diff options
Diffstat (limited to 'docs-xml/smbdotconf/security/passwordlevel.xml')
| -rw-r--r-- | docs-xml/smbdotconf/security/passwordlevel.xml | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/security/passwordlevel.xml b/docs-xml/smbdotconf/security/passwordlevel.xml new file mode 100644 index 0000000000..1da11e406b --- /dev/null +++ b/docs-xml/smbdotconf/security/passwordlevel.xml @@ -0,0 +1,48 @@ +<samba:parameter name="password level" + context="G" + type="integer" + advanced="1" developer="1" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>Some client/server combinations have difficulty + with mixed-case passwords. One offending client is Windows for + Workgroups, which for some reason forces passwords to upper + case when using the LANMAN1 protocol, but leaves them alone when + using COREPLUS! Another problem child is the Windows 95/98 + family of operating systems. These clients upper case clear + text passwords even when NT LM 0.12 selected by the protocol + negotiation request/response.</para> + + <para>This parameter defines the maximum number of characters + that may be upper case in passwords.</para> + + <para>For example, say the password given was "FRED". If <parameter moreinfo="none"> + password level</parameter> is set to 1, the following combinations + would be tried if "FRED" failed:</para> + + <para>"Fred", "fred", "fRed", "frEd","freD"</para> + + <para>If <parameter moreinfo="none">password level</parameter> was set to 2, + the following combinations would also be tried: </para> + + <para>"FRed", "FrEd", "FreD", "fREd", "fReD", "frED", ..</para> + + <para>And so on.</para> + + <para>The higher value this parameter is set to the more likely + it is that a mixed case password will be matched against a single + case password. However, you should be aware that use of this + parameter reduces security and increases the time taken to + process a new connection.</para> + + <para>A value of zero will cause only two attempts to be + made - the password as is and the password in all-lower case.</para> + + <para>This parameter is used only when using plain-text passwords. It is + not at all used when encrypted passwords as in use (that is the default + since samba-3.0.0). Use this only when <smbconfoption name="encrypt passwords">No</smbconfoption>.</para> +</description> + +<value type="default">0</value> +<value type="example">4</value> +</samba:parameter> |