diff options
Diffstat (limited to 'docs-xml')
23 files changed, 268 insertions, 28 deletions
diff --git a/docs-xml/archives/THANKS b/docs-xml/archives/THANKS index 789042f78e..37ecc99eeb 100644 --- a/docs-xml/archives/THANKS +++ b/docs-xml/archives/THANKS @@ -86,7 +86,7 @@ Tom Haapanen (tomh@metrics.com) consulting firm located in Waterloo, Ontario, Canada. We work with a variety of environments (such as Windows, Windows NT and Unix), tools and application areas, and can provide assistance for - development work ranging from a few days to to multiple man-year + development work ranging from a few days to multiple man-year projects. You can find more information at http://www.metrics.com/. diff --git a/docs-xml/manpages-3/ldbrename.1.xml b/docs-xml/manpages-3/ldbrename.1.xml new file mode 100644 index 0000000000..391ec84ccc --- /dev/null +++ b/docs-xml/manpages-3/ldbrename.1.xml @@ -0,0 +1,107 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> +<refentry id="ldbrename.1"> + +<refmeta> + <refentrytitle>ldbrename</refentrytitle> + <manvolnum>1</manvolnum> +</refmeta> + + +<refnamediv> + <refname>ldbrename</refname> + <refpurpose>Edit LDB databases using your favorite editor</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>ldbrename</command> + <arg choice="opt">-h</arg> + <arg choice="opt">-o options</arg> + <arg choice="req">olddn</arg> + <arg choice="req">newdb</arg> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>ldbrename is a utility that allows you to rename trees in + an LDB database based by DN. This utility takes + two arguments: the original + DN name of the top element and the DN to change it to. + </para> + +</refsect1> + + +<refsect1> + <title>OPTIONS</title> + + <variablelist> + <varlistentry> + <term>-h</term> + <listitem><para> + Show list of available options.</para></listitem> + </varlistentry> + + <varlistentry> + <term>-H <ldb-url></term> + <listitem><para> + LDB URL to connect to. See ldb(7) for details. + </para></listitem> + </varlistentry> + + <varlistentry> + <term>-o options</term> + <listitem><para>Extra ldb options, such as + modules.</para></listitem> + </varlistentry> + + </variablelist> + +</refsect1> + +<refsect1> + <title>ENVIRONMENT</title> + + <variablelist> + <varlistentry><term>LDB_URL</term> + <listitem><para>LDB URL to connect to (can be overrided by using the + -H command-line option.)</para></listitem> + </varlistentry> + </variablelist> + +</refsect1> + +<refsect1> + <title>VERSION</title> + + <para>This man page is correct for version 4.0 of the Samba suite.</para> +</refsect1> + +<refsect1> + <title>SEE ALSO</title> + + <para>ldb(7), ldbmodify, ldbdel, ldif(5)</para> + +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para> ldb was written by + <ulink url="http://samba.org/~tridge/">Andrew Tridgell</ulink>. + </para> + + <para> +If you wish to report a problem or make a suggestion then please see +the <ulink url="http://ldb.samba.org/"/> web site for +current contact and maintainer information. + </para> + + <para>This manpage was written by Jelmer Vernooij.</para> + +</refsect1> + +</refentry> diff --git a/docs-xml/manpages-3/mount.cifs.8.xml b/docs-xml/manpages-3/mount.cifs.8.xml index c386592f1d..ca8ae5f4bf 100644 --- a/docs-xml/manpages-3/mount.cifs.8.xml +++ b/docs-xml/manpages-3/mount.cifs.8.xml @@ -140,7 +140,7 @@ credentials file properly. same domain (e.g. running winbind or nss_ldap) and the server supports the Unix Extensions then the uid and gid can be retrieved from the server (and uid - and gid would not have to be specifed on the mount. + and gid would not have to be specified on the mount. For servers which do not support the CIFS Unix extensions, the default uid (and gid) returned on lookup of existing files will be the uid (gid) of the person diff --git a/docs-xml/manpages-3/vfs_acl_tdb.8.xml b/docs-xml/manpages-3/vfs_acl_tdb.8.xml new file mode 100644 index 0000000000..086b86f03e --- /dev/null +++ b/docs-xml/manpages-3/vfs_acl_tdb.8.xml @@ -0,0 +1,66 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc"> +<refentry id="vfs_acl_tdb.8"> + +<refmeta> + <refentrytitle>vfs_acl_tdb</refentrytitle> + <manvolnum>8</manvolnum> + <refmiscinfo class="source">Samba</refmiscinfo> + <refmiscinfo class="manual">System Administration tools</refmiscinfo> + <refmiscinfo class="version">3.3</refmiscinfo> +</refmeta> + + +<refnamediv> + <refname>vfs_acl_tdb</refname> + <refpurpose>Save NTFS-ACLs in a tdb file</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>vfs objects = acl_tdb</command> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This VFS module is part of the + <citerefentry><refentrytitle>samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>The <command>vfs_acl_tdb</command> VFS module stores + NTFS Access Control Lists (ACLs) in a tdb file. + This enables the full mapping of Windows ACLs on Samba + servers. + </para> + + <para> + The ACL settings are stored in + <filename>$LOCKDIR/file_ntacls.tdb</filename>. + </para> + + <para>Please note that this module is + <emphasis>experimental</emphasis>! + </para> + + <para>This module is stackable.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + <para> + There are no options for <command>vfs_acl_tdb</command>. + </para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> +</refsect1> + +</refentry> diff --git a/docs-xml/manpages-3/vfs_acl_xattr.8.xml b/docs-xml/manpages-3/vfs_acl_xattr.8.xml new file mode 100644 index 0000000000..7387824f79 --- /dev/null +++ b/docs-xml/manpages-3/vfs_acl_xattr.8.xml @@ -0,0 +1,70 @@ +<?xml version="1.0" encoding="iso-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc"> +<refentry id="vfs_acl_xattr.8"> + +<refmeta> + <refentrytitle>vfs_acl_xattr</refentrytitle> + <manvolnum>8</manvolnum> + <refmiscinfo class="source">Samba</refmiscinfo> + <refmiscinfo class="manual">System Administration tools</refmiscinfo> + <refmiscinfo class="version">3.3</refmiscinfo> +</refmeta> + + +<refnamediv> + <refname>vfs_acl_xattr</refname> + <refpurpose>Save NTFS-ACLs in Extended Attributes (EAs)</refpurpose> +</refnamediv> + +<refsynopsisdiv> + <cmdsynopsis> + <command>vfs objects = acl_xattr</command> + </cmdsynopsis> +</refsynopsisdiv> + +<refsect1> + <title>DESCRIPTION</title> + + <para>This VFS module is part of the + <citerefentry><refentrytitle>samba</refentrytitle> + <manvolnum>7</manvolnum></citerefentry> suite.</para> + + <para>The <command>vfs_acl_xattr</command> VFS module stores + NTFS Access Control Lists (ACLs) in Extended Attributes (EAs). + This enables the full mapping of Windows ACLs on Samba + servers. + </para> + + <para>The ACLs are stored in the Extended Attribute + <parameter>security.NTACL</parameter> of a file or directory. + This Attribute is <emphasis>not</emphasis> listed by + <command>getfattr -d <filename>filename</filename></command>. + To show the current value, the name of the EA must be specified + (e.g. <command>getfattr -n security.NTACL <filename>filename</filename> + </command>). + </para> + + <para>Please note that this module is + <emphasis>experimental</emphasis>! + </para> + + <para>This module is stackable.</para> +</refsect1> + +<refsect1> + <title>OPTIONS</title> + <para> + There are no options for <command>vfs_acl_xattr</command>. + </para> +</refsect1> + +<refsect1> + <title>AUTHOR</title> + + <para>The original Samba software and related utilities + were created by Andrew Tridgell. Samba is now developed + by the Samba Team as an Open Source project similar + to the way the Linux kernel is developed.</para> +</refsect1> + +</refentry> diff --git a/docs-xml/smbdotconf/browse/enhancedbrowsing.xml b/docs-xml/smbdotconf/browse/enhancedbrowsing.xml index 13f2cd6446..7f85616c22 100644 --- a/docs-xml/smbdotconf/browse/enhancedbrowsing.xml +++ b/docs-xml/smbdotconf/browse/enhancedbrowsing.xml @@ -17,7 +17,7 @@ <para>You may wish to disable this option if you have a problem with empty workgroups not disappearing from browse lists. Due to the restrictions - of the browse protocols these enhancements can cause a empty workgroup + of the browse protocols, these enhancements can cause a empty workgroup to stay around forever which can be annoying.</para> <para>In general you should leave this option enabled as it makes diff --git a/docs-xml/smbdotconf/locking/strictlocking.xml b/docs-xml/smbdotconf/locking/strictlocking.xml index e3a0ed7b4c..15ad0ad073 100644 --- a/docs-xml/smbdotconf/locking/strictlocking.xml +++ b/docs-xml/smbdotconf/locking/strictlocking.xml @@ -12,7 +12,7 @@ <para> When strict locking is set to Auto (the default), the server performs file lock checks only on non-oplocked files. As most Windows redirectors perform file locking checks locally on oplocked files this is a good trade off for - inproved performance. + improved performance. </para> <para> diff --git a/docs-xml/smbdotconf/misc/remoteannounce.xml b/docs-xml/smbdotconf/misc/remoteannounce.xml index f23968b501..a6bf0c546f 100644 --- a/docs-xml/smbdotconf/misc/remoteannounce.xml +++ b/docs-xml/smbdotconf/misc/remoteannounce.xml @@ -6,7 +6,7 @@ <description> <para> This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle> - <manvolnum>8</manvolnum></citerefentry>to periodically announce itself + <manvolnum>8</manvolnum></citerefentry> to periodically announce itself to arbitrary IP addresses with an arbitrary workgroup name. </para> @@ -23,7 +23,7 @@ </programlisting> the above line would cause <command moreinfo="none">nmbd</command> to announce itself to the two given IP addresses using the given workgroup names. If you leave out the - workgroup name then the one given in the <smbconfoption name="workgroup"/> parameter + workgroup name, then the one given in the <smbconfoption name="workgroup"/> parameter is used instead. </para> diff --git a/docs-xml/smbdotconf/misc/usershareallowguests.xml b/docs-xml/smbdotconf/misc/usershareallowguests.xml index 738f3a11ba..a3ae5183b0 100644 --- a/docs-xml/smbdotconf/misc/usershareallowguests.xml +++ b/docs-xml/smbdotconf/misc/usershareallowguests.xml @@ -8,7 +8,7 @@ to be accessed by non-authenticated users or not. It is the equivalent of allowing people who can create a share the option of setting <parameter moreinfo="none">guest ok = yes</parameter> in a share - definition. Due to the security sensitive nature of this the default + definition. Due to its security sensitive nature, the default is set to off.</para> </description> diff --git a/docs-xml/smbdotconf/misc/usershareprefixallowlist.xml b/docs-xml/smbdotconf/misc/usershareprefixallowlist.xml index bacc2e9530..6c1822a165 100644 --- a/docs-xml/smbdotconf/misc/usershareprefixallowlist.xml +++ b/docs-xml/smbdotconf/misc/usershareprefixallowlist.xml @@ -6,8 +6,8 @@ <description> <para>This parameter specifies a list of absolute pathnames the root of which are allowed to be exported by user defined share definitions. - If the pathname exported doesn't start with one of the strings in this - list the user defined share will not be allowed. This allows the Samba + If the pathname to be exported doesn't start with one of the strings in this + list, the user defined share will not be allowed. This allows the Samba administrator to restrict the directories on the system that can be exported by user defined shares. </para> diff --git a/docs-xml/smbdotconf/misc/usersharetemplateshare.xml b/docs-xml/smbdotconf/misc/usersharetemplateshare.xml index efe2e81d22..9593a6c7e4 100644 --- a/docs-xml/smbdotconf/misc/usersharetemplateshare.xml +++ b/docs-xml/smbdotconf/misc/usersharetemplateshare.xml @@ -5,7 +5,7 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> <description> <para>User defined shares only have limited possible parameters - such as path, guest ok etc. This parameter allows usershares to + such as path, guest ok, etc. This parameter allows usershares to "cloned" from an existing share. If "usershare template share" is set to the name of an existing share, then all usershares created have their defaults set from the parameters set on this diff --git a/docs-xml/smbdotconf/printing/useclientdriver.xml b/docs-xml/smbdotconf/printing/useclientdriver.xml index 99e8556811..4d9b7abfcc 100644 --- a/docs-xml/smbdotconf/printing/useclientdriver.xml +++ b/docs-xml/smbdotconf/printing/useclientdriver.xml @@ -29,7 +29,7 @@ <para>If this parameter is enabled for a printer, then any attempt to open the printer with the PRINTER_ACCESS_ADMINISTER right is mapped to PRINTER_ACCESS_USE instead. Thus allowing the OpenPrinterEx() - call to succeed. <emphasis>This parameter MUST not be able enabled + call to succeed. <emphasis>This parameter MUST not be enabled on a print share which has valid print driver installed on the Samba server.</emphasis></para> </description> diff --git a/docs-xml/smbdotconf/protocol/aclcheckpermissions.xml b/docs-xml/smbdotconf/protocol/aclcheckpermissions.xml index 6916261759..79b6da7afa 100644 --- a/docs-xml/smbdotconf/protocol/aclcheckpermissions.xml +++ b/docs-xml/smbdotconf/protocol/aclcheckpermissions.xml @@ -21,7 +21,7 @@ and allows the open. If the user doesn't have permission to delete the file this will only be discovered at close time, which is too late for the Windows user tools to display an error message to the user. The symptom of this is files that appear to have been deleted "magically" re-appearing - on a Windows explorer refersh. This is an extremely advanced protocol option which should not + on a Windows explorer refresh. This is an extremely advanced protocol option which should not need to be changed. This parameter was introduced in its final form in 3.0.21, an earlier version with slightly different semantics was introduced in 3.0.20. That older version is not documented here. </para> diff --git a/docs-xml/smbdotconf/protocol/enableasusupport.xml b/docs-xml/smbdotconf/protocol/enableasusupport.xml index cd4f30fb8d..bb56b5ad0b 100644 --- a/docs-xml/smbdotconf/protocol/enableasusupport.xml +++ b/docs-xml/smbdotconf/protocol/enableasusupport.xml @@ -5,7 +5,7 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> <description> <para>Hosts running the "Advanced Server for Unix (ASU)" product - require some special accomodations such as creating a builting [ADMIN$] + require some special accomodations such as creating a builtin [ADMIN$] share that only supports IPC connections. The has been the default behavior in smbd for many years. However, certain Microsoft applications such as the Print Migrator tool require that the remote server support diff --git a/docs-xml/smbdotconf/security/clientlanmanauth.xml b/docs-xml/smbdotconf/security/clientlanmanauth.xml index 5266fef6a2..967eacf85b 100644 --- a/docs-xml/smbdotconf/security/clientlanmanauth.xml +++ b/docs-xml/smbdotconf/security/clientlanmanauth.xml @@ -11,7 +11,7 @@ password hashes (e.g. Windows NT/2000, Samba, etc... but not Windows 95/98) will be able to be connected from the Samba client.</para> - <para>The LANMAN encrypted response is easily broken, due to it's + <para>The LANMAN encrypted response is easily broken, due to its case-insensitive nature, and the choice of algorithm. Clients without Windows 95/98 servers are advised to disable this option. </para> diff --git a/docs-xml/smbdotconf/security/clientsigning.xml b/docs-xml/smbdotconf/security/clientsigning.xml index bf37cbb874..c657e05711 100644 --- a/docs-xml/smbdotconf/security/clientsigning.xml +++ b/docs-xml/smbdotconf/security/clientsigning.xml @@ -4,8 +4,7 @@ basic="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> <description> - <para>This controls whether the client offers or requires - the server it talks to to use SMB signing. Possible values + <para>This controls whether the client is allowed or required to use SMB signing. Possible values are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis> and <emphasis>disabled</emphasis>. </para> diff --git a/docs-xml/smbdotconf/security/lanmanauth.xml b/docs-xml/smbdotconf/security/lanmanauth.xml index 341952205f..4e68c5e03a 100644 --- a/docs-xml/smbdotconf/security/lanmanauth.xml +++ b/docs-xml/smbdotconf/security/lanmanauth.xml @@ -12,7 +12,7 @@ Windows 95/98 or the MS DOS network client) will be able to connect to the Samba host.</para> - <para>The LANMAN encrypted response is easily broken, due to it's + <para>The LANMAN encrypted response is easily broken, due to its case-insensitive nature, and the choice of algorithm. Servers without Windows 95/98/ME or MS DOS clients are advised to disable this option. </para> diff --git a/docs-xml/smbdotconf/security/passwordserver.xml b/docs-xml/smbdotconf/security/passwordserver.xml index 0da247d27d..0e92af9eba 100644 --- a/docs-xml/smbdotconf/security/passwordserver.xml +++ b/docs-xml/smbdotconf/security/passwordserver.xml @@ -7,7 +7,7 @@ <para>By specifying the name of another SMB server or Active Directory domain controller with this option, and using <command moreinfo="none">security = [ads|domain|server]</command> - it is possible to get Samba to + it is possible to get Samba to do all its username/password validation using a specific remote server.</para> <para>This option sets the name or IP address of the password server to use. diff --git a/docs-xml/smbdotconf/security/security.xml b/docs-xml/smbdotconf/security/security.xml index 3ad5175712..514ea54e0f 100644 --- a/docs-xml/smbdotconf/security/security.xml +++ b/docs-xml/smbdotconf/security/security.xml @@ -47,7 +47,7 @@ want to mainly setup shares without a password (guest shares). This is commonly used for a shared printer server. It is more difficult to setup guest shares with <command moreinfo="none">security = user</command>, see - the <smbconfoption name="map to guest"/>parameter for details.</para> + the <smbconfoption name="map to guest"/> parameter for details.</para> <para>It is possible to use <command moreinfo="none">smbd</command> in a <emphasis> hybrid mode</emphasis> where it is offers both user and share @@ -58,7 +58,7 @@ <para><anchor id="SECURITYEQUALSSHARE"/><emphasis>SECURITY = SHARE</emphasis></para> - <para>When clients connect to a share level security server they + <para>When clients connect to a share level security server, they need not log onto the server with a valid username and password before attempting to connect to a shared resource (although modern clients such as Windows 95/98 and Windows NT will send a logon request with @@ -211,7 +211,7 @@ </para></note> <note><para>From the client's point of - view <command moreinfo="none">security = server</command> is the + view, <command moreinfo="none">security = server</command> is the same as <command moreinfo="none">security = user</command>. It only affects how the server deals with the authentication, it does not in any way affect what the client sees.</para></note> diff --git a/docs-xml/smbdotconf/security/serverschannel.xml b/docs-xml/smbdotconf/security/serverschannel.xml index 6317448fb6..655463576f 100644 --- a/docs-xml/smbdotconf/security/serverschannel.xml +++ b/docs-xml/smbdotconf/security/serverschannel.xml @@ -13,7 +13,7 @@ </para> <para> - Please note that with this set to <literal>no</literal> you will have to apply the WindowsXP + Please note that with this set to <literal>no</literal>, you will have to apply the WindowsXP <filename>WinXP_SignOrSeal.reg</filename> registry patch found in the docs/registry subdirectory of the Samba distribution tarball. </para> </description> diff --git a/docs-xml/smbdotconf/security/serversigning.xml b/docs-xml/smbdotconf/security/serversigning.xml index f2f5629586..ea21a2c6f6 100644 --- a/docs-xml/smbdotconf/security/serversigning.xml +++ b/docs-xml/smbdotconf/security/serversigning.xml @@ -5,8 +5,7 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> <description> - <para>This controls whether the server offers or requires - the client it talks to to use SMB signing. Possible values + <para>This controls whether the client is allowed or required to use SMB signing. Possible values are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis> and <emphasis>disabled</emphasis>. </para> diff --git a/docs-xml/smbdotconf/security/smbencrypt.xml b/docs-xml/smbdotconf/security/smbencrypt.xml index eb91ce51fa..d556166953 100644 --- a/docs-xml/smbdotconf/security/smbencrypt.xml +++ b/docs-xml/smbdotconf/security/smbencrypt.xml @@ -16,8 +16,7 @@ and MacOS/X clients. Windows clients do not support this feature. </para> - <para>This controls whether the server offers or requires - the client it talks to to use SMB encryption. Possible values + <para>This controls whether the remote client is allowed or required to use SMB encryption. Possible values are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis> and <emphasis>disabled</emphasis>. This may be set on a per-share basis, but clients may chose to encrypt the entire session, not diff --git a/docs-xml/smbdotconf/security/updateencrypted.xml b/docs-xml/smbdotconf/security/updateencrypted.xml index da493665cf..eb54ed9bab 100644 --- a/docs-xml/smbdotconf/security/updateencrypted.xml +++ b/docs-xml/smbdotconf/security/updateencrypted.xml @@ -9,7 +9,7 @@ This boolean parameter allows a user logging on with a plaintext password to have their encrypted (hashed) password in the smbpasswd file to be updated automatically as they log on. This option allows a site to migrate from plaintext password authentication (users authenticate with plaintext password over the - wire, and are checked against a UNIX account atabase) to encrypted password authentication (the SMB + wire, and are checked against a UNIX account database) to encrypted password authentication (the SMB challenge/response authentication mechanism) without forcing all users to re-enter their passwords via smbpasswd at the time the change is made. This is a convenience option to allow the change over to encrypted passwords to be made over a longer period. Once all users have encrypted representations of their passwords @@ -24,7 +24,7 @@ </para> <para> - Note that even when this parameter is set a user authenticating to <command moreinfo="none">smbd</command> + Note that even when this parameter is set, a user authenticating to <command moreinfo="none">smbd</command> must still enter a valid password in order to connect correctly, and to update their hashed (smbpasswd) passwords. </para> |