diff options
| author | Jelmer Vernooij <jelmer@samba.org> | 2004-04-07 10:15:11 +0000 |
|---|---|---|
| committer | Gerald W. Carter <jerry@samba.org> | 2008-04-23 08:45:43 -0500 |
| commit | 992f1e6b8f86b346fddd266b04d29cde69585633 (patch) | |
| tree | 878573999a6831aa14cd6b8072263eb5d5910aa4 /docs/smbdotconf/security/invalidusers.xml | |
| parent | 65c0fd59203a3d9c4cb685e3a739f29f6f0c4fd6 (diff) | |
| download | samba-992f1e6b8f86b346fddd266b04d29cde69585633.tar.gz samba-992f1e6b8f86b346fddd266b04d29cde69585633.tar.bz2 samba-992f1e6b8f86b346fddd266b04d29cde69585633.zip | |
Add all the source files from the old CVS tree,
add the 5 missing chapters from the HOWTO
and add jht's Samba by Example book.
(This used to be commit 9fb5bcb93e57c5162b3ee6f9c7d777dc0269d100)
Diffstat (limited to 'docs/smbdotconf/security/invalidusers.xml')
| -rw-r--r-- | docs/smbdotconf/security/invalidusers.xml | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/docs/smbdotconf/security/invalidusers.xml b/docs/smbdotconf/security/invalidusers.xml new file mode 100644 index 0000000000..71a45d1a9d --- /dev/null +++ b/docs/smbdotconf/security/invalidusers.xml @@ -0,0 +1,34 @@ +<samba:parameter name="invalid users" + context="S" + type="list" + xmlns:samba="http://samba.org/common"> +<description> + <para>This is a list of users that should not be allowed + to login to this service. This is really a <emphasis>paranoid</emphasis> + check to absolutely ensure an improper setting does not breach + your security.</para> + + <para>A name starting with a '@' is interpreted as an NIS + netgroup first (if your system supports NIS), and then as a UNIX + group if the name was not found in the NIS netgroup database.</para> + + <para>A name starting with '+' is interpreted only + by looking in the UNIX group database. A name starting with + '&' is interpreted only by looking in the NIS netgroup database + (this requires NIS to be working on your system). The characters + '+' and '&' may be used at the start of the name in either order + so the value <parameter moreinfo="none">+&group</parameter> means check the + UNIX group database, followed by the NIS netgroup database, and + the value <parameter moreinfo="none">&+group</parameter> means check the NIS + netgroup database, followed by the UNIX group database (the + same as the '@' prefix).</para> + + <para>The current servicename is substituted for <parameter moreinfo="none">%S</parameter>. + This is useful in the [homes] section.</para> +</description> + +<related>valid users</related> + +<value type="default"><comment>no invalid users</comment></value> +<value type="example">root fred admin @wheel</value> +</samba:parameter> |