summaryrefslogtreecommitdiff
path: root/docs/smbdotconf/security/authmethods.xml
diff options
context:
space:
mode:
Diffstat (limited to 'docs/smbdotconf/security/authmethods.xml')
-rw-r--r--docs/smbdotconf/security/authmethods.xml29
1 files changed, 29 insertions, 0 deletions
diff --git a/docs/smbdotconf/security/authmethods.xml b/docs/smbdotconf/security/authmethods.xml
new file mode 100644
index 0000000000..d518f9516d
--- /dev/null
+++ b/docs/smbdotconf/security/authmethods.xml
@@ -0,0 +1,29 @@
+<samba:parameter name="auth methods"
+ context="G"
+ type="list"
+ basic="1" advanced="1" wizard="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<description>
+ <para>This option allows the administrator to chose what
+ authentication methods <command moreinfo="none">smbd</command> will use when authenticating
+ a user. This option defaults to sensible values based on <link linkend="SECURITY">
+ <parameter moreinfo="none">security</parameter></link>. This should be considered
+ a developer option and used only in rare circumstances. In the majority (if not all)
+ of production servers, the default setting should be adequate.</para>
+
+ <para>Each entry in the list attempts to authenticate the user in turn, until
+ the user authenticates. In practice only one method will ever actually
+ be able to complete the authentication.
+ </para>
+
+ <para>Possible options include <constant>guest</constant> (anonymous access),
+ <constant>sam</constant> (lookups in local list of accounts based on netbios
+ name or domain name), <constant>winbind</constant> (relay authentication requests
+ for remote users through winbindd), <constant>ntdomain</constant> (pre-winbindd
+ method of authentication for remote domain users; deprecated in favour of winbind method),
+ <constant>trustdomain</constant> (authenticate trusted users by contacting the
+ remote DC directly from smbd; deprecated in favour of winbind method).</para>
+</description>
+<value type="default"/>
+<value type="example">guest sam winbind</value>
+</samba:parameter>