook/smbdotconf/security/clientsigning.xml new file mode 100644 index 0000000000..e006dc71ab --- /dev/null +++ b/docs/docbook/smbdotconf/security/clientsigning.xml @@ -0,0 +1,19 @@ +<samba:parameter name="client signing" + context="G" + basic="1" + xmlns:samba="http://samba.org/common"> +<listitem> + + <para>This controls whether the client offers or requires + the server it talks to to use SMB signing. Possible values + are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis> + and <emphasis>disabled</emphasis>. + </para> + + <para>When set to auto, SMB signing is offered, but not enforced. + When set to mandatory, SMB signing is required and if set + to disabled, SMB signing is not offered either.</para> + + <para>Default: <command>client signing = auto</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/security/passdbbackend.xml b/docs/docbook/smbdotconf/security/passdbbackend.xml index 1a3a83946a..8c64299dd4 100644 --- a/docs/docbook/smbdotconf/security/passdbbackend.xml +++ b/docs/docbook/smbdotconf/security/passdbbackend.xml @@ -55,22 +55,15 @@ details. </para></listitem> - <listitem> - <para><command moreinfo="none">guest</command> - - Very simple backend that only provides one user: the guest user. - Only maps the NT guest user to the <parameter>guest account</parameter>. - Required in pretty much all situations. - </para></listitem> - </itemizedlist> </para> <para>Default: <command moreinfo="none">passdb backend = smbpasswd</command></para> - <para>Example: <command moreinfo="none">passdb backend = tdbsam:/etc/samba/private/passdb.tdb smbpasswd:/etc/samba/smbpasswd guest</command></para> + <para>Example: <command moreinfo="none">passdb backend = tdbsam:/etc/samba/private/passdb.tdb smbpasswd:/etc/samba/smbpasswd</command></para> - <para>Example: <command moreinfo="none">passdb backend = ldapsam:ldaps://ldap.example.com guest</command></para> + <para>Example: <command moreinfo="none">passdb backend = ldapsam:ldaps://ldap.example.com</command></para> - <para>Example: <command moreinfo="none">passdb backend = mysql:my_plugin_args tdbsam:/etc/samba/private/passdb.tdb guest</command></para> + <para>Example: <command moreinfo="none">passdb backend = mysql:my_plugin_args tdbsam</command></para> </listitem> </samba:parameter> diff --git a/docs/docbook/smbdotconf/security/passwdprogram.xml b/docs/docbook/smbdotconf/security/passwdprogram.xml index dbcc261ce4..db02670158 100644 --- a/docs/docbook/smbdotconf/security/passwdprogram.xml +++ b/docs/docbook/smbdotconf/security/passwdprogram.xml @@ -17,9 +17,8 @@ <para><emphasis>Note</emphasis> that if the <parameter moreinfo="none">unix password sync</parameter> parameter is set to <constant>yes </constant> then this program is called <emphasis>AS ROOT</emphasis> - before the SMB password in the <ulink url="smbpasswd.5.html"><citerefentry> - <refentrytitle>smbpasswd</refentrytitle><manvolnum>5</manvolnum></citerefentry> - </ulink> file is changed. If this UNIX password change fails, then + before the SMB password in the smbpasswd + file is changed. If this UNIX password change fails, then <command moreinfo="none">smbd</command> will fail to change the SMB password also (this is by design).</para> diff --git a/docs/docbook/smbdotconf/security/preloadmodules.xml b/docs/docbook/smbdotconf/security/preloadmodules.xml index 7b4e57cff1..101d9606fa 100644 --- a/docs/docbook/smbdotconf/security/preloadmodules.xml +++ b/docs/docbook/smbdotconf/security/preloadmodules.xml @@ -7,9 +7,6 @@ be loaded into smbd before a client connects. This improves the speed of smbd when reacting to new connections somewhat. </para> - <para>It is recommended to only use this option on heavy-performance - servers.</para> - <para>Default: <command>preload modules = </command></para> <para>Example: <command>preload modules = /usr/lib/samba/passdb/mysql.so+++ </command></para> diff --git a/docs/docbook/smbdotconf/security/serversigning.xml b/docs/docbook/smbdotconf/security/serversigning.xml new file mode 100644 index 0000000000..5108918d84 --- /dev/null +++ b/docs/docbook/smbdotconf/security/serversigning.xml @@ -0,0 +1,19 @@ +<samba:parameter name="server signing" + context="G" + basic="1" + xmlns:samba="http://samba.org/common"> +<listitem> + + <para>This controls whether the server offers or requires + the client it talks to to use SMB signing. Possible values + are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis> + and <emphasis>disabled</emphasis>. + </para> + + <para>When set to auto, SMB signing is offered, but not enforced. + When set to mandatory, SMB signing is required and if set + to disabled, SMB signing is not offered either.</para> + + <para>Default: <command>client signing = False</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/tuning/deadtime.xml b/docs/docbook/smbdotconf/tuning/deadtime.xml index cbbf751862..938f354b9a 100644 --- a/docs/docbook/smbdotconf/tuning/deadtime.xml +++ b/docs/docbook/smbdotconf/tuning/deadtime.xml @@ -1,4 +1,4 @@ -<samba:parameter name="dead time" +<samba:parameter name="deadtime" context="G" developer="1" xmlns:samba="http://samba.org/common"> diff --git a/docs/docbook/smbdotconf/vfs/aclcompatibility.xml b/docs/docbook/smbdotconf/vfs/aclcompatibility.xml new file mode 100644 index 0000000000..ca3f39512d --- /dev/null +++ b/docs/docbook/smbdotconf/vfs/aclcompatibility.xml @@ -0,0 +1,17 @@ +<samba:parameter name="acl compatibility" + context="S" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>This parameter specifies what OS ACL semantics should + be compatible with. Possible values are <emphasis>winnt</emphasis> for Windows NT 4, + <emphasis>win2k</emphasis> for Windows 2000 and above and <emphasis>auto</emphasis>. + If you specify <emphasis>auto</emphasis>, the value for this parameter + will be based upon the version of the client. There should + be no reason to change this parameter from the default.</para> + + <para>Default: <command moreinfo="none">acl compatibility = Auto</command></para> + + <para>Example: <command moreinfo="none">acl compatibility = win2k</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/vfs/getquotacommand.xml b/docs/docbook/smbdotconf/vfs/getquotacommand.xml new file mode 100644 index 0000000000..93c9089519 --- /dev/null +++ b/docs/docbook/smbdotconf/vfs/getquotacommand.xml @@ -0,0 +1,52 @@ +<samba:parameter name="get quota command" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>The <command>get quota command</command> should only be used + whenever there is no operating system API available from the OS that + samba can use.</para> + + <para>This parameter should specify the path to a script that + queries the quota information for the specified + user/group for the partition that + the specified directory is on.</para> + + <para>Such a script should take 3 arguments:</para> + + <itemizedlist> + <listitem><para>directory</para></listitem> + <listitem><para>type of query</para></listitem> + <listitem><para>uid of user or gid of group</para></listitem> + </itemizedlist> + + <para>The type of query can be one of :</para> + + <itemizedlist> + <listitem><para>1 - user quotas</para></listitem> + <listitem><para>2 - user default quotas (uid = -1)</para></listitem> + <listitem><para>3 - group quotas</para></listitem> + <listitem><para>4 - group default quotas (gid = -1)</para></listitem> + </itemizedlist> + + <para>This script should print its output according to the following format:</para> + + <itemizedlist> + <listitem><para>Line 1 - quota flags (0 = no quotas, 1 = quotas enabled, 2 = quotas enabled and enforced)</para></listitem> + <listitem><para>Line 2 - number of currently used blocks</para></listitem> + <listitem><para>Line 3 - the softlimit number of blocks</para></listitem> + <listitem><para>Line 4 - the hardlimit number of blocks</para></listitem> + <listitem><para>Line 5 - currently used number of inodes</para></listitem> + <listitem><para>Line 6 - the softlimit number of inodes</para></listitem> + <listitem><para>Line 7 - the hardlimit number of inodes</para></listitem> + <listitem><para>Line 8(optional) - the number of bytes in a block(default is 1024)</para></listitem> + </itemizedlist> + + <para>See also the <link linkend="SETQUOTACOMMAND"><parameter moreinfo="none">set quota command</parameter></link> parameter. + </para> + + <para>Default: <command moreinfo="none">get quota command = </command></para> + + <para>Example: <command moreinfo="none">get quota command = /usr/local/sbin/query_quota</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/vfs/hostmsdfs.xml b/docs/docbook/smbdotconf/vfs/hostmsdfs.xml index c843969e50..d2b64cc68f 100644 --- a/docs/docbook/smbdotconf/vfs/hostmsdfs.xml +++ b/docs/docbook/smbdotconf/vfs/hostmsdfs.xml @@ -3,16 +3,14 @@ advanced="1" developer="1" xmlns:samba="http://samba.org/common"> <listitem> - <para>This boolean parameter is only available - if Samba has been configured and compiled with the <command moreinfo="none"> - --with-msdfs</command> option. If set to <constant>yes</constant>, - Samba will act as a Dfs server, and allow Dfs-aware clients - to browse Dfs trees hosted on the server.</para> + <para>If set to <constant>yes</constant>, Samba will act as a Dfs + server, and allow Dfs-aware clients to browse Dfs trees hosted + on the server.</para> <para>See also the <link linkend="MSDFSROOT"><parameter moreinfo="none"> msdfs root</parameter></link> share level parameter. For more information on setting up a Dfs tree on Samba, - refer to <ulink url="msdfs_setup.html">msdfs_setup.html</ulink>. + refer to <link linkend="msdfs"/>. </para> <para>Default: <command moreinfo="none">host msdfs = no</command></para> diff --git a/docs/docbook/smbdotconf/vfs/msdfsroot.xml b/docs/docbook/smbdotconf/vfs/msdfsroot.xml index 35142ff037..059ffff9a0 100644 --- a/docs/docbook/smbdotconf/vfs/msdfsroot.xml +++ b/docs/docbook/smbdotconf/vfs/msdfsroot.xml @@ -2,16 +2,14 @@ context="S" xmlns:samba="http://samba.org/common"> <listitem> - <para>This boolean parameter is only available if - Samba is configured and compiled with the <command moreinfo="none"> - --with-msdfs</command> option. If set to <constant>yes</constant>, - Samba treats the share as a Dfs root and allows clients to browse - the distributed file system tree rooted at the share directory. - Dfs links are specified in the share directory by symbolic - links of the form <filename moreinfo="none">msdfs:serverA\\shareA,serverB\\shareB</filename> - and so on. For more information on setting up a Dfs tree - on Samba, refer to <ulink url="msdfs.html">"Hosting a Microsoft - Distributed File System tree on Samba"</ulink> document.</para> + <para>If set to <constant>yes</constant>, Samba treats the + share as a Dfs root and allows clients to browse the + distributed file system tree rooted at the share directory. + Dfs links are specified in the share directory by symbolic + links of the form <filename + moreinfo="none">msdfs:serverA\\shareA,serverB\\shareB</filename> + and so on. For more information on setting up a Dfs tree on + Samba, refer to <link linkend="msdfs"/>.</para> <para>See also <link linkend="HOSTMSDFS"><parameter moreinfo="none">host msdfs</parameter></link></para> diff --git a/docs/docbook/smbdotconf/vfs/setquotacommand.xml b/docs/docbook/smbdotconf/vfs/setquotacommand.xml new file mode 100644 index 0000000000..b4b7303a0d --- /dev/null +++ b/docs/docbook/smbdotconf/vfs/setquotacommand.xml @@ -0,0 +1,42 @@ +<samba:parameter name="set quota command" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>The <command>set quota command</command> should only be used + whenever there is no operating system API available from the OS that + samba can use.</para> + + <para>This parameter should specify the path to a script that + can set quota for the specified arguments.</para> + + <para>The specified script should take the following arguments:</para> + + <itemizedlist> + <listitem><para>1 - quota type + <itemizedlist> + <listitem><para>1 - user quotas</para></listitem> + <listitem><para>2 - user default quotas (uid = -1)</para></listitem> + <listitem><para>3 - group quotas</para></listitem> + <listitem><para>4 - group default quotas (gid = -1)</para></listitem> + </itemizedlist> + </para></listitem> + <listitem><para>2 - id (uid for user, gid for group, -1 if N/A)</para></listitem> + <listitem><para>3 - quota state (0 = disable, 1 = enable, 2 = enable and enforce)</para></listitem> + <listitem><para>4 - block softlimit</para></listitem> + <listitem><para>5 - block hardlimit</para></listitem> + <listitem><para>6 - inode softlimit</para></listitem> + <listitem><para>7 - inode hardlimit</para></listitem> + <listitem><para>8(optional) - block size, defaults to 1024</para></listitem> + </itemizedlist> + + <para>The script should output at least one line of data.</para> + + <para>See also the <link linkend="GETQUOTACOMMAND"><parameter moreinfo="none">get quota command</parameter></link> parameter. + </para> + + <para>Default: <command moreinfo="none">set quota command = </command></para> + + <para>Example: <command moreinfo="none">set quota command = /usr/local/sbin/set_quota</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/winbind/idmapbackend.xml b/docs/docbook/smbdotconf/winbind/idmapbackend.xml new file mode 100644 index 0000000000..bc725b589f --- /dev/null +++ b/docs/docbook/smbdotconf/winbind/idmapbackend.xml @@ -0,0 +1,18 @@ +<samba:parameter name="idmap backend" + context="G" + advanced="1" developer="1" hide="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para> + The purpose of the idmap backend parameter is to allow idmap to NOT use the local idmap + tdb file to obtain SID to UID / GID mappings, but instead to obtain them from a common + LDAP backend. This way all domain members and controllers will have the same UID and GID + to SID mappings. This avoids the risk of UID / GID inconsistencies across UNIX / Linux + systems that are sharing information over protocols other than SMB/CIFS (ie: NFS). + </para> + + <para>Default: <command moreinfo="none">idmap backend = <empty string></command></para> + + <para>Example: <command moreinfo="none">idmap backend = ldap:ldap://ldapslave.example.com</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/winbind/winbindcachetime.xml b/docs/docbook/smbdotconf/winbind/winbindcachetime.xml index 3080adc7c8..cd063f8daa 100644 --- a/docs/docbook/smbdotconf/winbind/winbindcachetime.xml +++ b/docs/docbook/smbdotconf/winbind/winbindcachetime.xml @@ -9,6 +9,6 @@ user and group information before querying a Windows NT server again.</para> - <para>Default: <command moreinfo="none">winbind cache type = 15</command></para> + <para>Default: <command moreinfo="none">winbind cache type = 300</command></para> </listitem> </samba:parameter> diff --git a/docs/docbook/smbdotconf/wins/winsserver.xml b/docs/docbook/smbdotconf/wins/winsserver.xml index 12ee635acd..577a130ff1 100644 --- a/docs/docbook/smbdotconf/wins/winsserver.xml +++ b/docs/docbook/smbdotconf/wins/winsserver.xml @@ -21,7 +21,7 @@ to a WINS server if you have multiple subnets and wish cross-subnet browsing to work correctly.</para></note> - <para>See the documentation file <ulink url="improved-browsing.html">Browsing</ulink> in the samba howto collection.</para> + <para>See the <link linkend="NetworkBrowsing"/>.</para> <para>Default: <emphasis>not enabled</emphasis></para> |