diff options
Diffstat (limited to 'docs/docbook/smbdotconf/ldap')
-rw-r--r-- | docs/docbook/smbdotconf/ldap/ldapadmindn.xml | 29 | ||||
-rw-r--r-- | docs/docbook/smbdotconf/ldap/ldapdeletedn.xml | 21 | ||||
-rw-r--r-- | docs/docbook/smbdotconf/ldap/ldapfilter.xml | 24 | ||||
-rw-r--r-- | docs/docbook/smbdotconf/ldap/ldapmachinesuffix.xml | 19 | ||||
-rw-r--r-- | docs/docbook/smbdotconf/ldap/ldappasswdsync.xml | 50 | ||||
-rw-r--r-- | docs/docbook/smbdotconf/ldap/ldapport.xml | 33 | ||||
-rw-r--r-- | docs/docbook/smbdotconf/ldap/ldapserver.xml | 26 | ||||
-rw-r--r-- | docs/docbook/smbdotconf/ldap/ldapssl.xml | 61 | ||||
-rw-r--r-- | docs/docbook/smbdotconf/ldap/ldapsuffix.xml | 20 | ||||
-rw-r--r-- | docs/docbook/smbdotconf/ldap/ldaptrustids.xml | 39 | ||||
-rw-r--r-- | docs/docbook/smbdotconf/ldap/ldapusersuffix.xml | 20 |
11 files changed, 190 insertions, 152 deletions
diff --git a/docs/docbook/smbdotconf/ldap/ldapadmindn.xml b/docs/docbook/smbdotconf/ldap/ldapadmindn.xml index f92e8ce310..301c88df7b 100644 --- a/docs/docbook/smbdotconf/ldap/ldapadmindn.xml +++ b/docs/docbook/smbdotconf/ldap/ldapadmindn.xml @@ -1,13 +1,16 @@ -<samba:parameter xmlns:samba="http://samba.org/common"> - <term><anchor id="LDAPADMINDN"/>ldap admin dn (G)</term> - <listitem><para> The <parameter moreinfo="none">ldap admin dn</parameter> defines the Distinguished - Name (DN) name used by Samba to contact the ldap server when retreiving - user account information. The <parameter moreinfo="none">ldap - admin dn</parameter> is used in conjunction with the admin dn password - stored in the <filename moreinfo="none">private/secrets.tdb</filename> file. See the - <citerefentry><refentrytitle>smbpasswd</refentrytitle> - <manvolnum>8</manvolnum></citerefentry> man page for more information on how - to accmplish this. - </para> - </listitem> - </samba:parameter> +<samba:parameter name="ldap admin dn" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para> The <parameter moreinfo="none">ldap admin dn</parameter> + defines the Distinguished Name (DN) name used by Samba to + contact the ldap server when retreiving user account + information. The <parameter moreinfo="none">ldap admin + dn</parameter> is used in conjunction with the admin dn password + stored in the <filename moreinfo="none">private/secrets.tdb</filename> file. + See the <citerefentry><refentrytitle>smbpasswd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> man page for more + information on how to accmplish this.</para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/ldap/ldapdeletedn.xml b/docs/docbook/smbdotconf/ldap/ldapdeletedn.xml index f4a820c16d..89a75e02fd 100644 --- a/docs/docbook/smbdotconf/ldap/ldapdeletedn.xml +++ b/docs/docbook/smbdotconf/ldap/ldapdeletedn.xml @@ -1,10 +1,13 @@ -<samba:parameter xmlns:samba="http://samba.org/common"> - <term><anchor id="LDAPDELETEDN"/>ldap delete dn (G)</term> - <listitem><para> This parameter specifies whether a delete - operation in the ldapsam deletes the complete entry or only the attributes - specific to Samba. - </para> +<samba:parameter name="ldap delete dn" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para> This parameter specifies whether a delete + operation in the ldapsam deletes the complete entry or only the attributes + specific to Samba. + </para> - <para>Default : <emphasis>ldap delete dn = no</emphasis></para> - </listitem> - </samba:parameter> + <para>Default: <emphasis>ldap delete dn = no</emphasis></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/ldap/ldapfilter.xml b/docs/docbook/smbdotconf/ldap/ldapfilter.xml index 6ddf8db30f..1d0ab33d89 100644 --- a/docs/docbook/smbdotconf/ldap/ldapfilter.xml +++ b/docs/docbook/smbdotconf/ldap/ldapfilter.xml @@ -1,12 +1,14 @@ -<samba:parameter xmlns:samba="http://samba.org/common"> - <term><anchor id="LDAPFILTER"/>ldap filter (G)</term> - <listitem><para>This parameter specifies the RFC 2254 compliant LDAP search filter. - The default is to match the login name with the <constant>uid</constant> - attribute for all entries matching the <constant>sambaAccount</constant> - objectclass. Note that this filter should only return one entry. - </para> +<samba:parameter name="ldap filter" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>This parameter specifies the RFC 2254 compliant LDAP search filter. + The default is to match the login name with the <constant>uid</constant> + attribute for all entries matching the <constant>sambaAccount</constant> + objectclass. Note that this filter should only return one entry. + </para> - - <para>Default : <command moreinfo="none">ldap filter = (&(uid=%u)(objectclass=sambaAccount))</command></para> - </listitem> - </samba:parameter> + <para>Default: <command moreinfo="none">ldap filter = (&(uid=%u)(objectclass=sambaAccount))</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/ldap/ldapmachinesuffix.xml b/docs/docbook/smbdotconf/ldap/ldapmachinesuffix.xml index e02bf9acfc..0ef6a04abf 100644 --- a/docs/docbook/smbdotconf/ldap/ldapmachinesuffix.xml +++ b/docs/docbook/smbdotconf/ldap/ldapmachinesuffix.xml @@ -1,11 +1,10 @@ -<samba:parameter xmlns:samba="http://samba.org/common"> - <term><anchor id="LDAPMACHINESUFFIX"/>ldap machine suffix (G)</term> - <listitem><para>It specifies where machines should be - added to the ldap tree. - </para> - +<samba:parameter name="ldap machine suffix" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>It specifies where machines should be added to the ldap tree.</para> - - <para>Default : <emphasis>none</emphasis></para> - </listitem> - </samba:parameter> + <para>Default: <emphasis>none</emphasis></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/ldap/ldappasswdsync.xml b/docs/docbook/smbdotconf/ldap/ldappasswdsync.xml index ce9449374d..8015b2fb2d 100644 --- a/docs/docbook/smbdotconf/ldap/ldappasswdsync.xml +++ b/docs/docbook/smbdotconf/ldap/ldappasswdsync.xml @@ -1,23 +1,35 @@ -<samba:parameter xmlns:samba="http://samba.org/common"> - <term><anchor id="LDAPPASSWDSYNC"/>ldap passwd sync (G)</term> - <listitem><para>This option is used to define whether - or not Samba should sync the LDAP password with the NT - and LM hashes for normal accounts (NOT for - workstation, server or domain trusts) on a password - change via SAMBA. - </para> +<samba:parameter name="ldap passwd sync" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>This option is used to define whether + or not Samba should sync the LDAP password with the NT + and LM hashes for normal accounts (NOT for + workstation, server or domain trusts) on a password + change via SAMBA. + </para> - <para> - The <parameter moreinfo="none">ldap passwd sync</parameter> can be set to one of three values: - </para> - <itemizedlist> - <listitem><para><parameter moreinfo="none">Yes</parameter> = Try to update the LDAP, NT and LM passwords and update the pwdLastSet time.</para></listitem> + <para>The <parameter moreinfo="none">ldap passwd + sync</parameter> can be set to one of three values: </para> + + <itemizedlist> + <listitem> + <para><parameter moreinfo="none">Yes</parameter> = Try + to update the LDAP, NT and LM passwords and update the pwdLastSet time.</para> + </listitem> - <listitem><para><parameter moreinfo="none">No</parameter> = Update NT and LM passwords and update the pwdLastSet time.</para></listitem> + <listitem> + <para><parameter moreinfo="none">No</parameter> = Update NT and + LM passwords and update the pwdLastSet time.</para> + </listitem> - <listitem><para><parameter moreinfo="none">Only</parameter> = Only update the LDAP password and let the LDAP server do the rest.</para></listitem> - </itemizedlist> - - <para>Default : <command moreinfo="none">ldap passwd sync = no</command></para> + <listitem> + <para><parameter moreinfo="none">Only</parameter> = Only update + the LDAP password and let the LDAP server do the rest.</para> </listitem> - </samba:parameter> + </itemizedlist> + + <para>Default: <command moreinfo="none">ldap passwd sync = no</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/ldap/ldapport.xml b/docs/docbook/smbdotconf/ldap/ldapport.xml index 97c256d423..c00c525db0 100644 --- a/docs/docbook/smbdotconf/ldap/ldapport.xml +++ b/docs/docbook/smbdotconf/ldap/ldapport.xml @@ -1,20 +1,19 @@ -<samba:parameter xmlns:samba="http://samba.org/common"> - <term><anchor id="LDAPPORT"/>ldap port (G)</term> - <listitem><para>This parameter is only available if Samba has been - configure to include the <command moreinfo="none">--with-ldapsam</command> option - at compile time. - </para> +<samba:parameter name="ldap port" + context="G" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>This parameter is only available if Samba has been + configure to include the <command moreinfo="none">--with-ldapsam</command> option + at compile time.</para> - <para> - This option is used to control the tcp port number used to contact - the <link linkend="LDAPSERVER"><parameter moreinfo="none">ldap server</parameter></link>. - The default is to use the stand LDAPS port 636. - </para> + <para>This option is used to control the tcp port number used to contact + the <link linkend="LDAPSERVER"><parameter moreinfo="none">ldap server</parameter></link>. + The default is to use the stand LDAPS port 636.</para> - <para>See Also: <link linkend="LDAPSSL">ldap ssl</link> - </para> + <para>See Also: <link linkend="LDAPSSL">ldap ssl</link></para> - <para>Default : <command moreinfo="none">ldap port = 636 ; if ldap ssl = on</command></para> - <para>Default : <command moreinfo="none">ldap port = 389 ; if ldap ssl = off</command></para> - </listitem> - </samba:parameter> + <para>Default : <command moreinfo="none">ldap port = 636 ; if ldap ssl = on</command></para> + + <para>Default : <command moreinfo="none">ldap port = 389 ; if ldap ssl = off</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/ldap/ldapserver.xml b/docs/docbook/smbdotconf/ldap/ldapserver.xml index 33d5652ac9..e7a4c670ab 100644 --- a/docs/docbook/smbdotconf/ldap/ldapserver.xml +++ b/docs/docbook/smbdotconf/ldap/ldapserver.xml @@ -1,15 +1,15 @@ -<samba:parameter xmlns:samba="http://samba.org/common"> - <term><anchor id="LDAPSERVER"/>ldap server (G)</term> - <listitem><para>This parameter is only available if Samba has been - configure to include the <command moreinfo="none">--with-ldapsam</command> option - at compile time. - </para> +<samba:parameter name="ldap server" + context="G" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>This parameter is only available if Samba has been + configure to include the <command moreinfo="none">--with-ldapsam</command> + option at compile time.</para> - <para> - This parameter should contain the FQDN of the ldap directory - server which should be queried to locate user account information. - </para> + <para>This parameter should contain the FQDN of the ldap directory + server which should be queried to locate user account information. + </para> - <para>Default : <command moreinfo="none">ldap server = localhost</command></para> - </listitem> - </samba:parameter> + <para>Default : <command moreinfo="none">ldap server = localhost</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/ldap/ldapssl.xml b/docs/docbook/smbdotconf/ldap/ldapssl.xml index d747d8f7df..13bafdf3a7 100644 --- a/docs/docbook/smbdotconf/ldap/ldapssl.xml +++ b/docs/docbook/smbdotconf/ldap/ldapssl.xml @@ -1,30 +1,39 @@ -<samba:parameter xmlns:samba="http://samba.org/common"> - <term><anchor id="LDAPSSL"/>ldap ssl (G)</term> - <listitem><para>This option is used to define whether or not Samba should - use SSL when connecting to the ldap server - This is <emphasis>NOT</emphasis> related to - Samba's previous SSL support which was enabled by specifying the - <command moreinfo="none">--with-ssl</command> option to the <filename moreinfo="none">configure</filename> - script. - </para> +<samba:parameter name="ldap ssl" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>This option is used to define whether or not Samba should + use SSL when connecting to the ldap server + This is <emphasis>NOT</emphasis> related to + Samba's previous SSL support which was enabled by specifying the + <command moreinfo="none">--with-ssl</command> option to the <filename moreinfo="none">configure</filename> + script.</para> - <para> - The <parameter moreinfo="none">ldap ssl</parameter> can be set to one of three values: - </para> - <itemizedlist> - <listitem><para><parameter moreinfo="none">Off</parameter> = Never use SSL when querying the directory.</para></listitem> + <para>The <parameter moreinfo="none">ldap ssl</parameter> can be set to one of three values:</para> + <itemizedlist> + <listitem> + <para><parameter moreinfo="none">Off</parameter> = Never + use SSL when querying the directory.</para> + </listitem> - <listitem><para><parameter moreinfo="none">Start_tls</parameter> = Use the LDAPv3 StartTLS extended operation - (RFC2830) for communicating with the directory server.</para></listitem> + <listitem> + <para><parameter moreinfo="none">Start_tls</parameter> = Use + the LDAPv3 StartTLS extended operation (RFC2830) for + communicating with the directory server.</para> + </listitem> - <listitem><para><parameter moreinfo="none">On</parameter> = - Use SSL on the ldaps port when contacting the - <parameter moreinfo="none">ldap server</parameter>. Only - available when the backwards-compatiblity <command moreinfo="none"> - --with-ldapsam</command> option is specified - to configure. See <link linkend="PASSDBBACKEND"><parameter moreinfo="none">passdb backend</parameter></link></para></listitem> - </itemizedlist> - - <para>Default : <command moreinfo="none">ldap ssl = start_tls</command></para> + <listitem> + <para><parameter moreinfo="none">On</parameter> = Use SSL + on the ldaps port when contacting the <parameter + moreinfo="none">ldap server</parameter>. Only available when the + backwards-compatiblity <command + moreinfo="none">--with-ldapsam</command> option is specified + to configure. See <link linkend="PASSDBBACKEND"><parameter + moreinfo="none">passdb backend</parameter></link></para> </listitem> - </samba:parameter> + </itemizedlist> + + <para>Default : <command moreinfo="none">ldap ssl = start_tls</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/ldap/ldapsuffix.xml b/docs/docbook/smbdotconf/ldap/ldapsuffix.xml index dae15f8104..609f171096 100644 --- a/docs/docbook/smbdotconf/ldap/ldapsuffix.xml +++ b/docs/docbook/smbdotconf/ldap/ldapsuffix.xml @@ -1,8 +1,14 @@ -<samba:parameter xmlns:samba="http://samba.org/common"> - <term><anchor id="LDAPSUFFIX"/>ldap suffix (G)</term> - <listitem> - <para>Specifies where user and machine accounts are added to the tree. Can be overriden by <command moreinfo="none">ldap user suffix</command> and <command moreinfo="none">ldap machine suffix</command>. It also used as the base dn for all ldap searches. </para> +<samba:parameter name="ldap suffix" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>Specifies where user and machine accounts are added to the + tree. Can be overriden by <command moreinfo="none">ldap user + suffix</command> and <command moreinfo="none">ldap machine + suffix</command>. It also used as the base dn for all ldap + searches. </para> - <para>Default : <emphasis>none</emphasis></para> - </listitem> - </samba:parameter> + <para>Default: <emphasis>none</emphasis></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/ldap/ldaptrustids.xml b/docs/docbook/smbdotconf/ldap/ldaptrustids.xml index 8fe4a1400b..36bbcb2fb4 100644 --- a/docs/docbook/smbdotconf/ldap/ldaptrustids.xml +++ b/docs/docbook/smbdotconf/ldap/ldaptrustids.xml @@ -1,18 +1,23 @@ -<samba:parameter xmlns:samba="http://samba.org/common"> - <term><anchor id="LDAPTRUSTIDS"/>ldap trust ids (G)</term> - <listitem><para>Normally, Samba validates each entry - in the LDAP server against getpwnam(). This allows - LDAP to be used for Samba with the unix system using - NIS (for example) and also ensures that Samba does not - present accounts that do not otherwise exist. </para> - <para>This option is used to disable this functionality, and - instead to rely on the presence of the appropriate - attributes in LDAP directly, which can result in a - significant performance boost in some situations. - Setting this option to yes effectivly assumes - that the local machine is running <command moreinfo="none">nss_ldap</command> against the - same LDAP server.</para> +<samba:parameter name="ldap trust ids" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> - <para>Default: <command moreinfo="none">ldap trust ids = No</command></para> - </listitem> - </samba:parameter> + <para>Normally, Samba validates each entry in the LDAP server + against getpwnam(). This allows LDAP to be used for Samba with + the unix system using NIS (for example) and also ensures that + Samba does not present accounts that do not otherwise exist. + </para> + + <para>This option is used to disable this functionality, and + instead to rely on the presence of the appropriate attributes + in LDAP directly, which can result in a significant performance + boost in some situations. Setting this option to yes effectivly + assumes that the local machine is running <command + moreinfo="none">nss_ldap</command> against the same LDAP + server.</para> + + <para>Default: <command moreinfo="none">ldap trust ids = No</command></para> +</listitem> +</samba:parameter> diff --git a/docs/docbook/smbdotconf/ldap/ldapusersuffix.xml b/docs/docbook/smbdotconf/ldap/ldapusersuffix.xml index e4fb681e23..731fba3420 100644 --- a/docs/docbook/smbdotconf/ldap/ldapusersuffix.xml +++ b/docs/docbook/smbdotconf/ldap/ldapusersuffix.xml @@ -1,10 +1,10 @@ -<samba:parameter xmlns:samba="http://samba.org/common"> - <term><anchor id="LDAPUSERSUFFIX"/>ldap user suffix (G)</term> - <listitem><para>It specifies where users are added to the tree. - </para> - - - - <para>Default : <emphasis>none</emphasis></para> - </listitem> - </samba:parameter> +<samba:parameter name="ldap user suffix" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>It specifies where users are added to the tree.</para> + + <para>Default: <emphasis>none</emphasis></para> +</listitem> +</samba:parameter> |