diff options
Diffstat (limited to 'docs/htmldocs/smbpasswd.5.html')
| -rw-r--r-- | docs/htmldocs/smbpasswd.5.html | 87 |
1 files changed, 23 insertions, 64 deletions
diff --git a/docs/htmldocs/smbpasswd.5.html b/docs/htmldocs/smbpasswd.5.html index 04fab30ed6..1f862b6611 100644 --- a/docs/htmldocs/smbpasswd.5.html +++ b/docs/htmldocs/smbpasswd.5.html @@ -1,11 +1,10 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <HTML ><HEAD ><TITLE >smbpasswd</TITLE ><META NAME="GENERATOR" -CONTENT="Modular DocBook HTML Stylesheet Version 1.77"></HEAD +CONTENT="Modular DocBook HTML Stylesheet Version 1.57"></HEAD ><BODY CLASS="REFENTRY" BGCOLOR="#FFFFFF" @@ -16,8 +15,8 @@ ALINK="#0000FF" ><H1 ><A NAME="SMBPASSWD" -></A ->smbpasswd</H1 +>smbpasswd</A +></H1 ><DIV CLASS="REFNAMEDIV" ><A @@ -119,29 +118,17 @@ CLASS="CONSTANT" > and the user will not be able to log onto the Samba server. </P ><P -><SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->WARNING !!</I -></SPAN +><EM +>WARNING !!</EM > Note that, due to the challenge-response nature of the SMB/CIFS authentication protocol, anyone with a knowledge of this password hash will be able to impersonate the user on the network. For this - reason these hashes are known as <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" + reason these hashes are known as <EM >plain text - equivalents</I -></SPAN -> and must <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->NOT</I -></SPAN + equivalents</EM +> and must <EM +>NOT</EM > be made available to anyone but the root user. To protect these passwords the smbpasswd file is placed in a directory with read and @@ -166,29 +153,17 @@ CLASS="EMPHASIS" password this entry will be identical (i.e. the password is not "salted" as the UNIX password is). </P ><P -><SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->WARNING !!</I -></SPAN +><EM +>WARNING !!</EM >. Note that, due to the challenge-response nature of the SMB/CIFS authentication protocol, anyone with a knowledge of this password hash will be able to impersonate the user on the network. For this - reason these hashes are known as <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" + reason these hashes are known as <EM >plain text - equivalents</I -></SPAN -> and must <SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->NOT</I -></SPAN + equivalents</EM +> and must <EM +>NOT</EM > be made available to anyone but the root user. To protect these passwords the smbpasswd file is placed in a directory with read and @@ -211,12 +186,8 @@ CLASS="EMPHASIS" ><UL ><LI ><P -><SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->U</I -></SPAN +><EM +>U</EM > - This means this is a "User" account, i.e. an ordinary user. Only User and Workstation Trust accounts are currently supported @@ -224,12 +195,8 @@ CLASS="EMPHASIS" ></LI ><LI ><P -><SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->N</I -></SPAN +><EM +>N</EM > - This means the account has no password (the passwords in the fields LANMAN Password Hash and NT Password Hash are ignored). Note that this @@ -250,24 +217,16 @@ CLASS="FILENAME" ></LI ><LI ><P -><SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->D</I -></SPAN +><EM +>D</EM > - This means the account is disabled and no SMB/CIFS logins will be allowed for this user. </P ></LI ><LI ><P -><SPAN -CLASS="emphasis" -><I -CLASS="EMPHASIS" ->W</I -></SPAN +><EM +>W</EM > - This means this account is a "Workstation Trust" account. This kind of account is used in the Samba PDC code stream to allow Windows NT Workstations |