summaryrefslogtreecommitdiff
path: root/docs/docbook/smbdotconf/security/obeypamrestrictions.xml
diff options
context:
space:
mode:
Diffstat (limited to 'docs/docbook/smbdotconf/security/obeypamrestrictions.xml')
-rw-r--r--docs/docbook/smbdotconf/security/obeypamrestrictions.xml19
1 files changed, 19 insertions, 0 deletions
diff --git a/docs/docbook/smbdotconf/security/obeypamrestrictions.xml b/docs/docbook/smbdotconf/security/obeypamrestrictions.xml
new file mode 100644
index 0000000000..42d6b5cc43
--- /dev/null
+++ b/docs/docbook/smbdotconf/security/obeypamrestrictions.xml
@@ -0,0 +1,19 @@
+<samba:parameter name="obey pam restrictions"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>When Samba 3.0 is configured to enable PAM support
+ (i.e. --with-pam), this parameter will control whether or not Samba
+ should obey PAM's account and session management directives. The
+ default behavior is to use PAM for clear text authentication only
+ and to ignore any account or session management. Note that Samba
+ always ignores PAM for authentication in the case of <link linkend="ENCRYPTPASSWORDS">
+ <parameter moreinfo="none">encrypt passwords = yes</parameter></link>. The reason
+ is that PAM modules cannot support the challenge/response
+ authentication mechanism needed in the presence of SMB password encryption.
+ </para>
+
+ <para>Default: <command moreinfo="none">obey pam restrictions = no</command></para>
+</listitem>
+</samba:parameter>
generated by cgit (git 2.34.1) at 2024-08-10 05:56:41 +0000