diff options
Diffstat (limited to 'docs/docbook/smbdotconf/security/maptoguest.xml')
| -rw-r--r-- | docs/docbook/smbdotconf/security/maptoguest.xml | 99 |
1 files changed, 54 insertions, 45 deletions
diff --git a/docs/docbook/smbdotconf/security/maptoguest.xml b/docs/docbook/smbdotconf/security/maptoguest.xml index 966260a9b1..4f66319928 100644 --- a/docs/docbook/smbdotconf/security/maptoguest.xml +++ b/docs/docbook/smbdotconf/security/maptoguest.xml @@ -1,53 +1,62 @@ -<samba:parameter xmlns:samba="http://samba.org/common"> - <term><anchor id="MAPTOGUEST"/>map to guest (G)</term> - <listitem><para>This parameter is only useful in <link linkend="SECURITY"> - security</link> modes other than <parameter moreinfo="none">security = share</parameter> - - i.e. <constant>user</constant>, <constant>server</constant>, - and <constant>domain</constant>.</para> +<samba:parameter name="map to guest" + context="G" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<listitem> + <para>This parameter is only useful in <link linkend="SECURITY"> + security</link> modes other than <parameter moreinfo="none">security = share</parameter> + - i.e. <constant>user</constant>, <constant>server</constant>, + and <constant>domain</constant>.</para> - <para>This parameter can take three different values, which tell - <citerefentry><refentrytitle>smbd</refentrytitle> - <manvolnum>8</manvolnum></citerefentry> what to do with user - login requests that don't match a valid UNIX user in some way.</para> + <para>This parameter can take three different values, which tell + <citerefentry><refentrytitle>smbd</refentrytitle> + <manvolnum>8</manvolnum></citerefentry> what to do with user + login requests that don't match a valid UNIX user in some way.</para> - <para>The three settings are :</para> + <para>The three settings are :</para> - <itemizedlist> - <listitem><para><constant>Never</constant> - Means user login - requests with an invalid password are rejected. This is the - default.</para></listitem> + <itemizedlist> + <listitem> + <para><constant>Never</constant> - Means user login + requests with an invalid password are rejected. This is the + default.</para> + </listitem> - <listitem><para><constant>Bad User</constant> - Means user - logins with an invalid password are rejected, unless the username - does not exist, in which case it is treated as a guest login and - mapped into the <link linkend="GUESTACCOUNT"><parameter moreinfo="none"> - guest account</parameter></link>.</para></listitem> + <listitem> + <para><constant>Bad User</constant> - Means user + logins with an invalid password are rejected, unless the username + does not exist, in which case it is treated as a guest login and + mapped into the <link linkend="GUESTACCOUNT"><parameter moreinfo="none"> + guest account</parameter></link>.</para> + </listitem> - <listitem><para><constant>Bad Password</constant> - Means user logins - with an invalid password are treated as a guest login and mapped - into the <link linkend="GUESTACCOUNT">guest account</link>. Note that - this can cause problems as it means that any user incorrectly typing - their password will be silently logged on as "guest" - and - will not know the reason they cannot access files they think - they should - there will have been no message given to them - that they got their password wrong. Helpdesk services will - <emphasis>hate</emphasis> you if you set the <parameter moreinfo="none">map to - guest</parameter> parameter this way :-).</para></listitem> - </itemizedlist> + <listitem> + <para><constant>Bad Password</constant> - Means user logins + with an invalid password are treated as a guest login and mapped + into the <link linkend="GUESTACCOUNT">guest account</link>. Note that + this can cause problems as it means that any user incorrectly typing + their password will be silently logged on as "guest" - and + will not know the reason they cannot access files they think + they should - there will have been no message given to them + that they got their password wrong. Helpdesk services will + <emphasis>hate</emphasis> you if you set the <parameter moreinfo="none">map to + guest</parameter> parameter this way :-).</para> + </listitem> + </itemizedlist> - <para>Note that this parameter is needed to set up "Guest" - share services when using <parameter moreinfo="none">security</parameter> modes other than - share. This is because in these modes the name of the resource being - requested is <emphasis>not</emphasis> sent to the server until after - the server has successfully authenticated the client so the server - cannot make authentication decisions at the correct time (connection - to the share) for "Guest" shares.</para> + <para>Note that this parameter is needed to set up "Guest" + share services when using <parameter moreinfo="none">security</parameter> modes other than + share. This is because in these modes the name of the resource being + requested is <emphasis>not</emphasis> sent to the server until after + the server has successfully authenticated the client so the server + cannot make authentication decisions at the correct time (connection + to the share) for "Guest" shares.</para> - <para>For people familiar with the older Samba releases, this - parameter maps to the old compile-time setting of the <constant> - GUEST_SESSSETUP</constant> value in local.h.</para> + <para>For people familiar with the older Samba releases, this + parameter maps to the old compile-time setting of the <constant> + GUEST_SESSSETUP</constant> value in local.h.</para> - <para>Default: <command moreinfo="none">map to guest = Never</command></para> - <para>Example: <command moreinfo="none">map to guest = Bad User</command></para> - </listitem> - </samba:parameter> + <para>Default: <command moreinfo="none">map to guest = Never</command></para> + <para>Example: <command moreinfo="none">map to guest = Bad User</command></para> +</listitem> +</samba:parameter> |