summaryrefslogtreecommitdiff
path: root/docs/docbook/smbdotconf/security/passwordlevel.xml
diff options
context:
space:
mode:
Diffstat (limited to 'docs/docbook/smbdotconf/security/passwordlevel.xml')
-rw-r--r--docs/docbook/smbdotconf/security/passwordlevel.xml40
1 files changed, 40 insertions, 0 deletions
diff --git a/docs/docbook/smbdotconf/security/passwordlevel.xml b/docs/docbook/smbdotconf/security/passwordlevel.xml
new file mode 100644
index 0000000000..408082f838
--- /dev/null
+++ b/docs/docbook/smbdotconf/security/passwordlevel.xml
@@ -0,0 +1,40 @@
+<samba:parameter xmlns:samba="http://samba.org/common">
+ <term><anchor id="PASSWORDLEVEL"/>password level (G)</term>
+ <listitem><para>Some client/server combinations have difficulty
+ with mixed-case passwords. One offending client is Windows for
+ Workgroups, which for some reason forces passwords to upper
+ case when using the LANMAN1 protocol, but leaves them alone when
+ using COREPLUS! Another problem child is the Windows 95/98
+ family of operating systems. These clients upper case clear
+ text passwords even when NT LM 0.12 selected by the protocol
+ negotiation request/response.</para>
+
+ <para>This parameter defines the maximum number of characters
+ that may be upper case in passwords.</para>
+
+ <para>For example, say the password given was &quot;FRED&quot;. If <parameter moreinfo="none">
+ password level</parameter> is set to 1, the following combinations
+ would be tried if &quot;FRED&quot; failed:</para>
+
+ <para>&quot;Fred&quot;, &quot;fred&quot;, &quot;fRed&quot;, &quot;frEd&quot;,&quot;freD&quot;</para>
+
+ <para>If <parameter moreinfo="none">password level</parameter> was set to 2,
+ the following combinations would also be tried: </para>
+
+ <para>&quot;FRed&quot;, &quot;FrEd&quot;, &quot;FreD&quot;, &quot;fREd&quot;, &quot;fReD&quot;, &quot;frED&quot;, ..</para>
+
+ <para>And so on.</para>
+
+ <para>The higher value this parameter is set to the more likely
+ it is that a mixed case password will be matched against a single
+ case password. However, you should be aware that use of this
+ parameter reduces security and increases the time taken to
+ process a new connection.</para>
+
+ <para>A value of zero will cause only two attempts to be
+ made - the password as is and the password in all-lower case.</para>
+
+ <para>Default: <command moreinfo="none">password level = 0</command></para>
+ <para>Example: <command moreinfo="none">password level = 4</command></para>
+ </listitem>
+ </samba:parameter>