summaryrefslogtreecommitdiff
path: root/docs/docbook
diff options
context:
space:
mode:
Diffstat (limited to 'docs/docbook')
-rw-r--r--docs/docbook/projdoc/ServerType.xml9
-rw-r--r--docs/docbook/projdoc/StandAloneServer.xml19
2 files changed, 10 insertions, 18 deletions
diff --git a/docs/docbook/projdoc/ServerType.xml b/docs/docbook/projdoc/ServerType.xml
index 8b567ca16f..73c7d05212 100644
--- a/docs/docbook/projdoc/ServerType.xml
+++ b/docs/docbook/projdoc/ServerType.xml
@@ -432,15 +432,6 @@ be determined from a domain name. In essence a samba server that is in
workgroup mode.
</para></note>
-<note><para>
-<emphasis>Server level</emphasis> security is incompatible with the newer security features
-in recent MS Windows networking protocols. In particular it is incompatible with NTLMv2.
-Server Mode security also breaks Sign and Seal interoperability because only a domain member
-can sign packets in the manner in which it is currently implemented in Samba-3.
-If you chose to use Server Mode security this means it is necessary to disable Sign and Seal
-on all workstations.
-</para></note>
-
<sect3>
<title>Example Configuration</title>
<para><emphasis>
diff --git a/docs/docbook/projdoc/StandAloneServer.xml b/docs/docbook/projdoc/StandAloneServer.xml
index 1246ff0f3a..4646755b50 100644
--- a/docs/docbook/projdoc/StandAloneServer.xml
+++ b/docs/docbook/projdoc/StandAloneServer.xml
@@ -5,7 +5,7 @@
<title>Stand-Alone Servers</title>
<para>
-Stand-Alone servers are independant of an Domain Controllers on the network.
+Stand-Alone servers are independant of Domain Controllers on the network.
They are NOT domain members and function more like workgroup servers. In many
cases a stand-alone server is configured with a minimum of security control
with the intent that all data served will be readilly accessible to all users.
@@ -42,11 +42,11 @@ a great solution.
<title>Background</title>
<para>
-The term <emphasis>stand alone server</emphasis> means that the server
+The term <emphasis>stand-alone server</emphasis> means that the server
will provide local authentication and access control for all resources
that are available from it. In general this means that there will be a
local user database. In more technical terms, it means that resources
-on the machine will either be made available in either SHARE mode or in
+on the machine will be made available in either SHARE mode or in
USER mode.
</para>
@@ -70,11 +70,11 @@ the samba server is NOT a member of a domain security context.
<para>
Through the use of PAM (Pluggable Authentication Modules) and nsswitch
(the name service switcher) the source of authentication may reside on
-another server. We would be inclined to call this the authentication server.
-This means that the samba server may use the local Unix/Linux system
-password database (/etc/passwd or /etc/shadow), may use a local smbpasswd
-file, or may use an LDAP back end, or even via PAM and Winbind another CIFS/SMB
-server for authentication.
+another server. We call this the authentication server. This means that
+the samba server may use the local Unix/Linux system password database
+(/etc/passwd or /etc/shadow), may use a local smbpasswd file, or may use
+an LDAP back end, or even via PAM and Winbind another CIFS/SMB server
+for authentication.
</para>
</sect1>
@@ -121,7 +121,8 @@ Put one here!
<title>Common Errors</title>
<para>
-Put stuff here.
+The greatest mistake so often made is to make a network configuration too complex.
+It pays to use the simplest solution that will meet the needs of the moment.
</para>
</sect1>