diff options
Diffstat (limited to 'docs/smbdotconf/security')
-rw-r--r-- | docs/smbdotconf/security/minpasswordlength.xml | 17 | ||||
-rw-r--r-- | docs/smbdotconf/security/usernamemap.xml | 7 | ||||
-rw-r--r-- | docs/smbdotconf/security/usernamemapscript.xml | 19 |
3 files changed, 26 insertions, 17 deletions
diff --git a/docs/smbdotconf/security/minpasswordlength.xml b/docs/smbdotconf/security/minpasswordlength.xml deleted file mode 100644 index 3009ffb3ea..0000000000 --- a/docs/smbdotconf/security/minpasswordlength.xml +++ /dev/null @@ -1,17 +0,0 @@ -<samba:parameter name="min password length" - context="G" - type="integer" - advanced="1" developer="1" - xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> -<synonym>min passwd length</synonym> -<description> - <para>This option sets the minimum length in characters of a - plaintext password that <command moreinfo="none">smbd</command> will - accept when performing UNIX password changing.</para> -</description> - -<related>unix password sync</related> -<related>passwd program</related> -<related>passwd char debug</related> -<value type="default">5</value> -</samba:parameter> diff --git a/docs/smbdotconf/security/usernamemap.xml b/docs/smbdotconf/security/usernamemap.xml index ef4291733e..7b939f6956 100644 --- a/docs/smbdotconf/security/usernamemap.xml +++ b/docs/smbdotconf/security/usernamemap.xml @@ -10,6 +10,13 @@ that users use on DOS or Windows machines to those that the UNIX box uses. The other is to map multiple users to a single username so that they can more easily share files.</para> + + <para>Please note that for user or share mode security, the + username map is applied prior to validating the user credentials. + Domain member servers (domain or ads) apply the username map + after the user has been successfully authenticated by the domain + controller and require fully qualified enties in the map table + (e.g. biddle = DOMAIN\foo).</para> <para>The map file is parsed line by line. Each line should contain a single UNIX username on the left then a '=' followed diff --git a/docs/smbdotconf/security/usernamemapscript.xml b/docs/smbdotconf/security/usernamemapscript.xml new file mode 100644 index 0000000000..6df134c257 --- /dev/null +++ b/docs/smbdotconf/security/usernamemapscript.xml @@ -0,0 +1,19 @@ +<samba:parameter name="username map script" + context="G" + type="string" + advanced="1" developer="1" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This script is a mutually exclusive alternative to the + <smbconfoption name="username map"/> parameter. This parameter + specifies and external program or script that must accept a single + command line option (the username transmitted in the authentication + request) and return a line line on standard output (the name to which + the account should mapped). In this way, it is possible to store + username map tables in an LDAP or NIS directory services. + </para> +</description> + +<value type="default"/> +<value type="example">/etc/samba/scripts/mapusers.sh</value> +</samba:parameter> |