summaryrefslogtreecommitdiff
path: root/docs/docbook/smbdotconf/security/updateencrypted.xml
diff options
context:
space:
mode:
Diffstat (limited to 'docs/docbook/smbdotconf/security/updateencrypted.xml')
-rw-r--r--docs/docbook/smbdotconf/security/updateencrypted.xml55
1 files changed, 30 insertions, 25 deletions
diff --git a/docs/docbook/smbdotconf/security/updateencrypted.xml b/docs/docbook/smbdotconf/security/updateencrypted.xml
index 45c66e0de2..76b37948d7 100644
--- a/docs/docbook/smbdotconf/security/updateencrypted.xml
+++ b/docs/docbook/smbdotconf/security/updateencrypted.xml
@@ -1,28 +1,33 @@
-<samba:parameter xmlns:samba="http://samba.org/common">
- <term><anchor id="UPDATEENCRYPTED"/>update encrypted (G)</term>
- <listitem><para>This boolean parameter allows a user logging
- on with a plaintext password to have their encrypted (hashed)
- password in the smbpasswd file to be updated automatically as
- they log on. This option allows a site to migrate from plaintext
- password authentication (users authenticate with plaintext
- password over the wire, and are checked against a UNIX account
- database) to encrypted password authentication (the SMB
- challenge/response authentication mechanism) without forcing
- all users to re-enter their passwords via smbpasswd at the time the
- change is made. This is a convenience option to allow the change over
- to encrypted passwords to be made over a longer period. Once all users
- have encrypted representations of their passwords in the smbpasswd
- file this parameter should be set to <constant>no</constant>.</para>
+<samba:parameter name="update encrypted"
+ context="G"
+ basic="1" advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
- <para>In order for this parameter to work correctly the <link linkend="ENCRYPTPASSWORDS"><parameter moreinfo="none">encrypt passwords</parameter>
- </link> parameter must be set to <constant>no</constant> when
- this parameter is set to <constant>yes</constant>.</para>
+ <para>This boolean parameter allows a user logging on with
+ a plaintext password to have their encrypted (hashed) password in
+ the smbpasswd file to be updated automatically as they log
+ on. This option allows a site to migrate from plaintext
+ password authentication (users authenticate with plaintext
+ password over the wire, and are checked against a UNIX account
+ database) to encrypted password authentication (the SMB
+ challenge/response authentication mechanism) without forcing all
+ users to re-enter their passwords via smbpasswd at the time the
+ change is made. This is a convenience option to allow the change
+ over to encrypted passwords to be made over a longer period.
+ Once all users have encrypted representations of their passwords
+ in the smbpasswd file this parameter should be set to
+ <constant>no</constant>.</para>
- <para>Note that even when this parameter is set a user
- authenticating to <command moreinfo="none">smbd</command> must still enter a valid
- password in order to connect correctly, and to update their hashed
- (smbpasswd) passwords.</para>
+ <para>In order for this parameter to work correctly the <link linkend="ENCRYPTPASSWORDS">
+ <parameter moreinfo="none">encrypt passwords</parameter></link> parameter must
+ be set to <constant>no</constant> when this parameter is set to <constant>yes</constant>.</para>
- <para>Default: <command moreinfo="none">update encrypted = no</command></para>
- </listitem>
- </samba:parameter>
+ <para>Note that even when this parameter is set a user
+ authenticating to <command moreinfo="none">smbd</command> must still enter a valid
+ password in order to connect correctly, and to update their hashed
+ (smbpasswd) passwords.</para>
+
+ <para>Default: <command moreinfo="none">update encrypted = no</command></para>
+</listitem>
+</samba:parameter>