summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--docs/docbook/manpages/pdbedit.8.sgml3
-rw-r--r--docs/docbook/manpages/smb.conf.5.sgml19
-rw-r--r--docs/docbook/manpages/testparm.1.sgml1
-rw-r--r--docs/htmldocs/pdbedit.8.html88
-rw-r--r--docs/htmldocs/smb.conf.5.html1104
-rw-r--r--docs/htmldocs/smbd.8.html100
-rw-r--r--docs/htmldocs/smbpasswd.8.html67
-rw-r--r--docs/htmldocs/smbsh.1.html37
-rw-r--r--docs/htmldocs/testparm.1.html43
-rw-r--r--docs/htmldocs/vfstest.1.html35
-rw-r--r--docs/manpages/pdbedit.82
-rw-r--r--docs/manpages/smb.conf.567
-rw-r--r--docs/manpages/smbd.826
-rw-r--r--docs/manpages/smbpasswd.815
-rw-r--r--docs/manpages/smbsh.14
-rw-r--r--docs/manpages/testparm.19
-rw-r--r--docs/manpages/vfstest.14
17 files changed, 576 insertions, 1048 deletions
diff --git a/docs/docbook/manpages/pdbedit.8.sgml b/docs/docbook/manpages/pdbedit.8.sgml
index ed49b9f540..1484bfec9a 100644
--- a/docs/docbook/manpages/pdbedit.8.sgml
+++ b/docs/docbook/manpages/pdbedit.8.sgml
@@ -278,7 +278,7 @@
<listitem><para>Display an account policy</para>
<para>Valid policies are: minimum password age, reset count minutes, disconnect time,
user must logon to change password, password history, lockout duration, min password length,
- maximum password age and bad lockout attempt.
+ maximum password age and bad lockout attempt.</para>
<para>Example: <command>pdbedit -P "bad lockout attempt"</command></para>
<para><programlisting>
@@ -293,6 +293,7 @@
<listitem><para>Sets an account policy to a specified value.
This option may only be used in conjunction
with the <parameter>-P</parameter> option.
+ </para>
<para>Example: <command>pdbedit -P "bad lockout attempt" -V 3</command></para>
<para><programlisting>
diff --git a/docs/docbook/manpages/smb.conf.5.sgml b/docs/docbook/manpages/smb.conf.5.sgml
index 6ed870ed3e..13fdb1c6cb 100644
--- a/docs/docbook/manpages/smb.conf.5.sgml
+++ b/docs/docbook/manpages/smb.conf.5.sgml
@@ -5377,10 +5377,11 @@
<listitem><para><command>ldapsam_nua</command> - The LDAP based passdb
backend, with non unix account support. Takes an LDAP URL as an optional argument (defaults to
<command>ldap://localhost</command>)</para>
- <para>Note: In this module, any account
- without a matching POSIX account is regarded
- as 'non unix'.
- <para>See also <link linkend="NONUNIXACCOUNTRANGE">
+
+ <para>Note: In this module, any account without a matching POSIX account is regarded
+ as 'non unix'. </para>
+
+ <para>See also <link linkend="NONUNIXACCOUNTRANGE">
<parameter>non unix account
range</parameter></link></para>
@@ -5650,6 +5651,12 @@
doing a query for the name <constant>WORKGROUP&lt;1C&gt;</constant>
and then contacting each server returned in the list of IP
addresses from the name resolution source. </para>
+
+ <para>If the list of servers contains both names and the '*'
+ character, the list is treated as a list of preferred
+ domain controllers, but an auto lookup of all remaining DC's
+ will be added to the list as well. Samba will not attempt to optimize
+ this list by locating the closest DC.</para>
<para>If the <parameter>security</parameter> parameter is
set to <constant>server</constant>, then there are different
@@ -5677,7 +5684,7 @@
<para>Default: <command>password server = &lt;empty string&gt;</command>
</para>
- <para>Example: <command>password server = NT-PDC, NT-BDC1, NT-BDC2
+ <para>Example: <command>password server = NT-PDC, NT-BDC1, NT-BDC2, *
</command></para>
<para>Example: <command>password server = *</command></para>
</listitem>
@@ -6547,7 +6554,7 @@
<listitem><para>This is a integer parameter, and
mirrors as much as possible the functinality the
<constant>RestrictAnonymous</constant>
- registry key does on NT/Win2k.
+ registry key does on NT/Win2k. </para>
<para>Default: <command>restrict anonymous = 0</command></para>
</listitem>
diff --git a/docs/docbook/manpages/testparm.1.sgml b/docs/docbook/manpages/testparm.1.sgml
index 254ede7265..f34528a43d 100644
--- a/docs/docbook/manpages/testparm.1.sgml
+++ b/docs/docbook/manpages/testparm.1.sgml
@@ -92,6 +92,7 @@
<listitem><para>
Output data in specified encoding.
</para></listitem>
+ </varlistentry>
<varlistentry>
<term>configfilename</term>
diff --git a/docs/htmldocs/pdbedit.8.html b/docs/htmldocs/pdbedit.8.html
index 7adae978b8..e3cf1e4fba 100644
--- a/docs/htmldocs/pdbedit.8.html
+++ b/docs/htmldocs/pdbedit.8.html
@@ -1,11 +1,12 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<HTML
><HEAD
><TITLE
>pdbedit</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.77"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
+"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
@@ -15,9 +16,7 @@ VLINK="#840084"
ALINK="#0000FF"
><H1
><A
-NAME="PDBEDIT"
-></A
->pdbedit</H1
+NAME="PDBEDIT">pdbedit</H1
><DIV
CLASS="REFNAMEDIV"
><A
@@ -29,15 +28,13 @@ NAME="AEN5"
><DIV
CLASS="REFSYNOPSISDIV"
><A
-NAME="AEN8"
-></A
-><H2
+NAME="AEN8"><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>pdbedit</B
-> [-l] [-v] [-w] [-u username] [-f fullname] [-h homedir] [-D drive] [-S script] [-p profile] [-a] [-m] [-x] [-i passdb-backend] [-e passdb-backend] [-b passdb-backend] [-d debuglevel] [-s configfile] [-P account-policy] [-V value]</P
+> [-l] [-v] [-w] [-u username] [-f fullname] [-h homedir] [-D drive] [-S script] [-p profile] [-a] [-m] [-x] [-i passdb-backend] [-e passdb-backend] [-b passdb-backend] [-d debuglevel] [-s configfile] [-P account-policy] [-V value]</P
></DIV
><DIV
CLASS="REFSECT1"
@@ -91,11 +88,20 @@ CLASS="COMMAND"
>pdbedit -l</B
></P
><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
><PRE
CLASS="PROGRAMLISTING"
> sorce:500:Simo Sorce
samba:45:Test User
</PRE
+></TD
+></TR
+></TABLE
></P
></DD
><DT
@@ -111,6 +117,12 @@ CLASS="COMMAND"
>pdbedit -l -v</B
></P
><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
><PRE
CLASS="PROGRAMLISTING"
> ---------------
@@ -132,6 +144,9 @@ CLASS="PROGRAMLISTING"
Logon Script:
Profile Path: \\BERSERKER\profile
</PRE
+></TD
+></TR
+></TABLE
></P
></DD
><DT
@@ -158,11 +173,20 @@ CLASS="COMMAND"
>pdbedit -l -w</B
></P
><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
><PRE
CLASS="PROGRAMLISTING"
> sorce:500:508818B733CE64BEAAD3B435B51404EE:D2A2418EFC466A8A0F6B1DBB5C3DB80C:[UX ]:LCT-00000000:
samba:45:0F2B255F7B67A7A9AAD3B435B51404EE:BC281CE3F53B6A5146629CD4751D3490:[UX ]:LCT-3BFA1E8D:
</PRE
+></TD
+></TR
+></TABLE
></P
></DD
><DT
@@ -171,19 +195,13 @@ CLASS="PROGRAMLISTING"
><P
>This option specifies the username to be
used for the operation requested (listing, adding, removing).
- It is <SPAN
-CLASS="emphasis"
-><I
+ It is <I
CLASS="EMPHASIS"
>required</I
-></SPAN
> in add, remove and modify
- operations and <SPAN
-CLASS="emphasis"
-><I
+ operations and <I
CLASS="EMPHASIS"
>optional</I
-></SPAN
> in list
operations.</P
></DD
@@ -269,10 +287,19 @@ CLASS="COMMAND"
CLASS="COMMAND"
>pdbedit -a -u sorce</B
>
- <PRE
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
CLASS="PROGRAMLISTING"
>new password:
retype new password</PRE
+></TD
+></TR
+></TABLE
>
</P
></DD
@@ -360,19 +387,26 @@ CLASS="COMMAND"
><P
>Valid policies are: minimum password age, reset count minutes, disconnect time,
user must logon to change password, password history, lockout duration, min password length,
- maximum password age and bad lockout attempt.
-
- </P
+ maximum password age and bad lockout attempt.</P
><P
>Example: <B
CLASS="COMMAND"
>pdbedit -P "bad lockout attempt"</B
></P
><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
><PRE
CLASS="PROGRAMLISTING"
> account policy value for bad lockout attempt is 0
</PRE
+></TD
+></TR
+></TABLE
></P
></DD
><DT
@@ -387,7 +421,6 @@ CLASS="PARAMETER"
>-P</I
></TT
> option.
-
</P
><P
>Example: <B
@@ -395,11 +428,20 @@ CLASS="COMMAND"
>pdbedit -P "bad lockout attempt" -V 3</B
></P
><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
><PRE
CLASS="PROGRAMLISTING"
> account policy value for bad lockout attempt was 0
account policy value for bad lockout attempt is now 3
</PRE
+></TD
+></TR
+></TABLE
></P
></DD
><DT
@@ -450,7 +492,7 @@ CLASS="FILENAME"
>Print a summary of command line options.</P
></DD
><DT
->-s &lt;configuration file&gt;</DT
+>-s &#60;configuration file&#62;</DT
><DD
><P
>The file specified contains the
diff --git a/docs/htmldocs/smb.conf.5.html b/docs/htmldocs/smb.conf.5.html
index d409469e7c..5e0e9be1e8 100644
--- a/docs/htmldocs/smb.conf.5.html
+++ b/docs/htmldocs/smb.conf.5.html
@@ -1,11 +1,12 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<HTML
><HEAD
><TITLE
>smb.conf</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.77"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
+"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
@@ -15,9 +16,7 @@ VLINK="#840084"
ALINK="#0000FF"
><H1
><A
-NAME="SMB.CONF"
-></A
->smb.conf</H1
+NAME="SMB.CONF">smb.conf</H1
><DIV
CLASS="REFNAMEDIV"
><A
@@ -124,12 +123,9 @@ NAME="AEN28"
><P
>There are three special sections, [global],
[homes] and [printers], which are
- described under <SPAN
-CLASS="emphasis"
-><I
+ described under <I
CLASS="EMPHASIS"
>special sections</I
-></SPAN
>. The
following notes apply to ordinary section descriptions.</P
><P
@@ -143,20 +139,14 @@ CLASS="EMPHASIS"
printable services (used by the client to access print services
on the host running the server).</P
><P
->Sections may be designated <SPAN
-CLASS="emphasis"
-><I
+>Sections may be designated <I
CLASS="EMPHASIS"
>guest</I
-></SPAN
> services,
in which case no password is required to access them. A specified
- UNIX <SPAN
-CLASS="emphasis"
-><I
+ UNIX <I
CLASS="EMPHASIS"
>guest account</I
-></SPAN
> is used to define access
privileges in this case.</P
><P
@@ -178,6 +168,12 @@ CLASS="FILENAME"
>/home/bar</TT
>.
The share is accessed via the share name "foo":</P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
><PRE
CLASS="SCREEN"
> <TT
@@ -188,19 +184,25 @@ CLASS="COMPUTEROUTPUT"
</TT
>
</PRE
+></TD
+></TR
+></TABLE
><P
>The following sample section defines a printable share.
The share is readonly, but printable. That is, the only write
access permitted is via calls to open, write to and close a
- spool file. The <SPAN
-CLASS="emphasis"
-><I
+ spool file. The <I
CLASS="EMPHASIS"
>guest ok</I
-></SPAN
> parameter means
access will be permitted as the default guest user (specified
elsewhere):</P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
><PRE
CLASS="SCREEN"
> <TT
@@ -213,6 +215,9 @@ CLASS="COMPUTEROUTPUT"
</TT
>
</PRE
+></TD
+></TR
+></TABLE
></DIV
><DIV
CLASS="REFSECT1"
@@ -270,12 +275,9 @@ NAME="AEN53"
></LI
></UL
><P
->If you decide to use a <SPAN
-CLASS="emphasis"
-><I
+>If you decide to use a <I
CLASS="EMPHASIS"
>path =</I
-></SPAN
> line
in your [homes] section then you may find it useful
to use the %S macro. For example :</P
@@ -304,6 +306,12 @@ CLASS="USERINPUT"
a normal service section can specify, though some make more sense
than others. The following is a typical and suitable [homes]
section:</P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
><PRE
CLASS="SCREEN"
> <TT
@@ -313,41 +321,32 @@ CLASS="COMPUTEROUTPUT"
</TT
>
</PRE
+></TD
+></TR
+></TABLE
><P
>An important point is that if guest access is specified
in the [homes] section, all home directories will be
- visible to all clients <SPAN
-CLASS="emphasis"
-><I
+ visible to all clients <I
CLASS="EMPHASIS"
>without a password</I
-></SPAN
>.
In the very unlikely event that this is actually desirable, it
- would be wise to also specify <SPAN
-CLASS="emphasis"
-><I
+ would be wise to also specify <I
CLASS="EMPHASIS"
>read only
access</I
-></SPAN
>.</P
><P
->Note that the <SPAN
-CLASS="emphasis"
-><I
+>Note that the <I
CLASS="EMPHASIS"
>browseable</I
-></SPAN
> flag for
auto home directories will be inherited from the global browseable
flag, not the [homes] browseable flag. This is useful as
- it means setting <SPAN
-CLASS="emphasis"
-><I
+ it means setting <I
CLASS="EMPHASIS"
>browseable = no</I
-></SPAN
> in
the [homes] section will hide the [homes] share but make
any auto home directories visible.</P
@@ -407,6 +406,12 @@ NAME="AEN79"
world-writeable spool directory with the sticky bit set on
it. A typical [printers] entry would look like
this:</P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
><PRE
CLASS="SCREEN"
><TT
@@ -417,12 +422,21 @@ CLASS="COMPUTEROUTPUT"
printable = yes
</TT
></PRE
+></TD
+></TR
+></TABLE
><P
>All aliases given for a printer in the printcap file
are legitimate printer names as far as the server is concerned.
If your printing subsystem doesn't work like that, you will have
to set up a pseudo-printcap. This is a file consisting of one or
more lines like this:</P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
><PRE
CLASS="SCREEN"
> <TT
@@ -431,6 +445,9 @@ CLASS="COMPUTEROUTPUT"
</TT
>
</PRE
+></TD
+></TR
+></TABLE
><P
>Each alias should be an acceptable printer name for
your printing subsystem. In the [global] section, specify
@@ -462,44 +479,29 @@ NAME="AEN102"
>parameters define the specific attributes of sections.</P
><P
>Some parameters are specific to the [global] section
- (e.g., <SPAN
-CLASS="emphasis"
-><I
+ (e.g., <I
CLASS="EMPHASIS"
>security</I
-></SPAN
>). Some parameters are usable
- in all sections (e.g., <SPAN
-CLASS="emphasis"
-><I
+ in all sections (e.g., <I
CLASS="EMPHASIS"
>create mode</I
-></SPAN
>). All others
are permissible only in normal sections. For the purposes of the
following descriptions the [homes] and [printers]
- sections will be considered normal. The letter <SPAN
-CLASS="emphasis"
-><I
+ sections will be considered normal. The letter <I
CLASS="EMPHASIS"
>G</I
-></SPAN
>
in parentheses indicates that a parameter is specific to the
- [global] section. The letter <SPAN
-CLASS="emphasis"
-><I
+ [global] section. The letter <I
CLASS="EMPHASIS"
>S</I
-></SPAN
>
indicates that a parameter can be specified in a service specific
- section. Note that all <SPAN
-CLASS="emphasis"
-><I
+ section. Note that all <I
CLASS="EMPHASIS"
>S</I
-></SPAN
> parameters can also be specified in
the [global] section - in which case they will define
the default behavior for all services.</P
@@ -689,12 +691,9 @@ CLASS="VARIABLELIST"
><P
>the name of your NIS home directory server.
This is obtained from your NIS auto.map entry. If you have
- not compiled Samba with the <SPAN
-CLASS="emphasis"
-><I
+ not compiled Samba with the <I
CLASS="EMPHASIS"
>--with-automount</I
-></SPAN
>
option then this value will be the same as %L.</P
></DD
@@ -744,12 +743,9 @@ CLASS="VARIABLELIST"
> controls if names that have characters that
aren't of the "default" case are mangled. For example,
if this is yes then a name like "Mail" would be mangled.
- Default <SPAN
-CLASS="emphasis"
-><I
+ Default <I
CLASS="EMPHASIS"
>no</I
-></SPAN
>.</P
></DD
><DT
@@ -758,12 +754,9 @@ CLASS="EMPHASIS"
><P
>controls whether filenames are case sensitive. If
they aren't then Samba must do a filename search and match on passed
- names. Default <SPAN
-CLASS="emphasis"
-><I
+ names. Default <I
CLASS="EMPHASIS"
>no</I
-></SPAN
>.</P
></DD
><DT
@@ -771,12 +764,9 @@ CLASS="EMPHASIS"
><DD
><P
>controls what the default case is for new
- filenames. Default <SPAN
-CLASS="emphasis"
-><I
+ filenames. Default <I
CLASS="EMPHASIS"
>lower</I
-></SPAN
>.</P
></DD
><DT
@@ -785,12 +775,9 @@ CLASS="EMPHASIS"
><P
>controls if new files are created with the
case that the client passes, or if they are forced to be the
- "default" case. Default <SPAN
-CLASS="emphasis"
-><I
+ "default" case. Default <I
CLASS="EMPHASIS"
>yes</I
-></SPAN
>.
</P
></DD
@@ -803,12 +790,9 @@ CLASS="EMPHASIS"
upper case, or if they are forced to be the "default"
case. This option can be use with "preserve case = yes"
to permit long filenames to retain their case, while short names
- are lowercased. Default <SPAN
-CLASS="emphasis"
-><I
+ are lowercased. Default <I
CLASS="EMPHASIS"
>yes</I
-></SPAN
>.</P
></DD
></DL
@@ -4688,12 +4672,9 @@ NAME="ABORTSHUTDOWNSCRIPT"
>abort shutdown script (G)</DT
><DD
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>This parameter only exists in the HEAD cvs branch</I
-></SPAN
>
This a full path name to a script called by
<A
@@ -4716,12 +4697,9 @@ CLASS="PARAMETER"
><P
>This command will be run as user.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>None</I
-></SPAN
>.</P
><P
>Example: <B
@@ -4888,12 +4866,9 @@ CLASS="PARAMETER"
></A
></P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>none</I
-></SPAN
></P
><P
>Example: <B
@@ -5032,12 +5007,9 @@ CLASS="PARAMETER"
>.
</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>none</I
-></SPAN
></P
><P
>Example: <B
@@ -5066,7 +5038,7 @@ TARGET="_top"
><P
>Default: <B
CLASS="COMMAND"
->add machine script = &lt;empty string&gt;
+>add machine script = &#60;empty string&#62;
</B
></P
><P
@@ -5106,12 +5078,9 @@ NAME="ADDUSERSCRIPT"
><DD
><P
>This is the full pathname to a script that will
- be run <SPAN
-CLASS="emphasis"
-><I
+ be run <I
CLASS="EMPHASIS"
>AS ROOT</I
-></SPAN
> by <A
HREF="smbd.8.html"
TARGET="_top"
@@ -5128,12 +5097,9 @@ HREF="smbd.8.html"
TARGET="_top"
>smbd</A
> to create the required UNIX users
- <SPAN
-CLASS="emphasis"
-><I
+ <I
CLASS="EMPHASIS"
>ON DEMAND</I
-></SPAN
> when a user accesses the Samba server.</P
><P
>In order to use this option, <A
@@ -5141,12 +5107,9 @@ HREF="smbd.8.html"
TARGET="_top"
>smbd</A
>
- must <SPAN
-CLASS="emphasis"
-><I
+ must <I
CLASS="EMPHASIS"
>NOT</I
-></SPAN
> be set to <TT
CLASS="PARAMETER"
><I
@@ -5195,12 +5158,9 @@ CLASS="PARAMETER"
CLASS="COMMAND"
>smbd</B
> will
- call the specified script <SPAN
-CLASS="emphasis"
-><I
+ call the specified script <I
CLASS="EMPHASIS"
>AS ROOT</I
-></SPAN
>, expanding
any <TT
CLASS="PARAMETER"
@@ -5247,7 +5207,7 @@ CLASS="PARAMETER"
><P
>Default: <B
CLASS="COMMAND"
->add user script = &lt;empty string&gt;
+>add user script = &#60;empty string&#62;
</B
></P
><P
@@ -5265,12 +5225,9 @@ NAME="ADDGROUPSCRIPT"
><DD
><P
>This is the full pathname to a script that will
- be run <SPAN
-CLASS="emphasis"
-><I
+ be run <I
CLASS="EMPHASIS"
>AS ROOT</I
-></SPAN
> by <A
HREF="smbd.8.html"
TARGET="_top"
@@ -5306,12 +5263,9 @@ NAME="ADMINUSERS"
this list will be able to do anything they like on the share,
irrespective of file permissions.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no admin users</I
-></SPAN
></P
><P
>Example: <B
@@ -5333,12 +5287,9 @@ HREF="smbd.8.html"
TARGET="_top"
>smbd(8)</A
>
- <SPAN
-CLASS="emphasis"
-><I
+ <I
CLASS="EMPHASIS"
>AS ROOT</I
-></SPAN
>. Any <TT
CLASS="PARAMETER"
><I
@@ -5563,7 +5514,7 @@ CLASS="PARAMETER"
><P
>Default: <B
CLASS="COMMAND"
->auth methods = &lt;empty string&gt;</B
+>auth methods = &#60;empty string&#62;</B
></P
><P
>Example: <B
@@ -5584,12 +5535,9 @@ CLASS="PARAMETER"
><I
>available = no</I
></TT
->, then <SPAN
-CLASS="emphasis"
-><I
+>, then <I
CLASS="EMPHASIS"
>ALL</I
-></SPAN
>
attempts to connect to the service will fail. Such failures are
logged.</P
@@ -5607,7 +5555,7 @@ NAME="BINDINTERFACESONLY"
><DD
><P
>This global parameter allows the Samba admin
- to limit what interfaces on a machine will serve SMB requests. If
+ to limit what interfaces on a machine will serve SMB requests. It
affects file service <A
HREF="smbd.8.html"
TARGET="_top"
@@ -5667,7 +5615,7 @@ CLASS="PARAMETER"
>interfaces</I
></TT
> list. IP Source address spoofing
- does defeat this simple check, however so it must not be used
+ does defeat this simple check, however, so it must not be used
seriously as a security feature for <B
CLASS="COMMAND"
>nmbd</B
@@ -5696,12 +5644,9 @@ CLASS="PARAMETER"
>bind interfaces only</I
></TT
> is set then
- unless the network address <SPAN
-CLASS="emphasis"
-><I
+ unless the network address <I
CLASS="EMPHASIS"
>127.0.0.1</I
-></SPAN
> is added
to the <TT
CLASS="PARAMETER"
@@ -5730,12 +5675,9 @@ CLASS="COMMAND"
CLASS="COMMAND"
>smbpasswd</B
>
- by default connects to the <SPAN
-CLASS="emphasis"
-><I
+ by default connects to the <I
CLASS="EMPHASIS"
>localhost - 127.0.0.1</I
-></SPAN
>
address as an SMB client to issue the password change request. If
<TT
@@ -5744,12 +5686,9 @@ CLASS="PARAMETER"
>bind interfaces only</I
></TT
> is set then unless the
- network address <SPAN
-CLASS="emphasis"
-><I
+ network address <I
CLASS="EMPHASIS"
>127.0.0.1</I
-></SPAN
> is added to the
<TT
CLASS="PARAMETER"
@@ -5798,19 +5737,13 @@ CLASS="COMMAND"
CLASS="COMMAND"
>nmbd</B
> at the address
- <SPAN
-CLASS="emphasis"
-><I
+ <I
CLASS="EMPHASIS"
>127.0.0.1</I
-></SPAN
> to determine if they are running.
- Not adding <SPAN
-CLASS="emphasis"
-><I
+ Not adding <I
CLASS="EMPHASIS"
>127.0.0.1</I
-></SPAN
> will cause <B
CLASS="COMMAND"
> smbd</B
@@ -6156,12 +6089,9 @@ CLASS="PARAMETER"
>.
</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>none</I
-></SPAN
></P
><P
>Example: <B
@@ -6195,12 +6125,9 @@ CLASS="PARAMETER"
></A
> parameter.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>No comment string</I
-></SPAN
></P
><P
>Example: <B
@@ -6257,12 +6184,9 @@ NAME="COPY"
copied must occur earlier in the configuration file than the
service doing the copying.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no value</I
-></SPAN
></P
><P
>Example: <B
@@ -6293,12 +6217,9 @@ CLASS="PARAMETER"
calculated according to the mapping from DOS modes to UNIX
permissions, and the resulting UNIX mode is then bit-wise 'AND'ed
with this parameter. This parameter may be thought of as a bit-wise
- MASK for the UNIX modes of a file. Any bit <SPAN
-CLASS="emphasis"
-><I
+ MASK for the UNIX modes of a file. Any bit <I
CLASS="EMPHASIS"
>not</I
-></SPAN
>
set here will be removed from the modes set on a file when it is
created.</P
@@ -6405,13 +6326,10 @@ NAME="CSCPOLICY"
>csc policy (S)</DT
><DD
><P
->This stands for <SPAN
-CLASS="emphasis"
-><I
+>This stands for <I
CLASS="EMPHASIS"
>client-side caching
policy</I
-></SPAN
>, and specifies how clients capable of offline
caching will cache the files in the share. The valid values
are: manual, documents, programs, disable.</P
@@ -6703,12 +6621,9 @@ NAME="DEFAULTSERVICE"
><P
>This parameter specifies the name of a service
which will be connected to if the service actually requested cannot
- be found. Note that the square brackets are <SPAN
-CLASS="emphasis"
-><I
+ be found. Note that the square brackets are <I
CLASS="EMPHASIS"
>NOT</I
-></SPAN
>
given in the parameter value (see example below).</P
><P
@@ -6750,6 +6665,12 @@ CLASS="PARAMETER"
><P
>Example:</P
><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
><PRE
CLASS="PROGRAMLISTING"
>[global]
@@ -6758,6 +6679,9 @@ CLASS="PROGRAMLISTING"
[pub]
path = /%S
</PRE
+></TD
+></TR
+></TABLE
></P
></DD
><DT
@@ -6768,12 +6692,9 @@ NAME="DELETEGROUPSCRIPT"
><DD
><P
>This is the full pathname to a script that will
- be run <SPAN
-CLASS="emphasis"
-><I
+ be run <I
CLASS="EMPHASIS"
>AS ROOT</I
-></SPAN
> by <A
HREF="smbd.8.html"
TARGET="_top"
@@ -6872,12 +6793,9 @@ CLASS="PARAMETER"
></A
></P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>none</I
-></SPAN
></P
><P
>Example: <B
@@ -7013,12 +6931,9 @@ CLASS="PARAMETER"
>.
</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>none</I
-></SPAN
></P
><P
>Example: <B
@@ -7058,7 +6973,7 @@ CLASS="COMMAND"
><P
>Default: <B
CLASS="COMMAND"
->delete user script = &lt;empty string&gt;
+>delete user script = &#60;empty string&#62;
</B
></P
><P
@@ -7082,12 +6997,9 @@ HREF="smbd.8.html"
TARGET="_top"
>smbd(8)</A
>
- <SPAN
-CLASS="emphasis"
-><I
+ <I
CLASS="EMPHASIS"
>AS ROOT</I
-></SPAN
>. Any <TT
CLASS="PARAMETER"
><I
@@ -7227,23 +7139,17 @@ CLASS="FILENAME"
third return value can give the block size in bytes. The default
blocksize is 1024 bytes.</P
><P
->Note: Your script should <SPAN
-CLASS="emphasis"
-><I
+>Note: Your script should <I
CLASS="EMPHASIS"
>NOT</I
-></SPAN
> be setuid or
setgid and should be owned by (and writeable only by) root!</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>By default internal routines for
determining the disk capacity and remaining space will be used.
</I
-></SPAN
></P
><P
>Example: <B
@@ -7254,22 +7160,40 @@ CLASS="COMMAND"
><P
>Where the script dfree (which must be made executable) could be:</P
><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
><PRE
CLASS="PROGRAMLISTING"
>
#!/bin/sh
df $1 | tail -1 | awk '{print $2" "$4}'
</PRE
+></TD
+></TR
+></TABLE
></P
><P
>or perhaps (on Sys V based systems):</P
><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
><PRE
CLASS="PROGRAMLISTING"
>
#!/bin/sh
/usr/bin/df -k $1 | tail -1 | awk '{print $3" "$5}'
</PRE
+></TD
+></TR
+></TABLE
></P
><P
>Note that you may have to replace the command names
@@ -7308,12 +7232,9 @@ NAME="DIRECTORYMASK"
calculated according to the mapping from DOS modes to UNIX permissions,
and the resulting UNIX mode is then bit-wise 'AND'ed with this
parameter. This parameter may be thought of as a bit-wise MASK for
- the UNIX modes of a directory. Any bit <SPAN
-CLASS="emphasis"
-><I
+ the UNIX modes of a directory. Any bit <I
CLASS="EMPHASIS"
>not</I
-></SPAN
> set
here will be removed from the modes set on a directory when it is
created.</P
@@ -7439,12 +7360,9 @@ NAME="DIRECTORYSECURITYMASK"
meaning a user is allowed to modify all the user/group/world
permissions on a directory.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note</I
-></SPAN
> that users who can access the
Samba server through other means can easily bypass this restriction,
so it is primarily useful for standalone "appliance" systems.
@@ -7533,12 +7451,9 @@ NAME="DISABLESPOOLSS"
Wizard or by using the NT printer properties dialog window. It will
also disable the capability of Windows NT/2000 clients to download
print drivers from the Samba host upon demand.
- <SPAN
-CLASS="emphasis"
-><I
+ <I
CLASS="EMPHASIS"
>Be very careful about enabling this parameter.</I
-></SPAN
>
</P
><P
@@ -7640,7 +7555,7 @@ CLASS="PARAMETER"
>workgroup</I
></TT
></A
-> it is in. Samba 2.2 also
+> it is in. Samba 2.2
has limited capability to act as a domain controller for Windows
NT 4 Domains. For more details on setting up this feature see
the Samba-PDC-HOWTO included in the <TT
@@ -7792,13 +7707,10 @@ CLASS="FILENAME"
>.
Experimentation is the best policy :-) </P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>none (i.e., all directories are OK
to descend)</I
-></SPAN
></P
><P
>Example: <B
@@ -8042,12 +7954,9 @@ CLASS="PARAMETER"
to standard output. This listing will then be used in response
to the level 1 and 2 EnumPorts() RPC.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no enumports command</I
-></SPAN
></P
><P
>Example: <B
@@ -8213,12 +8122,9 @@ NAME="FORCECREATEMODE"
><DD
><P
>This parameter specifies a set of UNIX mode bit
- permissions that will <SPAN
-CLASS="emphasis"
-><I
+ permissions that will <I
CLASS="EMPHASIS"
>always</I
-></SPAN
> be set on a
file created by Samba. This is done by bitwise 'OR'ing these bits onto
the mode bits of a file that is being created or having its
@@ -8276,12 +8182,9 @@ NAME="FORCEDIRECTORYMODE"
><DD
><P
>This parameter specifies a set of UNIX mode bit
- permissions that will <SPAN
-CLASS="emphasis"
-><I
+ permissions that will <I
CLASS="EMPHASIS"
>always</I
-></SPAN
> be set on a directory
created by Samba. This is done by bitwise 'OR'ing these bits onto the
mode bits of a directory that is being created. The default for this
@@ -8351,12 +8254,9 @@ NAME="FORCEDIRECTORYSECURITYMODE"
allows a user to modify all the user/group/world permissions on a
directory without restrictions.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note</I
-></SPAN
> that users who can access the
Samba server through other means can easily bypass this restriction,
so it is primarily useful for standalone "appliance" systems.
@@ -8466,12 +8366,9 @@ CLASS="PARAMETER"
></A
>.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no forced group</I
-></SPAN
></P
><P
>Example: <B
@@ -8501,12 +8398,9 @@ NAME="FORCESECURITYMODE"
and allows a user to modify all the user/group/world permissions on a file,
with no restrictions.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note</I
-></SPAN
> that users who can access
the Samba server through other means can easily bypass this restriction,
so it is primarily useful for standalone "appliance" systems.
@@ -8585,12 +8479,9 @@ CLASS="PARAMETER"
></A
></P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no forced user</I
-></SPAN
></P
><P
>Example: <B
@@ -8729,13 +8620,10 @@ CLASS="COMMAND"
many parts of the system require this value to be
constant for correct operation.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>specified at compile time, usually
"nobody"</I
-></SPAN
></P
><P
>Example: <B
@@ -8887,12 +8775,9 @@ CLASS="PARAMETER"
></A
>.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no file are hidden</I
-></SPAN
></P
><P
>Example: <B
@@ -9021,12 +8906,9 @@ CLASS="COMMAND"
that copes with different map formats and also Amd (another
automounter) maps.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>NOTE :</I
-></SPAN
>A working NIS client is required on
the system for this option to work.</P
><P
@@ -9052,7 +8934,7 @@ CLASS="PARAMETER"
><P
>Default: <B
CLASS="COMMAND"
->homedir map = &lt;empty string&gt;</B
+>homedir map = &#60;empty string&#62;</B
></P
><P
>Example: <B
@@ -9178,12 +9060,9 @@ CLASS="PARAMETER"
><P
>You can also specify hosts by network/netmask pairs and
by netgroup names if your system supports netgroups. The
- <SPAN
-CLASS="emphasis"
-><I
+ <I
CLASS="EMPHASIS"
>EXCEPT</I
-></SPAN
> keyword can also be used to limit a
wildcard list. The following examples may provide some help:</P
><P
@@ -9234,13 +9113,10 @@ CLASS="COMMAND"
> for a way of testing your host access to see if it does
what you expect.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>none (i.e., all hosts permitted access)
</I
-></SPAN
></P
><P
>Example: <B
@@ -9262,12 +9138,9 @@ CLASS="PARAMETER"
>hosts allow</I
></TT
>
- - hosts listed here are <SPAN
-CLASS="emphasis"
-><I
+ - hosts listed here are <I
CLASS="EMPHASIS"
>NOT</I
-></SPAN
> permitted access to
services unless the specific services have their own lists to override
this one. Where the lists conflict, the <TT
@@ -9278,13 +9151,10 @@ CLASS="PARAMETER"
>
list takes precedence.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>none (i.e., no hosts specifically excluded)
</I
-></SPAN
></P
><P
>Example: <B
@@ -9322,12 +9192,9 @@ CLASS="PARAMETER"
> may be useful for NT clients which will
not supply passwords to Samba.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>NOTE :</I
-></SPAN
> The use of <TT
CLASS="PARAMETER"
><I
@@ -9344,21 +9211,15 @@ CLASS="PARAMETER"
></TT
> option be only used if you really
know what you are doing, or perhaps on a home network where you trust
- your spouse and kids. And only if you <SPAN
-CLASS="emphasis"
-><I
+ your spouse and kids. And only if you <I
CLASS="EMPHASIS"
>really</I
-></SPAN
> trust
them :-).</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no host equivalences</I
-></SPAN
></P
><P
>Example: <B
@@ -9396,12 +9257,9 @@ CLASS="PARAMETER"
>.
</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no file included</I
-></SPAN
></P
><P
>Example: <B
@@ -9511,12 +9369,9 @@ CLASS="PARAMETER"
</A
> as usual.</P
><P
->Note that the setuid bit is <SPAN
-CLASS="emphasis"
-><I
+>Note that the setuid bit is <I
CLASS="EMPHASIS"
>never</I
-></SPAN
> set via
inheritance (the code explicitly prohibits this).</P
><P
@@ -9636,13 +9491,10 @@ CLASS="PARAMETER"
></A
>.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>all active interfaces except 127.0.0.1
that are broadcast capable</I
-></SPAN
></P
></DD
><DT
@@ -9653,12 +9505,9 @@ NAME="INVALIDUSERS"
><DD
><P
>This is a list of users that should not be allowed
- to login to this service. This is really a <SPAN
-CLASS="emphasis"
-><I
+ to login to this service. This is really a <I
CLASS="EMPHASIS"
>paranoid</I
-></SPAN
>
check to absolutely ensure an improper setting does not breach
your security.</P
@@ -9675,7 +9524,7 @@ CLASS="EMPHASIS"
so the value <TT
CLASS="PARAMETER"
><I
->+&amp;group</I
+>+&#38;group</I
></TT
> means check the
UNIX group database, followed by the NIS netgroup database, and
@@ -9707,12 +9556,9 @@ CLASS="PARAMETER"
></A
>.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no invalid users</I
-></SPAN
></P
><P
>Example: <B
@@ -9796,12 +9642,9 @@ CLASS="COMMAND"
>
</A
> has oplocked. This allows complete data consistency between
- SMB/CIFS, NFS and local file access (and is a <SPAN
-CLASS="emphasis"
-><I
+ SMB/CIFS, NFS and local file access (and is a <I
CLASS="EMPHASIS"
>very</I
-></SPAN
>
cool feature :-).</P
><P
@@ -9920,12 +9763,9 @@ CLASS="COMMAND"
page for more information on how to accmplish this.
</P
><P
->Default : <SPAN
-CLASS="emphasis"
-><I
+>Default : <I
CLASS="EMPHASIS"
>none</I
-></SPAN
></P
></DD
><DT
@@ -9949,7 +9789,7 @@ CLASS="CONSTANT"
><P
>Default : <B
CLASS="COMMAND"
->ldap filter = (&amp;(uid=%u)(objectclass=sambaAccount))</B
+>ldap filter = (&#38;(uid=%u)(objectclass=sambaAccount))</B
></P
></DD
><DT
@@ -9961,12 +9801,9 @@ NAME="LDAPSSL"
><P
>This option is used to define whether or not Samba should
use SSL when connecting to the ldap server
- This is <SPAN
-CLASS="emphasis"
-><I
+ This is <I
CLASS="EMPHASIS"
>NOT</I
-></SPAN
> related to
Samba's previous SSL support which was enabled by specifying the
<B
@@ -10059,12 +9896,9 @@ CLASS="COMMAND"
>ldap machine suffix</B
>. It also used as the base dn for all ldap searches. </P
><P
->Default : <SPAN
-CLASS="emphasis"
-><I
+>Default : <I
CLASS="EMPHASIS"
>none</I
-></SPAN
></P
></DD
><DT
@@ -10077,12 +9911,9 @@ NAME="LDAPUSERSUFFIX"
>It specifies where users are added to the tree.
</P
><P
->Default : <SPAN
-CLASS="emphasis"
-><I
+>Default : <I
CLASS="EMPHASIS"
>none</I
-></SPAN
></P
></DD
><DT
@@ -10096,12 +9927,9 @@ NAME="LDAPMACHINESUFFIX"
added to the ldap tree.
</P
><P
->Default : <SPAN
-CLASS="emphasis"
-><I
+>Default : <I
CLASS="EMPHASIS"
>none</I
-></SPAN
></P
></DD
><DT
@@ -10453,22 +10281,16 @@ CLASS="CONSTANT"
CLASS="CONSTANT"
>yes</TT
> doesn't
- mean that Samba will <SPAN
-CLASS="emphasis"
-><I
+ mean that Samba will <I
CLASS="EMPHASIS"
>become</I
-></SPAN
> the local master
browser on a subnet, just that <B
CLASS="COMMAND"
>nmbd</B
-> will <SPAN
-CLASS="emphasis"
-><I
+> will <I
CLASS="EMPHASIS"
> participate</I
-></SPAN
> in elections for local master browser.</P
><P
>Setting this value to <TT
@@ -10478,12 +10300,9 @@ CLASS="CONSTANT"
CLASS="COMMAND"
>nmbd</B
>
- <SPAN
-CLASS="emphasis"
-><I
+ <I
CLASS="EMPHASIS"
>never</I
-></SPAN
> to become a local master browser.</P
><P
>Default: <B
@@ -10613,19 +10432,13 @@ CLASS="COMMAND"
>, real locking will be performed
by the server.</P
><P
->This option <SPAN
-CLASS="emphasis"
-><I
+>This option <I
CLASS="EMPHASIS"
>may</I
-></SPAN
> be useful for read-only
- filesystems which <SPAN
-CLASS="emphasis"
-><I
+ filesystems which <I
CLASS="EMPHASIS"
>may</I
-></SPAN
> not need locking (such as
CDROM drives), although setting this parameter of <TT
CLASS="CONSTANT"
@@ -10674,7 +10487,7 @@ NAME="LOGLEVEL"
CLASS="FILENAME"
>smb.conf</TT
> file. This parameter has been
- extended since 2.2.x series, now it allow to specify the debug
+ extended since the 2.2.x series, now it allow to specify the debug
level for multiple debug classes. This is to give greater
flexibility in the configuration of the system.</P
><P
@@ -10850,12 +10663,9 @@ CLASS="FILENAME"
>Thereafter, the directories and any of the contents can,
if required, be made read-only. It is not advisable that the
NTuser.dat file be made read-only - rename it to NTuser.man to
- achieve the desired effect (a <SPAN
-CLASS="emphasis"
-><I
+ achieve the desired effect (a <I
CLASS="EMPHASIS"
>MAN</I
-></SPAN
>datory
profile). </P
><P
@@ -10945,12 +10755,9 @@ CLASS="COMMAND"
>This option is only useful if Samba is set up as a logon
server.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no logon script defined</I
-></SPAN
></P
><P
>Example: <B
@@ -11195,9 +11002,7 @@ CLASS="PARAMETER"
></A
> parameter.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>depends on the setting of <TT
CLASS="PARAMETER"
@@ -11205,7 +11010,6 @@ CLASS="PARAMETER"
> printing</I
></TT
></I
-></SPAN
></P
><P
>Example: <B
@@ -11357,9 +11161,7 @@ CLASS="PARAMETER"
></A
> parameter.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>depends on the setting of <TT
CLASS="PARAMETER"
@@ -11368,7 +11170,6 @@ CLASS="PARAMETER"
</I
></TT
></I
-></SPAN
></P
><P
>Example 1: <B
@@ -11457,7 +11258,7 @@ CLASS="PARAMETER"
><P
>Default: <B
CLASS="COMMAND"
->magic output = &lt;magic script name&gt;.out
+>magic output = &#60;magic script name&#62;.out
</B
></P
><P
@@ -11496,36 +11297,24 @@ CLASS="PARAMETER"
>Note that some shells are unable to interpret scripts
containing CR/LF instead of CR as
the end-of-line marker. Magic scripts must be executable
- <SPAN
-CLASS="emphasis"
-><I
+ <I
CLASS="EMPHASIS"
>as is</I
-></SPAN
> on the host, which for some hosts and
some shells will require filtering at the DOS end.</P
><P
->Magic scripts are <SPAN
-CLASS="emphasis"
-><I
+>Magic scripts are <I
CLASS="EMPHASIS"
>EXPERIMENTAL</I
-></SPAN
> and
- should <SPAN
-CLASS="emphasis"
-><I
+ should <I
CLASS="EMPHASIS"
>NOT</I
-></SPAN
> be relied upon.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>None. Magic scripts disabled.</I
-></SPAN
></P
><P
>Example: <B
@@ -11592,12 +11381,9 @@ CLASS="FILENAME"
> off the ends of filenames on some CDROMs (only visible
under some UNIXes). To do this use a map of (*;1 *;).</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no mangled map</I
-></SPAN
></P
><P
>Example: <B
@@ -11784,12 +11570,9 @@ NAME="MANGLINGCHAR"
><DD
><P
>This controls what character is used as
- the <SPAN
-CLASS="emphasis"
-><I
+ the <I
CLASS="EMPHASIS"
>magic</I
-></SPAN
> character in <A
HREF="#AEN205"
>name mangling</A
@@ -11990,12 +11773,9 @@ HREF="#GUESTACCOUNT"
will not know the reason they cannot access files they think
they should - there will have been no message given to them
that they got their password wrong. Helpdesk services will
- <SPAN
-CLASS="emphasis"
-><I
+ <I
CLASS="EMPHASIS"
>hate</I
-></SPAN
> you if you set the <TT
CLASS="PARAMETER"
><I
@@ -12014,12 +11794,9 @@ CLASS="PARAMETER"
></TT
> modes other than
share. This is because in these modes the name of the resource being
- requested is <SPAN
-CLASS="emphasis"
-><I
+ requested is <I
CLASS="EMPHASIS"
>not</I
-></SPAN
> sent to the server until after
the server has successfully authenticated the client so the server
cannot make authentication decisions at the correct time (connection
@@ -12269,12 +12046,9 @@ CLASS="CONSTANT"
><TT
CLASS="CONSTANT"
>LANMAN1</TT
->: First <SPAN
-CLASS="emphasis"
-><I
+>: First <I
CLASS="EMPHASIS"
> modern</I
-></SPAN
> version of the protocol. Long filename
support.</P
></LI
@@ -12477,13 +12251,10 @@ CLASS="COMMAND"
CLASS="COMMAND"
>xedit</B
>, then
- removes it afterwards. <SPAN
-CLASS="emphasis"
-><I
+ removes it afterwards. <I
CLASS="EMPHASIS"
>NOTE THAT IT IS VERY IMPORTANT
THAT THIS COMMAND RETURN IMMEDIATELY</I
-></SPAN
>. That's why I
have the '&#38;' on the end. If it doesn't return immediately then
your PCs may freeze when sending messages (they should recover
@@ -12549,7 +12320,7 @@ CLASS="PARAMETER"
><B
CLASS="COMMAND"
>message command = /bin/mail -s 'message from %f on
- %m' root &lt; %s; rm %s</B
+ %m' root &#60; %s; rm %s</B
></P
><P
>If you don't have a message command then the message
@@ -12565,12 +12336,9 @@ CLASS="COMMAND"
>message command = rm %s</B
></P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no message command</I
-></SPAN
></P
><P
>Example: <B
@@ -12962,12 +12730,9 @@ CLASS="PARAMETER"
></A
>.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>empty string (no additional names)</I
-></SPAN
></P
><P
>Example: <B
@@ -13000,12 +12765,9 @@ CLASS="PARAMETER"
></A
>.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>machine DNS name</I
-></SPAN
></P
><P
>Example: <B
@@ -13090,7 +12852,7 @@ NAME="NONUNIXACCOUNTRANGE"
><P
>Default: <B
CLASS="COMMAND"
->non unix account range = &lt;empty string&gt;
+>non unix account range = &#60;empty string&#62;
</B
></P
><P
@@ -13317,13 +13079,10 @@ NAME="OPLOCKBREAKWAITTIME"
is the amount of time Samba will wait before sending an oplock break
request to such (broken) clients.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ
AND UNDERSTOOD THE SAMBA OPLOCK CODE</I
-></SPAN
>.</P
><P
>Default: <B
@@ -13338,12 +13097,9 @@ NAME="OPLOCKCONTENTIONLIMIT"
>oplock contention limit (S)</DT
><DD
><P
->This is a <SPAN
-CLASS="emphasis"
-><I
+>This is a <I
CLASS="EMPHASIS"
>very</I
-></SPAN
> advanced
<A
HREF="smbd.8.html"
@@ -13366,13 +13122,10 @@ CLASS="COMMAND"
> to behave in a similar
way to Windows NT.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ
AND UNDERSTOOD THE SAMBA OPLOCK CODE</I
-></SPAN
>.</P
><P
>Default: <B
@@ -13498,12 +13251,9 @@ CLASS="PARAMETER"
></TT
> in the local broadcast area.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note :</I
-></SPAN
>By default, Samba will win
a local master browsing election over all Microsoft operating
systems except a Windows NT 4.0/2000 Domain Controller. This
@@ -13539,8 +13289,8 @@ NAME="OS2DRIVERMAP"
path to a file containing a mapping of Windows NT printer driver
names to OS/2 printer driver names. The format is:</P
><P
->&lt;nt driver name&gt; = &lt;os2 driver
- name&gt;.&lt;device name&gt;</P
+>&#60;nt driver name&#62; = &#60;os2 driver
+ name&#62;.&#60;device name&#62;</P
><P
>For example, a valid entry using the HP LaserJet 5
printer driver would appear as <B
@@ -13565,7 +13315,7 @@ TARGET="_top"
><P
>Default: <B
CLASS="COMMAND"
->os2 driver map = &lt;empty string&gt;
+>os2 driver map = &#60;empty string&#62;
</B
></P
></DD
@@ -13629,7 +13379,7 @@ TARGET="_top"
><P
>Default: <B
CLASS="COMMAND"
->panic action = &lt;empty string&gt;</B
+>panic action = &#60;empty string&#62;</B
></P
><P
>Example: <B
@@ -13664,7 +13414,7 @@ NAME="PASSDBBACKEND"
><P
>This option allows the administrator to chose which backends to retrieve and store passwords with. This allows (for example) both
smbpasswd and tdbsam to be used without a recompile.
- Multiple backends can be specified, seperated by spaces. The backends will be searched in the order they are specified. New users are always added to the first backend specified.
+ Multiple backends can be specified, separated by spaces. The backends will be searched in the order they are specified. New users are always added to the first backend specified.
Experimental backends must still be selected
(eg --with-tdbsam) at configure time.
</P
@@ -13772,10 +13522,8 @@ CLASS="COMMAND"
>ldap://localhost</B
>)</P
><P
->Note: In this module, any account
- without a matching POSIX account is regarded
- as 'non unix'.
- </P
+>Note: In this module, any account without a matching POSIX account is regarded
+ as 'non unix'. </P
><P
>See also <A
HREF="#NONUNIXACCOUNTRANGE"
@@ -13876,12 +13624,9 @@ NAME="PASSWDCHAT"
>passwd chat (G)</DT
><DD
><P
->This string controls the <SPAN
-CLASS="emphasis"
-><I
+>This string controls the <I
CLASS="EMPHASIS"
>"chat"</I
-></SPAN
>
conversation that takes places between <A
HREF="smbd.8.html"
@@ -13923,12 +13668,9 @@ CLASS="PARAMETER"
CLASS="CONSTANT"
>yes</TT
>. This
- sequence is then called <SPAN
-CLASS="emphasis"
-><I
+ sequence is then called <I
CLASS="EMPHASIS"
>AS ROOT</I
-></SPAN
> when the SMB password
in the smbpasswd file is being changed, without access to the old
password cleartext. This means that root must be able to reset the user's password
@@ -14042,12 +13784,9 @@ NAME="PASSWDCHATDEBUG"
><DD
><P
>This boolean specifies if the passwd chat script
- parameter is run in <SPAN
-CLASS="emphasis"
-><I
+ parameter is run in <I
CLASS="EMPHASIS"
>debug</I
-></SPAN
> mode. In this mode the
strings passed to and received from the passwd chat are printed
in the <A
@@ -14144,24 +13883,18 @@ CLASS="PARAMETER"
will be replaced with the user name. The user name is checked for
existence before calling the password changing program.</P
><P
->Also note that many passwd programs insist in <SPAN
-CLASS="emphasis"
-><I
+>Also note that many passwd programs insist in <I
CLASS="EMPHASIS"
>reasonable
</I
-></SPAN
> passwords, such as a minimum length, or the inclusion
of mixed case chars and digits. This can pose a problem as some clients
(such as Windows for Workgroups) uppercase the password before sending
it.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note</I
-></SPAN
> that if the <TT
CLASS="PARAMETER"
><I
@@ -14172,12 +13905,9 @@ CLASS="PARAMETER"
CLASS="CONSTANT"
>yes
</TT
-> then this program is called <SPAN
-CLASS="emphasis"
-><I
+> then this program is called <I
CLASS="EMPHASIS"
>AS ROOT</I
-></SPAN
>
before the SMB password in the <A
HREF="smbpasswd.5.html"
@@ -14197,19 +13927,13 @@ CLASS="PARAMETER"
>unix password sync</I
></TT
> parameter
- is set this parameter <SPAN
-CLASS="emphasis"
-><I
+ is set this parameter <I
CLASS="EMPHASIS"
>MUST USE ABSOLUTE PATHS</I
-></SPAN
>
- for <SPAN
-CLASS="emphasis"
-><I
+ for <I
CLASS="EMPHASIS"
>ALL</I
-></SPAN
> programs called, and must be examined
for security implications. Note that by default <TT
CLASS="PARAMETER"
@@ -14348,21 +14072,15 @@ CLASS="PARAMETER"
the "LM1.2X002" or the "NT LM 0.12" protocol, and it must be in
user level security mode.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>NOTE:</I
-></SPAN
> Using a password server
means your UNIX box (running Samba) is only as secure as your
- password server. <SPAN
-CLASS="emphasis"
-><I
+ password server. <I
CLASS="EMPHASIS"
>DO NOT CHOOSE A PASSWORD SERVER THAT
YOU DON'T COMPLETELY TRUST</I
-></SPAN
>.</P
><P
>Never point a Samba server at itself for password
@@ -14419,11 +14137,17 @@ CLASS="PARAMETER"
Primary or Backup Domain controllers to authenticate against by
doing a query for the name <TT
CLASS="CONSTANT"
->WORKGROUP&lt;1C&gt;</TT
+>WORKGROUP&#60;1C&#62;</TT
>
and then contacting each server returned in the list of IP
addresses from the name resolution source. </P
><P
+>If the list of servers contains both names and the '*'
+ character, the list is treated as a list of preferred
+ domain controllers, but an auto lookup of all remaining DC's
+ will be added to the list as well. Samba will not attempt to optimize
+ this list by locating the closest DC.</P
+><P
>If the <TT
CLASS="PARAMETER"
><I
@@ -14491,13 +14215,13 @@ CLASS="PARAMETER"
><P
>Default: <B
CLASS="COMMAND"
->password server = &lt;empty string&gt;</B
+>password server = &#60;empty string&#62;</B
>
</P
><P
>Example: <B
CLASS="COMMAND"
->password server = NT-PDC, NT-BDC1, NT-BDC2
+>password server = NT-PDC, NT-BDC1, NT-BDC2, *
</B
></P
><P
@@ -14551,12 +14275,9 @@ CLASS="PARAMETER"
></A
> if one was specified.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>none</I
-></SPAN
></P
><P
>Example: <B
@@ -14643,19 +14364,16 @@ CLASS="PARAMETER"
</A
>.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>none (no command executed)</I
-></SPAN
>
</P
><P
>Example: <B
CLASS="COMMAND"
>postexec = echo \"%u disconnected from %S
- from %m (%I)\" &gt;&gt; /tmp/log</B
+ from %m (%I)\" &#62;&#62; /tmp/log</B
></P
></DD
><DT
@@ -14723,18 +14441,15 @@ CLASS="PARAMETER"
></A
>.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>none (no command executed)</I
-></SPAN
></P
><P
>Example: <B
CLASS="COMMAND"
>preexec = echo \"%u connected to %S from %m
- (%I)\" &gt;&gt; /tmp/log</B
+ (%I)\" &#62;&#62; /tmp/log</B
></P
></DD
><DT
@@ -14863,12 +14578,9 @@ CLASS="PARAMETER"
></A
> option is easier.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no preloaded services</I
-></SPAN
></P
><P
>Example: <B
@@ -14944,12 +14656,9 @@ CLASS="COMMAND"
>%z - the size of the spooled
print job (in bytes)</P
><P
->The print command <SPAN
-CLASS="emphasis"
-><I
+>The print command <I
CLASS="EMPHASIS"
>MUST</I
-></SPAN
> contain at least
one occurrence of <TT
CLASS="PARAMETER"
@@ -15007,7 +14716,7 @@ CLASS="PARAMETER"
><P
><B
CLASS="COMMAND"
->print command = echo Printing %s &gt;&gt;
+>print command = echo Printing %s &#62;&#62;
/tmp/print.log; lpr -P %p %s; rm %s</B
></P
><P
@@ -15207,6 +14916,12 @@ CLASS="COMMAND"
><P
>A minimal printcap file would look something like this:</P
><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
><PRE
CLASS="PROGRAMLISTING"
> print1|My Printer 1
@@ -15215,18 +14930,18 @@ CLASS="PROGRAMLISTING"
print4|My Printer 4
print5|My Printer 5
</PRE
+></TD
+></TR
+></TABLE
></P
><P
>where the '|' separates aliases of a printer. The fact
that the second alias has a space in it gives a hint to Samba
that it's a comment.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>NOTE</I
-></SPAN
>: Under AIX the default printcap
name is <TT
CLASS="FILENAME"
@@ -15265,7 +14980,7 @@ NAME="PRINTERADMIN"
><P
>Default: <B
CLASS="COMMAND"
->printer admin = &lt;empty string&gt;</B
+>printer admin = &#60;empty string&#62;</B
>
</P
><P
@@ -15281,12 +14996,9 @@ NAME="PRINTERDRIVER"
>printer driver (S)</DT
><DD
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note :</I
-></SPAN
>This is a deprecated
parameter and will be removed in the next major release
following version 2.2. Please see the instructions in
@@ -15343,12 +15055,9 @@ NAME="PRINTERDRIVERFILE"
>printer driver file (G)</DT
><DD
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note :</I
-></SPAN
>This is a deprecated
parameter and will be removed in the next major release
following version 2.2. Please see the instructions in
@@ -15401,12 +15110,9 @@ CLASS="PARAMETER"
></A
>.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>None (set in compile).</I
-></SPAN
></P
><P
>Example: <B
@@ -15422,12 +15128,9 @@ NAME="PRINTERDRIVERLOCATION"
>printer driver location (S)</DT
><DD
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note :</I
-></SPAN
>This is a deprecated
parameter and will be removed in the next major release
following version 2.2. Please see the instructions in
@@ -15496,16 +15199,13 @@ NAME="PRINTERNAME"
name given will be used for any printable service that does
not have its own printer name specified.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>none (but may be <TT
CLASS="CONSTANT"
>lp</TT
>
on many systems)</I
-></SPAN
></P
><P
>Example: <B
@@ -15707,9 +15407,7 @@ CLASS="PARAMETER"
path in the command as the PATH may not be available to the
server.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>depends on the setting of <TT
CLASS="PARAMETER"
@@ -15718,7 +15416,6 @@ CLASS="PARAMETER"
</I
></TT
></I
-></SPAN
></P
><P
>Example: <B
@@ -15767,9 +15464,7 @@ CLASS="PARAMETER"
path in the command as the PATH may not be available to the
server.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>depends on the setting of <A
HREF="#PRINTING"
@@ -15780,7 +15475,6 @@ CLASS="PARAMETER"
></TT
></A
></I
-></SPAN
>
</P
><P
@@ -15864,7 +15558,7 @@ CLASS="PARAMETER"
><P
>Default: <B
CLASS="COMMAND"
->read list = &lt;empty string&gt;</B
+>read list = &#60;empty string&#62;</B
></P
><P
>Example: <B
@@ -15900,12 +15594,9 @@ CLASS="CONSTANT"
CLASS="COMMAND"
>printable = yes</B
>)
- will <SPAN
-CLASS="emphasis"
-><I
+ will <I
CLASS="EMPHASIS"
>ALWAYS</I
-></SPAN
> allow writing to the directory
(user privileges permitting), but only via spooling operations.</P
><P
@@ -16074,7 +15765,7 @@ CLASS="FILENAME"
><P
>Default: <B
CLASS="COMMAND"
->remote announce = &lt;empty string&gt;
+>remote announce = &#60;empty string&#62;
</B
></P
></DD
@@ -16124,7 +15815,7 @@ CLASS="COMMAND"
><P
>Default: <B
CLASS="COMMAND"
->remote browse sync = &lt;empty string&gt;
+>remote browse sync = &#60;empty string&#62;
</B
></P
></DD
@@ -16135,41 +15826,17 @@ NAME="RESTRICTANONYMOUS"
>restrict anonymous (G)</DT
><DD
><P
->This is a boolean parameter. If it is <TT
-CLASS="CONSTANT"
->yes</TT
->, then
- anonymous access to the server will be restricted, namely in the
- case where the server is expecting the client to send a username,
- but it doesn't. Setting it to <TT
-CLASS="CONSTANT"
->yes</TT
-> will force these anonymous
- connections to be denied, and the client will be required to always
- supply a username and password when connecting. Use of this parameter
- is only recommended for homogeneous NT client environments.</P
-><P
->This parameter makes the use of macro expansions that rely
- on the username (%U, %G, etc) consistent. NT 4.0
- likes to use anonymous connections when refreshing the share list,
- and this is a way to work around that.</P
-><P
->When restrict anonymous is <TT
+>This is a integer parameter, and
+ mirrors as much as possible the functinality the
+ <TT
CLASS="CONSTANT"
->yes</TT
->, all anonymous connections
- are denied no matter what they are for. This can effect the ability
- of a machine to access the Samba Primary Domain Controller to revalidate
- its machine account after someone else has logged on the client
- interactively. The NT client will display a message saying that
- the machine's account in the domain doesn't exist or the password is
- bad. The best way to deal with this is to reboot NT client machines
- between interactive logons, using "Shutdown and Restart", rather
- than "Close all programs and logon as a different user".</P
+>RestrictAnonymous</TT
+>
+ registry key does on NT/Win2k. </P
><P
>Default: <B
CLASS="COMMAND"
->restrict anonymous = no</B
+>restrict anonymous = 0</B
></P
></DD
><DT
@@ -16247,12 +15914,9 @@ CLASS="PARAMETER"
>root directory</I
></TT
>
- option, <SPAN
-CLASS="emphasis"
-><I
+ option, <I
CLASS="EMPHASIS"
>including</I
-></SPAN
> some files needed for
complete operation of the server. To maintain full operability
of the server you will need to mirror some system files
@@ -16309,7 +15973,7 @@ CLASS="PARAMETER"
><P
>Default: <B
CLASS="COMMAND"
->root postexec = &lt;empty string&gt;
+>root postexec = &#60;empty string&#62;
</B
></P
></DD
@@ -16350,7 +16014,7 @@ CLASS="PARAMETER"
><P
>Default: <B
CLASS="COMMAND"
->root preexec = &lt;empty string&gt;
+>root preexec = &#60;empty string&#62;
</B
></P
></DD
@@ -16485,12 +16149,9 @@ CLASS="PARAMETER"
>It is possible to use <B
CLASS="COMMAND"
>smbd</B
-> in a <SPAN
-CLASS="emphasis"
-><I
+> in a <I
CLASS="EMPHASIS"
> hybrid mode</I
-></SPAN
> where it is offers both user and share
level security under different <A
HREF="#NETBIOSALIASES"
@@ -16507,13 +16168,10 @@ CLASS="PARAMETER"
><A
NAME="SECURITYEQUALSSHARE"
></A
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>SECURITY = SHARE
</I
-></SPAN
></P
><P
>When clients connect to a share level security server they
@@ -16531,12 +16189,9 @@ CLASS="COMMAND"
>Note that <B
CLASS="COMMAND"
>smbd</B
-> <SPAN
-CLASS="emphasis"
-><I
+> <I
CLASS="EMPHASIS"
>ALWAYS</I
-></SPAN
>
uses a valid UNIX user to act on behalf of the client, even in
<B
@@ -16596,13 +16251,10 @@ CLASS="PARAMETER"
></LI
><LI
><P
->If the client did a previous <SPAN
-CLASS="emphasis"
-><I
+>If the client did a previous <I
CLASS="EMPHASIS"
>logon
</I
-></SPAN
> request (the SessionSetup SMB call) then the
username sent in this SMB will be added as a potential username.
</P
@@ -16657,12 +16309,9 @@ CLASS="PARAMETER"
>, then this
guest user will be used, otherwise access is denied.</P
><P
->Note that it can be <SPAN
-CLASS="emphasis"
-><I
+>Note that it can be <I
CLASS="EMPHASIS"
>very</I
-></SPAN
> confusing
in share-level security as to which UNIX username will eventually
be used in granting access.</P
@@ -16675,13 +16324,10 @@ HREF="#AEN238"
><A
NAME="SECURITYEQUALSUSER"
></A
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>SECURITY = USER
</I
-></SPAN
></P
><P
>This is the default security setting in Samba 2.2.
@@ -16724,19 +16370,13 @@ CLASS="PARAMETER"
may change the UNIX user to use on this connection, but only after
the user has been successfully authenticated.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note</I
-></SPAN
> that the name of the resource being
- requested is <SPAN
-CLASS="emphasis"
-><I
+ requested is <I
CLASS="EMPHASIS"
>not</I
-></SPAN
> sent to the server until after
the server has successfully authenticated the client. This is why
guest shares don't work in user level security without allowing
@@ -16768,13 +16408,10 @@ HREF="#AEN238"
><A
NAME="SECURITYEQUALSSERVER"
></A
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>SECURITY = SERVER
</I
-></SPAN
></P
><P
>In this mode Samba will try to validate the username/password
@@ -16799,12 +16436,9 @@ CLASS="FILENAME"
> for details on how to set this
up.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note</I
-></SPAN
> that from the client's point of
view <B
CLASS="COMMAND"
@@ -16816,19 +16450,13 @@ CLASS="COMMAND"
with the authentication, it does not in any way affect what the
client sees.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note</I
-></SPAN
> that the name of the resource being
- requested is <SPAN
-CLASS="emphasis"
-><I
+ requested is <I
CLASS="EMPHASIS"
>not</I
-></SPAN
> sent to the server until after
the server has successfully authenticated the client. This is why
guest shares don't work in user level security without allowing
@@ -16880,13 +16508,10 @@ CLASS="PARAMETER"
><A
NAME="SECURITYEQUALSDOMAIN"
></A
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>SECURITY = DOMAIN
</I
-></SPAN
></P
><P
>This mode will only work correctly if <A
@@ -16911,22 +16536,16 @@ CLASS="CONSTANT"
it to a Windows NT Primary or Backup Domain Controller, in exactly
the same way that a Windows NT Server would do.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note</I
-></SPAN
> that a valid UNIX user must still
exist as well as the account on the Domain Controller to allow
Samba to have a valid UNIX account to map file access to.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note</I
-></SPAN
> that from the client's point
of view <B
CLASS="COMMAND"
@@ -16938,19 +16557,13 @@ CLASS="COMMAND"
>. It only affects how the server deals with the authentication,
it does not in any way affect what the client sees.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note</I
-></SPAN
> that the name of the resource being
- requested is <SPAN
-CLASS="emphasis"
-><I
+ requested is <I
CLASS="EMPHASIS"
>not</I
-></SPAN
> sent to the server until after
the server has successfully authenticated the client. This is why
guest shares don't work in user level security without allowing
@@ -16974,12 +16587,9 @@ CLASS="PARAMETER"
</A
> parameter for details on doing this.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>BUG:</I
-></SPAN
> There is currently a bug in the
implementation of <B
CLASS="COMMAND"
@@ -17048,12 +16658,9 @@ NAME="SECURITYMASK"
a user to modify all the user/group/world permissions on a file.
</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note</I
-></SPAN
> that users who can access the
Samba server through other means can easily bypass this
restriction, so it is primarily useful for standalone
@@ -17220,12 +16827,9 @@ CLASS="CONSTANT"
>This option gives full share compatibility and enabled
by default.</P
><P
->You should <SPAN
-CLASS="emphasis"
-><I
+>You should <I
CLASS="EMPHASIS"
>NEVER</I
-></SPAN
> turn this parameter
off as many Windows applications will break if you do so.</P
><P
@@ -17308,12 +16912,9 @@ CLASS="PARAMETER"
></TT
>
parameter will always cause the OpenPrinterEx() on the server
- to fail. Thus the APW icon will never be displayed. <SPAN
-CLASS="emphasis"
-><I
+ to fail. Thus the APW icon will never be displayed. <I
CLASS="EMPHASIS"
> Note :</I
-></SPAN
>This does not prevent the same user from having
administrative privilege on an individual printer.</P
><P
@@ -17356,12 +16957,9 @@ NAME="SHUTDOWNSCRIPT"
>shutdown script (G)</DT
><DD
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>This parameter only exists in the HEAD cvs branch</I
-></SPAN
>
This a full path name to a script called by
<A
@@ -17402,12 +17000,9 @@ CLASS="PARAMETER"
>%r</I
></TT
> will be substituted with the
- switch <SPAN
-CLASS="emphasis"
-><I
+ switch <I
CLASS="EMPHASIS"
>-r</I
-></SPAN
>. It means reboot after shutdown
for NT.
</P
@@ -17418,21 +17013,15 @@ CLASS="PARAMETER"
>%f</I
></TT
> will be substituted with the
- switch <SPAN
-CLASS="emphasis"
-><I
+ switch <I
CLASS="EMPHASIS"
>-f</I
-></SPAN
>. It means force the shutdown
even if applications do not respond for NT.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>None</I
-></SPAN
>.</P
><P
>Example: <B
@@ -17441,7 +17030,13 @@ CLASS="COMMAND"
></P
><P
>Shutdown script example:
- <PRE
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
CLASS="PROGRAMLISTING"
> #!/bin/bash
@@ -17451,6 +17046,9 @@ CLASS="PROGRAMLISTING"
/sbin/shutdown $3 $4 +$time $1 &#38;
</PRE
+></TD
+></TR
+></TABLE
>
Shutdown does not return so we need to launch it in background.
</P
@@ -17610,12 +17208,9 @@ TARGET="_top"
></LI
></UL
><P
->Those marked with a <SPAN
-CLASS="emphasis"
-><I
+>Those marked with a <I
CLASS="EMPHASIS"
>'*'</I
-></SPAN
> take an integer
argument. The others can optionally take a 1 or 0 argument to enable
or disable the option, by default they will be enabled if you
@@ -17687,12 +17282,9 @@ CLASS="COMMAND"
>SAMBA_NETBIOS_NAME = myhostname</B
></P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>No default value</I
-></SPAN
></P
><P
>Examples: <B
@@ -17716,12 +17308,9 @@ NAME="SPNEGO"
><P
> This variable controls controls whether samba will try to use Simple and Protected NEGOciation (as specified by rfc2478) with WindowsXP and Windows2000sp2 clients to agree upon an authentication mechanism. As of samba 3.0alpha it must be set to "no" for these clients to join a samba domain controller. It can be set to "yes" to allow samba to participate in an AD domain controlled by a Windows2000 domain controller.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>use spnego = yes</I
-></SPAN
></P
></DD
><DT
@@ -18227,12 +17816,9 @@ CLASS="PARAMETER"
>passwd
program</I
></TT
->parameter is called <SPAN
-CLASS="emphasis"
-><I
+>parameter is called <I
CLASS="EMPHASIS"
>AS ROOT</I
-></SPAN
> -
to allow the new UNIX password to be set without access to the
old UNIX password (as the SMB password change code has no
@@ -18350,14 +17936,11 @@ CLASS="COMMAND"
>If this parameter is enabled for a printer, then any attempt
to open the printer with the PRINTER_ACCESS_ADMINISTER right is mapped
to PRINTER_ACCESS_USE instead. Thus allowing the OpenPrinterEx()
- call to succeed. <SPAN
-CLASS="emphasis"
-><I
+ call to succeed. <I
CLASS="EMPHASIS"
>This parameter MUST not be able enabled
on a print share which has valid print driver installed on the Samba
server.</I
-></SPAN
></P
><P
>See also <A
@@ -18413,12 +17996,9 @@ CLASS="FILENAME"
will be read to find the names of hosts and users who will be allowed
access without specifying a password.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>NOTE:</I
-></SPAN
> The use of <TT
CLASS="PARAMETER"
><I
@@ -18563,7 +18143,7 @@ HREF="#AEN238"
>Default: <B
CLASS="COMMAND"
>The guest account if a guest service,
- else &lt;empty string&gt;.</B
+ else &#60;empty string&#62;.</B
></P
><P
>Examples:<B
@@ -18700,11 +18280,20 @@ CLASS="COMMAND"
'!' to tell Samba to stop processing if it gets a match on
that line.</P
><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
><PRE
CLASS="PROGRAMLISTING"
> !sys = mary fred
guest = *
</PRE
+></TD
+></TR
+></TABLE
></P
><P
>Note that the remapping is applied to all occurrences
@@ -18741,12 +18330,9 @@ CLASS="PARAMETER"
trouble deleting print jobs as PrintManager under WfWg will think
they don't own the print job.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no username map</I
-></SPAN
></P
><P
>Example: <B
@@ -18848,12 +18434,9 @@ CLASS="FILENAME"
>/var/run/utmp</TT
> on Linux).</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no utmp directory</I
-></SPAN
></P
><P
>Example: <B
@@ -18894,12 +18477,9 @@ CLASS="FILENAME"
>/var/run/wtmp</TT
> on Linux).</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>no wtmp directory</I
-></SPAN
></P
><P
>Example: <B
@@ -18952,13 +18532,10 @@ CLASS="PARAMETER"
></A
></P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>No valid users list (anyone can login)
</I
-></SPAN
></P
><P
>Example: <B
@@ -18980,12 +18557,9 @@ NAME="VETOFILES"
or directories as in DOS wildcards.</P
><P
>Each entry must be a unix path, not a DOS path and
- must <SPAN
-CLASS="emphasis"
-><I
+ must <I
CLASS="EMPHASIS"
>not</I
-></SPAN
> include the unix directory
separator '/'.</P
><P
@@ -19001,12 +18575,9 @@ CLASS="PARAMETER"
is important to be aware of is Samba's behaviour when
trying to delete a directory. If a directory that is
to be deleted contains nothing but veto files this
- deletion will <SPAN
-CLASS="emphasis"
-><I
+ deletion will <I
CLASS="EMPHASIS"
>fail</I
-></SPAN
> unless you also set
the <TT
CLASS="PARAMETER"
@@ -19044,16 +18615,19 @@ CLASS="PARAMETER"
></A
>.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>No files or directories are vetoed.
</I
-></SPAN
></P
><P
->Examples:<PRE
+>Examples:<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
CLASS="PROGRAMLISTING"
>; Veto any files containing the word Security,
; any ending in .tmp, and any directory containing the
@@ -19063,6 +18637,9 @@ veto files = /*Security*/*.tmp/*root*/
; Veto the Apple specific files that a NetAtalk server
; creates.
veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/</PRE
+></TD
+></TR
+></TABLE
></P
></DD
><DT
@@ -19095,13 +18672,10 @@ CLASS="PARAMETER"
>
parameter.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>No files are vetoed for oplock
grants</I
-></SPAN
></P
><P
>You might want to do this on files that you know will
@@ -19153,18 +18727,14 @@ NAME="VFSOBJECT"
>vfs object (S)</DT
><DD
><P
->This parameter specifies a shared object file that
- is used for Samba VFS I/O operations. By default, normal
+>This parameter specifies a shared object files that
+ are used for Samba VFS I/O operations. By default, normal
disk I/O operations are used but these can be overloaded
- with a VFS object. The Samba VFS layer is new to Samba 2.2 and
- must be enabled at compile time with --with-vfs.</P
+ with one or more VFS objects. </P
><P
->Default : <SPAN
-CLASS="emphasis"
-><I
+>Default : <I
CLASS="EMPHASIS"
>no value</I
-></SPAN
></P
></DD
><DT
@@ -19175,9 +18745,8 @@ NAME="VFSOPTIONS"
><DD
><P
>This parameter allows parameters to be passed
- to the vfs layer at initialization time. The Samba VFS layer
- is new to Samba 2.2 and must be enabled at compile time
- with --with-vfs. See also <A
+ to the vfs layer at initialization time.
+ See also <A
HREF="#VFSOBJECT"
><TT
CLASS="PARAMETER"
@@ -19187,12 +18756,9 @@ CLASS="PARAMETER"
></A
>.</P
><P
->Default : <SPAN
-CLASS="emphasis"
-><I
+>Default : <I
CLASS="EMPHASIS"
>no value</I
-></SPAN
></P
></DD
><DT
@@ -19206,12 +18772,9 @@ NAME="VOLUME"
returned for a share. Useful for CDROMs with installation programs
that insist on a particular volume label.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>the name of the share</I
-></SPAN
></P
></DD
><DT
@@ -19298,12 +18861,9 @@ CLASS="COMMAND"
> system call
will not return any data. </P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Warning:</I
-></SPAN
> Turning off user
enumeration may cause some programs to behave oddly. For
example, the finger program relies on having access to the
@@ -19356,12 +18916,9 @@ CLASS="COMMAND"
> system
call will not return any data. </P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Warning:</I
-></SPAN
> Turning off group
enumeration may cause some programs to behave oddly.
</P
@@ -19390,7 +18947,7 @@ TARGET="_top"
><P
>Default: <B
CLASS="COMMAND"
->winbind gid = &lt;empty string&gt;
+>winbind gid = &#60;empty string&#62;
</B
></P
><P
@@ -19461,7 +19018,7 @@ TARGET="_top"
><P
>Default: <B
CLASS="COMMAND"
->winbind uid = &lt;empty string&gt;
+>winbind uid = &#60;empty string&#62;
</B
></P
><P
@@ -19489,7 +19046,7 @@ TARGET="_top"
><P
>Default: <B
CLASS="COMMAND"
->winbind use default domain = &lt;no&gt;
+>winbind use default domain = &#60;no&#62;
</B
></P
><P
@@ -19604,12 +19161,9 @@ TARGET="_top"
>You should point this at your WINS server if you have a
multi-subnetted network.</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>NOTE</I
-></SPAN
>. You need to set up Samba to point
to a WINS server if you have multiple subnets and wish cross-subnet
browsing to work correctly.</P
@@ -19620,12 +19174,9 @@ CLASS="FILENAME"
>
in the docs/ directory of your Samba source distribution.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>not enabled</I
-></SPAN
></P
><P
>Example: <B
@@ -19654,12 +19205,9 @@ CLASS="CONSTANT"
CLASS="COMMAND"
>nmbd</B
> to be your WINS server.
- Note that you should <SPAN
-CLASS="emphasis"
-><I
+ Note that you should <I
CLASS="EMPHASIS"
>NEVER</I
-></SPAN
> set this to <TT
CLASS="CONSTANT"
>yes</TT
@@ -19689,12 +19237,9 @@ CLASS="COMMAND"
>
setting.</P
><P
->Default: <SPAN
-CLASS="emphasis"
-><I
+>Default: <I
CLASS="EMPHASIS"
>set at compile time to WORKGROUP</I
-></SPAN
></P
><P
>Example: <B
@@ -19728,12 +19273,9 @@ NAME="WRITECACHESIZE"
><P
>If this integer parameter is set to non-zero value,
Samba will create an in-memory cache for each oplocked file
- (it does <SPAN
-CLASS="emphasis"
-><I
+ (it does <I
CLASS="EMPHASIS"
>not</I
-></SPAN
> do this for
non-oplocked files). All writes that the client does not request
to be flushed directly to disk will be stored in this cache if possible.
@@ -19800,7 +19342,7 @@ CLASS="PARAMETER"
><P
>Default: <B
CLASS="COMMAND"
->write list = &lt;empty string&gt;
+>write list = &#60;empty string&#62;
</B
></P
><P
@@ -19890,7 +19432,7 @@ CLASS="PARAMETER"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN6150"
+NAME="AEN6147"
></A
><H2
>WARNINGS</H2
@@ -19920,7 +19462,7 @@ TARGET="_top"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN6156"
+NAME="AEN6153"
></A
><H2
>VERSION</H2
@@ -19931,7 +19473,7 @@ NAME="AEN6156"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN6159"
+NAME="AEN6156"
></A
><H2
>SEE ALSO</H2
@@ -20010,7 +19552,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN6179"
+NAME="AEN6176"
></A
><H2
>AUTHOR</H2
diff --git a/docs/htmldocs/smbd.8.html b/docs/htmldocs/smbd.8.html
index 22340139ed..ff0abc2bd1 100644
--- a/docs/htmldocs/smbd.8.html
+++ b/docs/htmldocs/smbd.8.html
@@ -1,11 +1,12 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<HTML
><HEAD
><TITLE
>smbd</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.77"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
+"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
@@ -15,9 +16,7 @@ VLINK="#840084"
ALINK="#0000FF"
><H1
><A
-NAME="SMBD"
-></A
->smbd</H1
+NAME="SMBD">smbd</H1
><DIV
CLASS="REFNAMEDIV"
><A
@@ -29,20 +28,18 @@ NAME="AEN5"
><DIV
CLASS="REFSYNOPSISDIV"
><A
-NAME="AEN8"
-></A
-><H2
+NAME="AEN8"><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>smbd</B
-> [-D] [-a] [-i] [-o] [-P] [-h] [-V] [-b] [-d &lt;debug level&gt;] [-l &lt;log directory&gt;] [-p &lt;port number&gt;] [-O &lt;socket option&gt;] [-s &lt;configuration file&gt;]</P
+> [-D] [-i] [-h] [-V] [-b] [-d &#60;debug level&#62;] [-l &#60;log directory&#62;] [-p &#60;port number&#62;] [-O &#60;socket option&#62;] [-s &#60;configuration file&#62;]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN24"
+NAME="AEN21"
></A
><H2
>DESCRIPTION</H2
@@ -107,7 +104,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN38"
+NAME="AEN35"
></A
><H2
>OPTIONS</H2
@@ -137,14 +134,6 @@ CLASS="COMMAND"
</P
></DD
><DT
->-a</DT
-><DD
-><P
->If this parameter is specified, each new
- connection will append log messages to the log file.
- This is the default.</P
-></DD
-><DT
>-i</DT
><DD
><P
@@ -156,29 +145,6 @@ CLASS="COMMAND"
</P
></DD
><DT
->-o</DT
-><DD
-><P
->If this parameter is specified, the
- log files will be overwritten when opened. By default,
- <B
-CLASS="COMMAND"
->smbd</B
-> will append entries to the log
- files.</P
-></DD
-><DT
->-P</DT
-><DD
-><P
->Passive option. Causes <B
-CLASS="COMMAND"
->smbd</B
-> not to
- send any network traffic out. Used for debugging by
- the developers only.</P
-></DD
-><DT
>-h</DT
><DD
><P
@@ -189,7 +155,7 @@ CLASS="COMMAND"
>.</P
></DD
><DT
->-v</DT
+>-V</DT
><DD
><P
>Prints the version number for
@@ -206,7 +172,7 @@ CLASS="COMMAND"
Samba was built.</P
></DD
><DT
->-d &lt;debug level&gt;</DT
+>-d &#60;debug level&#62;</DT
><DD
><P
><TT
@@ -247,7 +213,7 @@ CLASS="FILENAME"
> file.</P
></DD
><DT
->-l &lt;log directory&gt;</DT
+>-l &#60;log directory&#62;</DT
><DD
><P
>If specified,
@@ -273,12 +239,9 @@ TARGET="_top"
CLASS="FILENAME"
> smb.conf(5)</TT
></A
-> file. <SPAN
-CLASS="emphasis"
-><I
+> file. <I
CLASS="EMPHASIS"
>Beware:</I
-></SPAN
>
If the directory specified does not exist, <B
CLASS="COMMAND"
@@ -291,7 +254,7 @@ CLASS="COMMAND"
compile time.</P
></DD
><DT
->-O &lt;socket options&gt;</DT
+>-O &#60;socket options&#62;</DT
><DD
><P
>See the <A
@@ -310,7 +273,7 @@ CLASS="FILENAME"
> file for details.</P
></DD
><DT
->-p &lt;port number&gt;</DT
+>-p &#60;port number&#62;</DT
><DD
><P
><TT
@@ -341,7 +304,7 @@ CLASS="REPLACEABLE"
in the above situation.</P
></DD
><DT
->-s &lt;configuration file&gt;</DT
+>-s &#60;configuration file&#62;</DT
><DD
><P
>The file specified contains the
@@ -366,7 +329,7 @@ CLASS="FILENAME"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN122"
+NAME="AEN105"
></A
><H2
>FILES</H2
@@ -478,7 +441,7 @@ CLASS="FILENAME"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN158"
+NAME="AEN141"
></A
><H2
>LIMITATIONS</H2
@@ -497,7 +460,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN162"
+NAME="AEN145"
></A
><H2
>ENVIRONMENT VARIABLES</H2
@@ -528,7 +491,7 @@ CLASS="CONSTANT"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN171"
+NAME="AEN154"
></A
><H2
>PAM INTERACTION</H2
@@ -549,13 +512,10 @@ TARGET="_top"
><UL
><LI
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Account Validation</I
-></SPAN
->: All acccesses to a
+>: All accesses to a
samba server are checked
against PAM to see if the account is vaild, not disabled and is permitted to
login at this time. This also applies to encrypted logins.
@@ -563,12 +523,9 @@ CLASS="EMPHASIS"
></LI
><LI
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Session Management</I
-></SPAN
>: When not using share
level secuirty, users must pass PAM's session checks before access
is granted. Note however, that this is bypassed in share level secuirty.
@@ -581,18 +538,18 @@ CLASS="EMPHASIS"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN182"
+NAME="AEN165"
></A
><H2
>VERSION</H2
><P
->This man page is correct for version 2.2 of
+>This man page is correct for version 3.0 of
the Samba suite.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN185"
+NAME="AEN168"
></A
><H2
>DIAGNOSTICS</H2
@@ -615,7 +572,7 @@ NAME="AEN185"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN190"
+NAME="AEN173"
></A
><H2
>SIGNALS</H2
@@ -637,12 +594,9 @@ CLASS="COMMAND"
that <B
CLASS="COMMAND"
>SIGKILL (-9)</B
-> <SPAN
-CLASS="emphasis"
-><I
+> <I
CLASS="EMPHASIS"
>NOT</I
-></SPAN
>
be used, except as a last resort, as this may leave the shared
memory area in an inconsistent state. The safe way to terminate
@@ -684,7 +638,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN207"
+NAME="AEN190"
></A
><H2
>SEE ALSO</H2
@@ -750,7 +704,7 @@ TARGET="_top"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN224"
+NAME="AEN207"
></A
><H2
>AUTHOR</H2
diff --git a/docs/htmldocs/smbpasswd.8.html b/docs/htmldocs/smbpasswd.8.html
index fa7b4b2520..da3cb9f601 100644
--- a/docs/htmldocs/smbpasswd.8.html
+++ b/docs/htmldocs/smbpasswd.8.html
@@ -1,11 +1,12 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<HTML
><HEAD
><TITLE
>smbpasswd</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.77"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
+"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
@@ -15,9 +16,7 @@ VLINK="#840084"
ALINK="#0000FF"
><H1
><A
-NAME="SMBPASSWD"
-></A
->smbpasswd</H1
+NAME="SMBPASSWD">smbpasswd</H1
><DIV
CLASS="REFNAMEDIV"
><A
@@ -29,20 +28,18 @@ NAME="AEN5"
><DIV
CLASS="REFSYNOPSISDIV"
><A
-NAME="AEN8"
-></A
-><H2
+NAME="AEN8"><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>smbpasswd</B
-> [-a] [-x] [-d] [-e] [-D debuglevel] [-n] [-r &lt;remote machine&gt;] [-R &lt;name resolve order&gt;] [-m] [-U username[%password]] [-h] [-s] [-w pass] [username]</P
+> [-a] [-x] [-d] [-e] [-D debuglevel] [-n] [-r &#60;remote machine&#62;] [-R &#60;name resolve order&#62;] [-m] [-U username[%password]] [-h] [-s] [-w pass] [-i] [-L] [username]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN25"
+NAME="AEN27"
></A
><H2
>DESCRIPTION</H2
@@ -54,12 +51,9 @@ TARGET="_top"
> suite.</P
><P
>The smbpasswd program has several different
- functions, depending on whether it is run by the <SPAN
-CLASS="emphasis"
-><I
+ functions, depending on whether it is run by the <I
CLASS="EMPHASIS"
>root</I
-></SPAN
>
user or not. When run as a normal user it allows the user to change
the password used for their SMB sessions on any machines that store
@@ -75,12 +69,9 @@ CLASS="COMMAND"
CLASS="COMMAND"
>smbpasswd</B
> differs from how the passwd program works
- however in that it is not <SPAN
-CLASS="emphasis"
-><I
+ however in that it is not <I
CLASS="EMPHASIS"
>setuid root</I
-></SPAN
> but works in
a client-server mode and communicates with a locally running
<B
@@ -100,7 +91,7 @@ CLASS="FILENAME"
was typed correctly. No passwords will be echoed on the screen
whilst being typed. If you have a blank SMB password (specified by
the string "NO PASSWORD" in the smbpasswd file) then just press
- the &lt;Enter&gt; key when asked for your old password. </P
+ the &#60;Enter&#62; key when asked for your old password. </P
><P
>smbpasswd can also be used by a normal user to change their
SMB password on remote machines, such as Windows NT Primary Domain
@@ -119,7 +110,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN41"
+NAME="AEN43"
></A
><H2
>OPTIONS</H2
@@ -134,7 +125,7 @@ CLASS="VARIABLELIST"
><P
>This option specifies that the username
following should be added to the local smbpasswd file, with the
- new password typed (type &lt;Enter&gt; for the old password). This
+ new password typed (type &#60;Enter&#62; for the old password). This
option is ignored if the username following already exists in
the smbpasswd file and it is treated like a regular change
password command. Note that the default passdb backends require
@@ -303,12 +294,9 @@ CLASS="PARAMETER"
copy of the user account database and will not allow the password
change).</P
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>Note</I
-></SPAN
> that Windows 95/98 do not have
a real password database so it is not possible to change passwords
specifying a Win95/98 machine as remote machine target. </P
@@ -499,16 +487,31 @@ CLASS="PARAMETER"
</P
></DD
><DT
+>-i</DT
+><DD
+><P
+>This option tells smbpasswd that the account
+ being changed is an interdomain trust account. Currently this is used
+ when Samba is being used as an NT Primary Domain Controller.
+ The account contains the info about another trusted domain.</P
+><P
+>This option is only available when running smbpasswd as root.
+ </P
+></DD
+><DT
+>-L</DT
+><DD
+><P
+>Run in local mode.</P
+></DD
+><DT
>username</DT
><DD
><P
>This specifies the username for all of the
- <SPAN
-CLASS="emphasis"
-><I
+ <I
CLASS="EMPHASIS"
>root only</I
-></SPAN
> options to operate on. Only root
can specify this parameter as only root has the permission needed
to modify attributes directly in the local smbpasswd file.
@@ -520,7 +523,7 @@ CLASS="EMPHASIS"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN162"
+NAME="AEN173"
></A
><H2
>NOTES</H2
@@ -563,7 +566,7 @@ CLASS="FILENAME"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN172"
+NAME="AEN183"
></A
><H2
>VERSION</H2
@@ -574,7 +577,7 @@ NAME="AEN172"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN175"
+NAME="AEN186"
></A
><H2
>SEE ALSO</H2
@@ -597,7 +600,7 @@ TARGET="_top"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN181"
+NAME="AEN192"
></A
><H2
>AUTHOR</H2
diff --git a/docs/htmldocs/smbsh.1.html b/docs/htmldocs/smbsh.1.html
index 72dbda5418..bab2b45cdd 100644
--- a/docs/htmldocs/smbsh.1.html
+++ b/docs/htmldocs/smbsh.1.html
@@ -1,11 +1,12 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<HTML
><HEAD
><TITLE
>smbsh</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.77"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
+"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
@@ -15,9 +16,7 @@ VLINK="#840084"
ALINK="#0000FF"
><H1
><A
-NAME="SMBSH"
-></A
->smbsh</H1
+NAME="SMBSH">smbsh</H1
><DIV
CLASS="REFNAMEDIV"
><A
@@ -30,15 +29,13 @@ NAME="AEN5"
><DIV
CLASS="REFSYNOPSISDIV"
><A
-NAME="AEN8"
-></A
-><H2
+NAME="AEN8"><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>smbsh</B
-> [-W workgroup] [-U username] [-P prefix] [-R &lt;name resolve order&gt;] [-d &lt;debug level&gt;] [-l logfile] [-L libdir]</P
+> [-W workgroup] [-U username] [-P prefix] [-R &#60;name resolve order&#62;] [-d &#60;debug level&#62;] [-l logfile] [-L libdir]</P
></DIV
><DIV
CLASS="REFSECT1"
@@ -115,17 +112,14 @@ CLASS="FILENAME"
>This option allows
the user to set the directory prefix for SMB access. The
default value if this option is not specified is
- <SPAN
-CLASS="emphasis"
-><I
+ <I
CLASS="EMPHASIS"
>smb</I
-></SPAN
>.
</P
></DD
><DT
->-R &lt;name resolve order&gt;</DT
+>-R &#60;name resolve order&#62;</DT
><DD
><P
>This option is used to determine what naming
@@ -236,7 +230,7 @@ CLASS="FILENAME"
order. </P
></DD
><DT
->-d &lt;debug level&gt;</DT
+>-d &#60;debug level&#62;</DT
><DD
><P
>debug level is an integer from 0 to 10.</P
@@ -305,6 +299,12 @@ CLASS="COMMAND"
that authenticates you to the machine running the Windows NT
operating system.</P
><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
><PRE
CLASS="PROGRAMLISTING"
> <TT
@@ -335,6 +335,9 @@ CLASS="USERINPUT"
></TT
>
</PRE
+></TD
+></TR
+></TABLE
></P
><P
>Any dynamically linked command you execute from
@@ -354,7 +357,7 @@ CLASS="COMMAND"
the workgroup MYGROUP. The command
<B
CLASS="COMMAND"
->ls /smb/MYGROUP/&lt;machine-name&gt;</B
+>ls /smb/MYGROUP/&#60;machine-name&#62;</B
> will show the share
names for that machine. You could then, for example, use the <B
CLASS="COMMAND"
@@ -376,7 +379,7 @@ NAME="AEN112"
><H2
>VERSION</H2
><P
->This man page is correct for version 2.2 of
+>This man page is correct for version 3.0 of
the Samba suite.</P
></DIV
><DIV
diff --git a/docs/htmldocs/testparm.1.html b/docs/htmldocs/testparm.1.html
index 0fc94cd880..baf11bacac 100644
--- a/docs/htmldocs/testparm.1.html
+++ b/docs/htmldocs/testparm.1.html
@@ -1,11 +1,12 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<HTML
><HEAD
><TITLE
>testparm</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.77"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
+"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
@@ -15,9 +16,7 @@ VLINK="#840084"
ALINK="#0000FF"
><H1
><A
-NAME="TESTPARM"
-></A
->testparm</H1
+NAME="TESTPARM">testparm</H1
><DIV
CLASS="REFNAMEDIV"
><A
@@ -30,20 +29,18 @@ NAME="AEN5"
><DIV
CLASS="REFSYNOPSISDIV"
><A
-NAME="AEN8"
-></A
-><H2
+NAME="AEN8"><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>testparm</B
-> [-s] [-h] [-v] [-L &lt;servername&gt;] {config filename} [hostname hostIP]</P
+> [-s] [-h] [-v] [-L &#60;servername&#62;] [-t &#60;encoding&#62;] {config filename} [hostname hostIP]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN17"
+NAME="AEN18"
></A
><H2
>DESCRIPTION</H2
@@ -69,12 +66,9 @@ CLASS="COMMAND"
</B
> will successfully load the configuration file.</P
><P
->Note that this is <SPAN
-CLASS="emphasis"
-><I
+>Note that this is <I
CLASS="EMPHASIS"
>NOT</I
-></SPAN
> a guarantee that
the services specified in the configuration file will be
available or will operate as expected. </P
@@ -100,7 +94,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN32"
+NAME="AEN33"
></A
><H2
>OPTIONS</H2
@@ -152,6 +146,13 @@ CLASS="FILENAME"
their defaults.</P
></DD
><DT
+>-t encoding</DT
+><DD
+><P
+> Output data in specified encoding.
+ </P
+></DD
+><DT
>configfilename</DT
><DD
><P
@@ -209,7 +210,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN72"
+NAME="AEN77"
></A
><H2
>FILES</H2
@@ -238,7 +239,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN81"
+NAME="AEN86"
></A
><H2
>DIAGNOSTICS</H2
@@ -252,18 +253,18 @@ NAME="AEN81"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN84"
+NAME="AEN89"
></A
><H2
>VERSION</H2
><P
->This man page is correct for version 2.2 of
+>This man page is correct for version 3.0 of
the Samba suite.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN87"
+NAME="AEN92"
></A
><H2
>SEE ALSO</H2
@@ -289,7 +290,7 @@ CLASS="COMMAND"
><DIV
CLASS="REFSECT1"
><A
-NAME="AEN94"
+NAME="AEN99"
></A
><H2
>AUTHOR</H2
diff --git a/docs/htmldocs/vfstest.1.html b/docs/htmldocs/vfstest.1.html
index 3db7ff3d97..1fd7880805 100644
--- a/docs/htmldocs/vfstest.1.html
+++ b/docs/htmldocs/vfstest.1.html
@@ -1,11 +1,12 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<HTML
><HEAD
><TITLE
>vfstest</TITLE
><META
NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.77"></HEAD
+CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
+"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
@@ -15,9 +16,7 @@ VLINK="#840084"
ALINK="#0000FF"
><H1
><A
-NAME="VFSTEST"
-></A
->vfstest</H1
+NAME="VFSTEST">vfstest</H1
><DIV
CLASS="REFNAMEDIV"
><A
@@ -29,15 +28,13 @@ NAME="AEN5"
><DIV
CLASS="REFSYNOPSISDIV"
><A
-NAME="AEN8"
-></A
-><H2
+NAME="AEN8"><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>vfstest</B
-> [-d debuglevel] [-c command] [-l logfile] [-h]</P
+> [-d debuglevel] [-c command] [-l logfile] [-h]</P
></DIV
><DIV
CLASS="REFSECT1"
@@ -78,7 +75,7 @@ CLASS="VARIABLELIST"
>-c|--command=command</DT
><DD
><P
->Execute the specified (colon-seperated) commands.
+>Execute the specified (colon-separated) commands.
See below for the commands that are available.
</P
></DD
@@ -152,12 +149,9 @@ NAME="AEN48"
><H2
>COMMANDS</H2
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>VFS COMMANDS</I
-></SPAN
></P
><P
></P
@@ -166,14 +160,14 @@ CLASS="EMPHASIS"
><P
><B
CLASS="COMMAND"
->load &lt;module.so&gt;</B
+>load &#60;module.so&#62;</B
> - Load specified VFS module </P
></LI
><LI
><P
><B
CLASS="COMMAND"
->populate &lt;char&gt; &lt;size&gt;</B
+>populate &#60;char&#62; &#60;size&#62;</B
> - Populate a data buffer with the specified data
</P
></LI
@@ -181,7 +175,7 @@ CLASS="COMMAND"
><P
><B
CLASS="COMMAND"
->showdata [&lt;offset&gt; &lt;len&gt;]</B
+>showdata [&#60;offset&#62; &#60;len&#62;]</B
> - Show data currently in data buffer
</P
></LI
@@ -418,12 +412,9 @@ CLASS="COMMAND"
></LI
></UL
><P
-><SPAN
-CLASS="emphasis"
><I
CLASS="EMPHASIS"
>GENERAL COMMANDS</I
-></SPAN
></P
><P
></P
@@ -432,21 +423,21 @@ CLASS="EMPHASIS"
><P
><B
CLASS="COMMAND"
->conf &lt;smb.conf&gt;</B
+>conf &#60;smb.conf&#62;</B
> - Load a different configuration file</P
></LI
><LI
><P
><B
CLASS="COMMAND"
->help [&lt;command&gt;]</B
+>help [&#60;command&#62;]</B
> - Get list of commands or info about specified command</P
></LI
><LI
><P
><B
CLASS="COMMAND"
->debuglevel &lt;level&gt;</B
+>debuglevel &#60;level&#62;</B
> - Set debug level</P
></LI
><LI
diff --git a/docs/manpages/pdbedit.8 b/docs/manpages/pdbedit.8
index b3c1f72c33..278bc2727a 100644
--- a/docs/manpages/pdbedit.8
+++ b/docs/manpages/pdbedit.8
@@ -3,7 +3,7 @@
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
.\" Please send any bug reports, improvements, comments, patches,
.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "PDBEDIT" "8" "05 November 2002" "" ""
+.TH "PDBEDIT" "8" "26 November 2002" "" ""
.SH NAME
pdbedit \- manage the SAM database
.SH SYNOPSIS
diff --git a/docs/manpages/smb.conf.5 b/docs/manpages/smb.conf.5
index 9afba79ef4..a9cf133c8d 100644
--- a/docs/manpages/smb.conf.5
+++ b/docs/manpages/smb.conf.5
@@ -3,7 +3,7 @@
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
.\" Please send any bug reports, improvements, comments, patches,
.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "SMB.CONF" "5" "05 November 2002" "" ""
+.TH "SMB.CONF" "5" "26 November 2002" "" ""
.SH NAME
smb.conf \- The configuration file for the Samba suite
.SH "SYNOPSIS"
@@ -1751,7 +1751,7 @@ Default: \fBavailable = yes\fR
.TP
\fBbind interfaces only (G)\fR
This global parameter allows the Samba admin
-to limit what interfaces on a machine will serve SMB requests. If
+to limit what interfaces on a machine will serve SMB requests. It
affects file service smbd(8) and
name service nmbd(8) in slightly
different ways.
@@ -1770,7 +1770,7 @@ As unicast packets are received on the other sockets it allows
\fBnmbd\fR to refuse to serve names to machines that
send packets that arrive through any interfaces not listed in the
\fIinterfaces\fR list. IP Source address spoofing
-does defeat this simple check, however so it must not be used
+does defeat this simple check, however, so it must not be used
seriously as a security feature for \fBnmbd\fR.
For file service it causes smbd(8)
@@ -2489,7 +2489,7 @@ Default: \fBdns proxy = yes\fR
.TP
\fBdomain logons (G)\fR
If set to yes, the Samba server will serve
-Windows 95/98 Domain logons for the \fIworkgroup\fR it is in. Samba 2.2 also
+Windows 95/98 Domain logons for the \fIworkgroup\fR it is in. Samba 2.2
has limited capability to act as a domain controller for Windows
NT 4 Domains. For more details on setting up this feature see
the Samba-PDC-HOWTO included in the \fIhtmldocs/\fR
@@ -3633,7 +3633,7 @@ Example: \fBlog file = /usr/local/samba/var/log.%m
The value of the parameter (a astring) allows
the debug level (logging level) to be specified in the
\fIsmb.conf\fR file. This parameter has been
-extended since 2.2.x series, now it allow to specify the debug
+extended since the 2.2.x series, now it allow to specify the debug
level for multiple debug classes. This is to give greater
flexibility in the configuration of the system.
@@ -4862,7 +4862,7 @@ Default: \fBparanoid server security = yes\fR
\fBpassdb backend (G)\fR
This option allows the administrator to chose which backends to retrieve and store passwords with. This allows (for example) both
smbpasswd and tdbsam to be used without a recompile.
-Multiple backends can be specified, seperated by spaces. The backends will be searched in the order they are specified. New users are always added to the first backend specified.
+Multiple backends can be specified, separated by spaces. The backends will be searched in the order they are specified. New users are always added to the first backend specified.
Experimental backends must still be selected
(eg --with-tdbsam) at configure time.
@@ -4906,9 +4906,8 @@ backend. Takes an LDAP URL as an optional argument (defaults to
backend, with non unix account support. Takes an LDAP URL as an optional argument (defaults to
\fBldap://localhost\fR)
-Note: In this module, any account
-without a matching POSIX account is regarded
-as 'non unix'.
+Note: In this module, any account without a matching POSIX account is regarded
+as 'non unix'.
See also \fInon unix account
range\fR
@@ -5145,6 +5144,12 @@ doing a query for the name WORKGROUP<1C>
and then contacting each server returned in the list of IP
addresses from the name resolution source.
+If the list of servers contains both names and the '*'
+character, the list is treated as a list of preferred
+domain controllers, but an auto lookup of all remaining DC's
+will be added to the list as well. Samba will not attempt to optimize
+this list by locating the closest DC.
+
If the \fIsecurity\fR parameter is
set to server, then there are different
restrictions that \fBsecurity = domain\fR doesn't
@@ -5172,7 +5177,7 @@ See also the \fIsecurity
Default: \fBpassword server = <empty string>\fR
-Example: \fBpassword server = NT-PDC, NT-BDC1, NT-BDC2
+Example: \fBpassword server = NT-PDC, NT-BDC1, NT-BDC2, *
\fR
Example: \fBpassword server = *\fR
@@ -5819,30 +5824,12 @@ Default: \fBremote browse sync = <empty string>
\fR
.TP
\fBrestrict anonymous (G)\fR
-This is a boolean parameter. If it is yes, then
-anonymous access to the server will be restricted, namely in the
-case where the server is expecting the client to send a username,
-but it doesn't. Setting it to yes will force these anonymous
-connections to be denied, and the client will be required to always
-supply a username and password when connecting. Use of this parameter
-is only recommended for homogeneous NT client environments.
-
-This parameter makes the use of macro expansions that rely
-on the username (%U, %G, etc) consistent. NT 4.0
-likes to use anonymous connections when refreshing the share list,
-and this is a way to work around that.
-
-When restrict anonymous is yes, all anonymous connections
-are denied no matter what they are for. This can effect the ability
-of a machine to access the Samba Primary Domain Controller to revalidate
-its machine account after someone else has logged on the client
-interactively. The NT client will display a message saying that
-the machine's account in the domain doesn't exist or the password is
-bad. The best way to deal with this is to reboot NT client machines
-between interactive logons, using "Shutdown and Restart", rather
-than "Close all programs and logon as a different user".
-
-Default: \fBrestrict anonymous = no\fR
+This is a integer parameter, and
+mirrors as much as possible the functinality the
+RestrictAnonymous
+registry key does on NT/Win2k.
+
+Default: \fBrestrict anonymous = 0\fR
.TP
\fBroot (G)\fR
Synonym for \fIroot directory"\fR.
@@ -7051,19 +7038,17 @@ Default: \fBvfs path = \fR
Example: \fBvfs path = /usr/lib/samba/vfs\fR
.TP
\fBvfs object (S)\fR
-This parameter specifies a shared object file that
-is used for Samba VFS I/O operations. By default, normal
+This parameter specifies a shared object files that
+are used for Samba VFS I/O operations. By default, normal
disk I/O operations are used but these can be overloaded
-with a VFS object. The Samba VFS layer is new to Samba 2.2 and
-must be enabled at compile time with --with-vfs.
+with one or more VFS objects.
Default : \fBno value\fR
.TP
\fBvfs options (S)\fR
This parameter allows parameters to be passed
-to the vfs layer at initialization time. The Samba VFS layer
-is new to Samba 2.2 and must be enabled at compile time
-with --with-vfs. See also \fI vfs object\fR.
+to the vfs layer at initialization time.
+See also \fI vfs object\fR.
Default : \fBno value\fR
.TP
diff --git a/docs/manpages/smbd.8 b/docs/manpages/smbd.8
index 5d1f6bc46e..3e350f80e9 100644
--- a/docs/manpages/smbd.8
+++ b/docs/manpages/smbd.8
@@ -3,12 +3,12 @@
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
.\" Please send any bug reports, improvements, comments, patches,
.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "SMBD" "8" "05 November 2002" "" ""
+.TH "SMBD" "8" "26 November 2002" "" ""
.SH NAME
smbd \- server to provide SMB/CIFS services to clients
.SH SYNOPSIS
-\fBsmbd\fR [ \fB-D\fR ] [ \fB-a\fR ] [ \fB-i\fR ] [ \fB-o\fR ] [ \fB-P\fR ] [ \fB-h\fR ] [ \fB-V\fR ] [ \fB-b\fR ] [ \fB-d <debug level>\fR ] [ \fB-l <log directory>\fR ] [ \fB-p <port number>\fR ] [ \fB-O <socket option>\fR ] [ \fB-s <configuration file>\fR ]
+\fBsmbd\fR [ \fB-D\fR ] [ \fB-i\fR ] [ \fB-h\fR ] [ \fB-V\fR ] [ \fB-b\fR ] [ \fB-d <debug level>\fR ] [ \fB-l <log directory>\fR ] [ \fB-p <port number>\fR ] [ \fB-O <socket option>\fR ] [ \fB-s <configuration file>\fR ]
.SH "DESCRIPTION"
.PP
@@ -60,11 +60,6 @@ servers that provide more than casual use file and
print services. This switch is assumed if \fBsmbd
\fR is executed on the command line of a shell.
.TP
-\fB-a\fR
-If this parameter is specified, each new
-connection will append log messages to the log file.
-This is the default.
-.TP
\fB-i\fR
If this parameter is specified it causes the
server to run "interactively", not as a daemon, even if the
@@ -72,22 +67,11 @@ server is executed on the command line of a shell. Setting this
parameter negates the implicit deamon mode when run from the
command line.
.TP
-\fB-o\fR
-If this parameter is specified, the
-log files will be overwritten when opened. By default,
-\fBsmbd\fR will append entries to the log
-files.
-.TP
-\fB-P\fR
-Passive option. Causes \fBsmbd\fR not to
-send any network traffic out. Used for debugging by
-the developers only.
-.TP
\fB-h\fR
Prints the help information (usage)
for \fBsmbd\fR.
.TP
-\fB-v\fR
+\fB-V\fR
Prints the version number for
\fBsmbd\fR.
.TP
@@ -231,7 +215,7 @@ obey pam restricions
smb.conf paramater. When this is set, the following restrictions apply:
.TP 0.2i
\(bu
-\fBAccount Validation\fR: All acccesses to a
+\fBAccount Validation\fR: All accesses to a
samba server are checked
against PAM to see if the account is vaild, not disabled and is permitted to
login at this time. This also applies to encrypted logins.
@@ -244,7 +228,7 @@ Note also that some older pam configuration files may need a line
added for session support.
.SH "VERSION"
.PP
-This man page is correct for version 2.2 of
+This man page is correct for version 3.0 of
the Samba suite.
.SH "DIAGNOSTICS"
.PP
diff --git a/docs/manpages/smbpasswd.8 b/docs/manpages/smbpasswd.8
index e0fe91afe1..ad933517be 100644
--- a/docs/manpages/smbpasswd.8
+++ b/docs/manpages/smbpasswd.8
@@ -3,12 +3,12 @@
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
.\" Please send any bug reports, improvements, comments, patches,
.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "SMBPASSWD" "8" "05 November 2002" "" ""
+.TH "SMBPASSWD" "8" "26 November 2002" "" ""
.SH NAME
smbpasswd \- change a user's SMB password
.SH SYNOPSIS
-\fBsmbpasswd\fR [ \fB-a\fR ] [ \fB-x\fR ] [ \fB-d\fR ] [ \fB-e\fR ] [ \fB-D debuglevel\fR ] [ \fB-n\fR ] [ \fB-r <remote machine>\fR ] [ \fB-R <name resolve order>\fR ] [ \fB-m\fR ] [ \fB-U username[%password]\fR ] [ \fB-h\fR ] [ \fB-s\fR ] [ \fB-w pass\fR ] [ \fBusername\fR ]
+\fBsmbpasswd\fR [ \fB-a\fR ] [ \fB-x\fR ] [ \fB-d\fR ] [ \fB-e\fR ] [ \fB-D debuglevel\fR ] [ \fB-n\fR ] [ \fB-r <remote machine>\fR ] [ \fB-R <name resolve order>\fR ] [ \fB-m\fR ] [ \fB-U username[%password]\fR ] [ \fB-h\fR ] [ \fB-s\fR ] [ \fB-w pass\fR ] [ \fB-i\fR ] [ \fB-L\fR ] [ \fBusername\fR ]
.SH "DESCRIPTION"
.PP
@@ -240,6 +240,17 @@ of the admin's DN. This means that if the value of \fIldap
admin dn\fR ever changes, the password will need to be
manually updated as well.
.TP
+\fB-i\fR
+This option tells smbpasswd that the account
+being changed is an interdomain trust account. Currently this is used
+when Samba is being used as an NT Primary Domain Controller.
+The account contains the info about another trusted domain.
+
+This option is only available when running smbpasswd as root.
+.TP
+\fB-L\fR
+Run in local mode.
+.TP
\fBusername\fR
This specifies the username for all of the
\fBroot only\fR options to operate on. Only root
diff --git a/docs/manpages/smbsh.1 b/docs/manpages/smbsh.1
index 6aa70c470c..e9c1add9e9 100644
--- a/docs/manpages/smbsh.1
+++ b/docs/manpages/smbsh.1
@@ -3,7 +3,7 @@
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
.\" Please send any bug reports, improvements, comments, patches,
.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "SMBSH" "1" "05 November 2002" "" ""
+.TH "SMBSH" "1" "26 November 2002" "" ""
.SH NAME
smbsh \- Allows access to Windows NT filesystem using UNIX commands
.SH SYNOPSIS
@@ -138,7 +138,7 @@ names for that machine. You could then, for example, use the \fB cd\fR command t
edit files, and \fBrcp\fR to copy files.
.SH "VERSION"
.PP
-This man page is correct for version 2.2 of
+This man page is correct for version 3.0 of
the Samba suite.
.SH "BUGS"
.PP
diff --git a/docs/manpages/testparm.1 b/docs/manpages/testparm.1
index a519fd6930..555c28c46c 100644
--- a/docs/manpages/testparm.1
+++ b/docs/manpages/testparm.1
@@ -3,12 +3,12 @@
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
.\" Please send any bug reports, improvements, comments, patches,
.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "TESTPARM" "1" "05 November 2002" "" ""
+.TH "TESTPARM" "1" "26 November 2002" "" ""
.SH NAME
testparm \- check an smb.conf configuration file for internal correctness
.SH SYNOPSIS
-\fBtestparm\fR [ \fB-s\fR ] [ \fB-h\fR ] [ \fB-v\fR ] [ \fB-L <servername>\fR ] \fBconfig filename\fR [ \fBhostname hostIP\fR ]
+\fBtestparm\fR [ \fB-s\fR ] [ \fB-h\fR ] [ \fB-v\fR ] [ \fB-L <servername>\fR ] [ \fB-t <encoding>\fR ] \fBconfig filename\fR [ \fBhostname hostIP\fR ]
.SH "DESCRIPTION"
.PP
@@ -53,6 +53,9 @@ will also output all options that were not used in
\fIsmb.conf\fR and are thus set to
their defaults.
.TP
+\fB-t encoding\fR
+Output data in specified encoding.
+.TP
\fBconfigfilename\fR
This is the name of the configuration file
to check. If this parameter is not present then the
@@ -86,7 +89,7 @@ loaded OK, the program then dumps all known service details
to stdout.
.SH "VERSION"
.PP
-This man page is correct for version 2.2 of
+This man page is correct for version 3.0 of
the Samba suite.
.SH "SEE ALSO"
.PP
diff --git a/docs/manpages/vfstest.1 b/docs/manpages/vfstest.1
index c4958e3dd4..ced1038112 100644
--- a/docs/manpages/vfstest.1
+++ b/docs/manpages/vfstest.1
@@ -3,7 +3,7 @@
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/>
.\" Please send any bug reports, improvements, comments, patches,
.\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "VFSTEST" "1" "05 November 2002" "" ""
+.TH "VFSTEST" "1" "26 November 2002" "" ""
.SH NAME
vfstest \- tool for testing samba VFS modules
.SH SYNOPSIS
@@ -21,7 +21,7 @@ supports cascaded VFS modules.
.SH "OPTIONS"
.TP
\fB-c|--command=command\fR
-Execute the specified (colon-seperated) commands.
+Execute the specified (colon-separated) commands.
See below for the commands that are available.
.TP
\fB-d|--debug=debuglevel\fR