summaryrefslogtreecommitdiff
path: root/docs/docbook/smbdotconf/ldap
diff options
context:
space:
mode:
Diffstat (limited to 'docs/docbook/smbdotconf/ldap')
-rw-r--r--docs/docbook/smbdotconf/ldap/ldapadmindn.xml29
-rw-r--r--docs/docbook/smbdotconf/ldap/ldapdeletedn.xml21
-rw-r--r--docs/docbook/smbdotconf/ldap/ldapfilter.xml24
-rw-r--r--docs/docbook/smbdotconf/ldap/ldapmachinesuffix.xml19
-rw-r--r--docs/docbook/smbdotconf/ldap/ldappasswdsync.xml50
-rw-r--r--docs/docbook/smbdotconf/ldap/ldapport.xml33
-rw-r--r--docs/docbook/smbdotconf/ldap/ldapserver.xml26
-rw-r--r--docs/docbook/smbdotconf/ldap/ldapssl.xml61
-rw-r--r--docs/docbook/smbdotconf/ldap/ldapsuffix.xml20
-rw-r--r--docs/docbook/smbdotconf/ldap/ldaptrustids.xml39
-rw-r--r--docs/docbook/smbdotconf/ldap/ldapusersuffix.xml20
11 files changed, 190 insertions, 152 deletions
diff --git a/docs/docbook/smbdotconf/ldap/ldapadmindn.xml b/docs/docbook/smbdotconf/ldap/ldapadmindn.xml
index f92e8ce310..301c88df7b 100644
--- a/docs/docbook/smbdotconf/ldap/ldapadmindn.xml
+++ b/docs/docbook/smbdotconf/ldap/ldapadmindn.xml
@@ -1,13 +1,16 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="LDAPADMINDN"/>ldap admin dn (G)</term>
- <listitem><para> The <parameter moreinfo="none">ldap admin dn</parameter> defines the Distinguished
- Name (DN) name used by Samba to contact the ldap server when retreiving
- user account information. The <parameter moreinfo="none">ldap
- admin dn</parameter> is used in conjunction with the admin dn password
- stored in the <filename moreinfo="none">private/secrets.tdb</filename> file. See the
- <citerefentry><refentrytitle>smbpasswd</refentrytitle>
- <manvolnum>8</manvolnum></citerefentry> man page for more information on how
- to accmplish this.
- </para>
- </listitem>
- </samba:parameter>
+<samba:parameter name="ldap admin dn"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para> The <parameter moreinfo="none">ldap admin dn</parameter>
+ defines the Distinguished Name (DN) name used by Samba to
+ contact the ldap server when retreiving user account
+ information. The <parameter moreinfo="none">ldap admin
+ dn</parameter> is used in conjunction with the admin dn password
+ stored in the <filename moreinfo="none">private/secrets.tdb</filename> file.
+ See the <citerefentry><refentrytitle>smbpasswd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> man page for more
+ information on how to accmplish this.</para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/ldap/ldapdeletedn.xml b/docs/docbook/smbdotconf/ldap/ldapdeletedn.xml
index f4a820c16d..89a75e02fd 100644
--- a/docs/docbook/smbdotconf/ldap/ldapdeletedn.xml
+++ b/docs/docbook/smbdotconf/ldap/ldapdeletedn.xml
@@ -1,10 +1,13 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="LDAPDELETEDN"/>ldap delete dn (G)</term>
- <listitem><para> This parameter specifies whether a delete
- operation in the ldapsam deletes the complete entry or only the attributes
- specific to Samba.
- </para>
+<samba:parameter name="ldap delete dn"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para> This parameter specifies whether a delete
+ operation in the ldapsam deletes the complete entry or only the attributes
+ specific to Samba.
+ </para>
- <para>Default : <emphasis>ldap delete dn = no</emphasis></para>
- </listitem>
- </samba:parameter>
+ <para>Default: <emphasis>ldap delete dn = no</emphasis></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/ldap/ldapfilter.xml b/docs/docbook/smbdotconf/ldap/ldapfilter.xml
index 6ddf8db30f..1d0ab33d89 100644
--- a/docs/docbook/smbdotconf/ldap/ldapfilter.xml
+++ b/docs/docbook/smbdotconf/ldap/ldapfilter.xml
@@ -1,12 +1,14 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="LDAPFILTER"/>ldap filter (G)</term>
- <listitem><para>This parameter specifies the RFC 2254 compliant LDAP search filter.
- The default is to match the login name with the <constant>uid</constant>
- attribute for all entries matching the <constant>sambaAccount</constant>
- objectclass. Note that this filter should only return one entry.
- </para>
+<samba:parameter name="ldap filter"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter specifies the RFC 2254 compliant LDAP search filter.
+ The default is to match the login name with the <constant>uid</constant>
+ attribute for all entries matching the <constant>sambaAccount</constant>
+ objectclass. Note that this filter should only return one entry.
+ </para>
-
- <para>Default : <command moreinfo="none">ldap filter = (&amp;(uid=%u)(objectclass=sambaAccount))</command></para>
- </listitem>
- </samba:parameter>
+ <para>Default: <command moreinfo="none">ldap filter = (&amp;(uid=%u)(objectclass=sambaAccount))</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/ldap/ldapmachinesuffix.xml b/docs/docbook/smbdotconf/ldap/ldapmachinesuffix.xml
index e02bf9acfc..0ef6a04abf 100644
--- a/docs/docbook/smbdotconf/ldap/ldapmachinesuffix.xml
+++ b/docs/docbook/smbdotconf/ldap/ldapmachinesuffix.xml
@@ -1,11 +1,10 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="LDAPMACHINESUFFIX"/>ldap machine suffix (G)</term>
- <listitem><para>It specifies where machines should be
- added to the ldap tree.
- </para>
-
+<samba:parameter name="ldap machine suffix"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>It specifies where machines should be added to the ldap tree.</para>
-
- <para>Default : <emphasis>none</emphasis></para>
- </listitem>
- </samba:parameter>
+ <para>Default: <emphasis>none</emphasis></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/ldap/ldappasswdsync.xml b/docs/docbook/smbdotconf/ldap/ldappasswdsync.xml
index ce9449374d..8015b2fb2d 100644
--- a/docs/docbook/smbdotconf/ldap/ldappasswdsync.xml
+++ b/docs/docbook/smbdotconf/ldap/ldappasswdsync.xml
@@ -1,23 +1,35 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="LDAPPASSWDSYNC"/>ldap passwd sync (G)</term>
- <listitem><para>This option is used to define whether
- or not Samba should sync the LDAP password with the NT
- and LM hashes for normal accounts (NOT for
- workstation, server or domain trusts) on a password
- change via SAMBA.
- </para>
+<samba:parameter name="ldap passwd sync"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This option is used to define whether
+ or not Samba should sync the LDAP password with the NT
+ and LM hashes for normal accounts (NOT for
+ workstation, server or domain trusts) on a password
+ change via SAMBA.
+ </para>
- <para>
- The <parameter moreinfo="none">ldap passwd sync</parameter> can be set to one of three values:
- </para>
- <itemizedlist>
- <listitem><para><parameter moreinfo="none">Yes</parameter> = Try to update the LDAP, NT and LM passwords and update the pwdLastSet time.</para></listitem>
+ <para>The <parameter moreinfo="none">ldap passwd
+ sync</parameter> can be set to one of three values: </para>
+
+ <itemizedlist>
+ <listitem>
+ <para><parameter moreinfo="none">Yes</parameter> = Try
+ to update the LDAP, NT and LM passwords and update the pwdLastSet time.</para>
+ </listitem>
- <listitem><para><parameter moreinfo="none">No</parameter> = Update NT and LM passwords and update the pwdLastSet time.</para></listitem>
+ <listitem>
+ <para><parameter moreinfo="none">No</parameter> = Update NT and
+ LM passwords and update the pwdLastSet time.</para>
+ </listitem>
- <listitem><para><parameter moreinfo="none">Only</parameter> = Only update the LDAP password and let the LDAP server do the rest.</para></listitem>
- </itemizedlist>
-
- <para>Default : <command moreinfo="none">ldap passwd sync = no</command></para>
+ <listitem>
+ <para><parameter moreinfo="none">Only</parameter> = Only update
+ the LDAP password and let the LDAP server do the rest.</para>
</listitem>
- </samba:parameter>
+ </itemizedlist>
+
+ <para>Default: <command moreinfo="none">ldap passwd sync = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/ldap/ldapport.xml b/docs/docbook/smbdotconf/ldap/ldapport.xml
index 97c256d423..c00c525db0 100644
--- a/docs/docbook/smbdotconf/ldap/ldapport.xml
+++ b/docs/docbook/smbdotconf/ldap/ldapport.xml
@@ -1,20 +1,19 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="LDAPPORT"/>ldap port (G)</term>
- <listitem><para>This parameter is only available if Samba has been
- configure to include the <command moreinfo="none">--with-ldapsam</command> option
- at compile time.
- </para>
+<samba:parameter name="ldap port"
+ context="G"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter is only available if Samba has been
+ configure to include the <command moreinfo="none">--with-ldapsam</command> option
+ at compile time.</para>
- <para>
- This option is used to control the tcp port number used to contact
- the <link linkend="LDAPSERVER"><parameter moreinfo="none">ldap server</parameter></link>.
- The default is to use the stand LDAPS port 636.
- </para>
+ <para>This option is used to control the tcp port number used to contact
+ the <link linkend="LDAPSERVER"><parameter moreinfo="none">ldap server</parameter></link>.
+ The default is to use the stand LDAPS port 636.</para>
- <para>See Also: <link linkend="LDAPSSL">ldap ssl</link>
- </para>
+ <para>See Also: <link linkend="LDAPSSL">ldap ssl</link></para>
- <para>Default : <command moreinfo="none">ldap port = 636 ; if ldap ssl = on</command></para>
- <para>Default : <command moreinfo="none">ldap port = 389 ; if ldap ssl = off</command></para>
- </listitem>
- </samba:parameter>
+ <para>Default : <command moreinfo="none">ldap port = 636 ; if ldap ssl = on</command></para>
+
+ <para>Default : <command moreinfo="none">ldap port = 389 ; if ldap ssl = off</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/ldap/ldapserver.xml b/docs/docbook/smbdotconf/ldap/ldapserver.xml
index 33d5652ac9..e7a4c670ab 100644
--- a/docs/docbook/smbdotconf/ldap/ldapserver.xml
+++ b/docs/docbook/smbdotconf/ldap/ldapserver.xml
@@ -1,15 +1,15 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="LDAPSERVER"/>ldap server (G)</term>
- <listitem><para>This parameter is only available if Samba has been
- configure to include the <command moreinfo="none">--with-ldapsam</command> option
- at compile time.
- </para>
+<samba:parameter name="ldap server"
+ context="G"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter is only available if Samba has been
+ configure to include the <command moreinfo="none">--with-ldapsam</command>
+ option at compile time.</para>
- <para>
- This parameter should contain the FQDN of the ldap directory
- server which should be queried to locate user account information.
- </para>
+ <para>This parameter should contain the FQDN of the ldap directory
+ server which should be queried to locate user account information.
+ </para>
- <para>Default : <command moreinfo="none">ldap server = localhost</command></para>
- </listitem>
- </samba:parameter>
+ <para>Default : <command moreinfo="none">ldap server = localhost</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/ldap/ldapssl.xml b/docs/docbook/smbdotconf/ldap/ldapssl.xml
index d747d8f7df..13bafdf3a7 100644
--- a/docs/docbook/smbdotconf/ldap/ldapssl.xml
+++ b/docs/docbook/smbdotconf/ldap/ldapssl.xml
@@ -1,30 +1,39 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="LDAPSSL"/>ldap ssl (G)</term>
- <listitem><para>This option is used to define whether or not Samba should
- use SSL when connecting to the ldap server
- This is <emphasis>NOT</emphasis> related to
- Samba's previous SSL support which was enabled by specifying the
- <command moreinfo="none">--with-ssl</command> option to the <filename moreinfo="none">configure</filename>
- script.
- </para>
+<samba:parameter name="ldap ssl"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This option is used to define whether or not Samba should
+ use SSL when connecting to the ldap server
+ This is <emphasis>NOT</emphasis> related to
+ Samba's previous SSL support which was enabled by specifying the
+ <command moreinfo="none">--with-ssl</command> option to the <filename moreinfo="none">configure</filename>
+ script.</para>
- <para>
- The <parameter moreinfo="none">ldap ssl</parameter> can be set to one of three values:
- </para>
- <itemizedlist>
- <listitem><para><parameter moreinfo="none">Off</parameter> = Never use SSL when querying the directory.</para></listitem>
+ <para>The <parameter moreinfo="none">ldap ssl</parameter> can be set to one of three values:</para>
+ <itemizedlist>
+ <listitem>
+ <para><parameter moreinfo="none">Off</parameter> = Never
+ use SSL when querying the directory.</para>
+ </listitem>
- <listitem><para><parameter moreinfo="none">Start_tls</parameter> = Use the LDAPv3 StartTLS extended operation
- (RFC2830) for communicating with the directory server.</para></listitem>
+ <listitem>
+ <para><parameter moreinfo="none">Start_tls</parameter> = Use
+ the LDAPv3 StartTLS extended operation (RFC2830) for
+ communicating with the directory server.</para>
+ </listitem>
- <listitem><para><parameter moreinfo="none">On</parameter> =
- Use SSL on the ldaps port when contacting the
- <parameter moreinfo="none">ldap server</parameter>. Only
- available when the backwards-compatiblity <command moreinfo="none">
- --with-ldapsam</command> option is specified
- to configure. See <link linkend="PASSDBBACKEND"><parameter moreinfo="none">passdb backend</parameter></link></para></listitem>
- </itemizedlist>
-
- <para>Default : <command moreinfo="none">ldap ssl = start_tls</command></para>
+ <listitem>
+ <para><parameter moreinfo="none">On</parameter> = Use SSL
+ on the ldaps port when contacting the <parameter
+ moreinfo="none">ldap server</parameter>. Only available when the
+ backwards-compatiblity <command
+ moreinfo="none">--with-ldapsam</command> option is specified
+ to configure. See <link linkend="PASSDBBACKEND"><parameter
+ moreinfo="none">passdb backend</parameter></link></para>
</listitem>
- </samba:parameter>
+ </itemizedlist>
+
+ <para>Default : <command moreinfo="none">ldap ssl = start_tls</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/ldap/ldapsuffix.xml b/docs/docbook/smbdotconf/ldap/ldapsuffix.xml
index dae15f8104..609f171096 100644
--- a/docs/docbook/smbdotconf/ldap/ldapsuffix.xml
+++ b/docs/docbook/smbdotconf/ldap/ldapsuffix.xml
@@ -1,8 +1,14 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="LDAPSUFFIX"/>ldap suffix (G)</term>
- <listitem>
- <para>Specifies where user and machine accounts are added to the tree. Can be overriden by <command moreinfo="none">ldap user suffix</command> and <command moreinfo="none">ldap machine suffix</command>. It also used as the base dn for all ldap searches. </para>
+<samba:parameter name="ldap suffix"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>Specifies where user and machine accounts are added to the
+ tree. Can be overriden by <command moreinfo="none">ldap user
+ suffix</command> and <command moreinfo="none">ldap machine
+ suffix</command>. It also used as the base dn for all ldap
+ searches. </para>
- <para>Default : <emphasis>none</emphasis></para>
- </listitem>
- </samba:parameter>
+ <para>Default: <emphasis>none</emphasis></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/ldap/ldaptrustids.xml b/docs/docbook/smbdotconf/ldap/ldaptrustids.xml
index 8fe4a1400b..36bbcb2fb4 100644
--- a/docs/docbook/smbdotconf/ldap/ldaptrustids.xml
+++ b/docs/docbook/smbdotconf/ldap/ldaptrustids.xml
@@ -1,18 +1,23 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="LDAPTRUSTIDS"/>ldap trust ids (G)</term>
- <listitem><para>Normally, Samba validates each entry
- in the LDAP server against getpwnam(). This allows
- LDAP to be used for Samba with the unix system using
- NIS (for example) and also ensures that Samba does not
- present accounts that do not otherwise exist. </para>
- <para>This option is used to disable this functionality, and
- instead to rely on the presence of the appropriate
- attributes in LDAP directly, which can result in a
- significant performance boost in some situations.
- Setting this option to yes effectivly assumes
- that the local machine is running <command moreinfo="none">nss_ldap</command> against the
- same LDAP server.</para>
+<samba:parameter name="ldap trust ids"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
- <para>Default: <command moreinfo="none">ldap trust ids = No</command></para>
- </listitem>
- </samba:parameter>
+ <para>Normally, Samba validates each entry in the LDAP server
+ against getpwnam(). This allows LDAP to be used for Samba with
+ the unix system using NIS (for example) and also ensures that
+ Samba does not present accounts that do not otherwise exist.
+ </para>
+
+ <para>This option is used to disable this functionality, and
+ instead to rely on the presence of the appropriate attributes
+ in LDAP directly, which can result in a significant performance
+ boost in some situations. Setting this option to yes effectivly
+ assumes that the local machine is running <command
+ moreinfo="none">nss_ldap</command> against the same LDAP
+ server.</para>
+
+ <para>Default: <command moreinfo="none">ldap trust ids = No</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/ldap/ldapusersuffix.xml b/docs/docbook/smbdotconf/ldap/ldapusersuffix.xml
index e4fb681e23..731fba3420 100644
--- a/docs/docbook/smbdotconf/ldap/ldapusersuffix.xml
+++ b/docs/docbook/smbdotconf/ldap/ldapusersuffix.xml
@@ -1,10 +1,10 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="LDAPUSERSUFFIX"/>ldap user suffix (G)</term>
- <listitem><para>It specifies where users are added to the tree.
- </para>
-
-
-
- <para>Default : <emphasis>none</emphasis></para>
- </listitem>
- </samba:parameter>
+<samba:parameter name="ldap user suffix"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>It specifies where users are added to the tree.</para>
+
+ <para>Default: <emphasis>none</emphasis></para>
+</listitem>
+</samba:parameter>