diff options
| author | Gerald Carter <jerry@samba.org> | 2001-04-24 19:09:42 +0000 |
|---|---|---|
| committer | Gerald Carter <jerry@samba.org> | 2001-04-24 19:09:42 +0000 |
| commit | c8af938a0a7ec15c38076fc11d164f55737318f1 (patch) | |
| tree | 20b734a400bfc37cbd7d648d0905e07a832e255d /docs/htmldocs/smbpasswd.5.html | |
| parent | 55d0bdbf4a656fe457d180940ad0e700375ffc15 (diff) | |
| download | samba-c8af938a0a7ec15c38076fc11d164f55737318f1.tar.gz samba-c8af938a0a7ec15c38076fc11d164f55737318f1.tar.bz2 samba-c8af938a0a7ec15c38076fc11d164f55737318f1.zip | |
syncing up changes in 2.2
(This used to be commit ffbbe67dbfde7f7ce4bb70becfc696c395dbf6b2)
Diffstat (limited to 'docs/htmldocs/smbpasswd.5.html')
| -rw-r--r-- | docs/htmldocs/smbpasswd.5.html | 50 |
1 files changed, 20 insertions, 30 deletions
diff --git a/docs/htmldocs/smbpasswd.5.html b/docs/htmldocs/smbpasswd.5.html index 4ec7b7c86a..7de54f6309 100644 --- a/docs/htmldocs/smbpasswd.5.html +++ b/docs/htmldocs/smbpasswd.5.html @@ -118,20 +118,17 @@ CLASS="CONSTANT" > and the user will not be able to log onto the Samba server. </P ><P -><I -CLASS="EMPHASIS" ->WARNING !!</I +><EM +>WARNING !!</EM > Note that, due to the challenge-response nature of the SMB/CIFS authentication protocol, anyone with a knowledge of this password hash will be able to impersonate the user on the network. For this - reason these hashes are known as <I -CLASS="EMPHASIS" + reason these hashes are known as <EM >plain text - equivalents</I -> and must <I -CLASS="EMPHASIS" ->NOT</I + equivalents</EM +> and must <EM +>NOT</EM > be made available to anyone but the root user. To protect these passwords the smbpasswd file is placed in a directory with read and @@ -156,20 +153,17 @@ CLASS="EMPHASIS" password this entry will be identical (i.e. the password is not "salted" as the UNIX password is). </P ><P -><I -CLASS="EMPHASIS" ->WARNING !!</I +><EM +>WARNING !!</EM >. Note that, due to the challenge-response nature of the SMB/CIFS authentication protocol, anyone with a knowledge of this password hash will be able to impersonate the user on the network. For this - reason these hashes are known as <I -CLASS="EMPHASIS" + reason these hashes are known as <EM >plain text - equivalents</I -> and must <I -CLASS="EMPHASIS" ->NOT</I + equivalents</EM +> and must <EM +>NOT</EM > be made available to anyone but the root user. To protect these passwords the smbpasswd file is placed in a directory with read and @@ -192,9 +186,8 @@ CLASS="EMPHASIS" ><UL ><LI ><P -><I -CLASS="EMPHASIS" ->U</I +><EM +>U</EM > - This means this is a "User" account, i.e. an ordinary user. Only User and Workstation Trust accounts are currently supported @@ -202,9 +195,8 @@ CLASS="EMPHASIS" ></LI ><LI ><P -><I -CLASS="EMPHASIS" ->N</I +><EM +>N</EM > - This means the account has no password (the passwords in the fields Lanman Password Hash and NT Password Hash are ignored). Note that this @@ -225,18 +217,16 @@ CLASS="FILENAME" ></LI ><LI ><P -><I -CLASS="EMPHASIS" ->D</I +><EM +>D</EM > - This means the account is disabled and no SMB/CIFS logins will be allowed for this user. </P ></LI ><LI ><P -><I -CLASS="EMPHASIS" ->W</I +><EM +>W</EM > - This means this account is a "Workstation Trust" account. This kind of account is used in the Samba PDC code stream to allow Windows NT Workstations |