diff options
Diffstat (limited to 'docs/smbdotconf/security/obeypamrestrictions.xml')
| -rw-r--r-- | docs/smbdotconf/security/obeypamrestrictions.xml | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/docs/smbdotconf/security/obeypamrestrictions.xml b/docs/smbdotconf/security/obeypamrestrictions.xml new file mode 100644 index 0000000000..2643d3f099 --- /dev/null +++ b/docs/smbdotconf/security/obeypamrestrictions.xml @@ -0,0 +1,20 @@ +<samba:parameter name="obey pam restrictions" + context="G" + type="boolean" + advanced="1" developer="1" + xmlns:samba="http://samba.org/common"> +<description> + <para>When Samba 3.0 is configured to enable PAM support + (i.e. --with-pam), this parameter will control whether or not Samba + should obey PAM's account and session management directives. The + default behavior is to use PAM for clear text authentication only + and to ignore any account or session management. Note that Samba + always ignores PAM for authentication in the case of <link linkend="ENCRYPTPASSWORDS"> + <parameter moreinfo="none">encrypt passwords = yes</parameter></link>. The reason + is that PAM modules cannot support the challenge/response + authentication mechanism needed in the presence of SMB password encryption. +</para> +</description> + +<value type="default">no</value> +</samba:parameter> |