summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/docbook/smbdotconf/filename/vetofiles.xml49
-rw-r--r--docs/docbook/smbdotconf/generate-context.xsl55
-rw-r--r--docs/docbook/smbdotconf/misc/addsharecommand.xml63
-rw-r--r--docs/docbook/smbdotconf/misc/autoservices.xml9
-rw-r--r--docs/docbook/smbdotconf/misc/available.xml13
-rw-r--r--docs/docbook/smbdotconf/misc/changesharecommand.xml62
-rw-r--r--docs/docbook/smbdotconf/misc/configfile.xml24
-rw-r--r--docs/docbook/smbdotconf/misc/copy.xml20
-rw-r--r--docs/docbook/smbdotconf/misc/default.xml9
-rw-r--r--docs/docbook/smbdotconf/misc/defaultservice.xml38
-rw-r--r--docs/docbook/smbdotconf/misc/deletereadonly.xml14
-rw-r--r--docs/docbook/smbdotconf/misc/deletesharecommand.xml51
-rw-r--r--docs/docbook/smbdotconf/misc/dfreecommand.xml52
-rw-r--r--docs/docbook/smbdotconf/misc/dontdescend.xml21
-rw-r--r--docs/docbook/smbdotconf/misc/dosfilemode.xml18
-rw-r--r--docs/docbook/smbdotconf/misc/dosfiletimeresolution.xml25
-rw-r--r--docs/docbook/smbdotconf/misc/dosfiletimes.xml17
-rw-r--r--docs/docbook/smbdotconf/misc/exec.xml9
-rw-r--r--docs/docbook/smbdotconf/misc/fakedirectorycreatetimes.xml33
-rw-r--r--docs/docbook/smbdotconf/misc/followsymlinks.xml21
-rw-r--r--docs/docbook/smbdotconf/misc/fstype.xml18
-rw-r--r--docs/docbook/smbdotconf/misc/hidelocalusers.xml11
-rw-r--r--docs/docbook/smbdotconf/misc/homedirmap.xml32
-rw-r--r--docs/docbook/smbdotconf/misc/include.xml18
-rw-r--r--docs/docbook/smbdotconf/misc/lockdir.xml9
-rw-r--r--docs/docbook/smbdotconf/misc/lockdirectory.xml15
-rw-r--r--docs/docbook/smbdotconf/misc/magicoutput.xml18
-rw-r--r--docs/docbook/smbdotconf/misc/magicscript.xml31
-rw-r--r--docs/docbook/smbdotconf/misc/messagecommand.xml73
-rw-r--r--docs/docbook/smbdotconf/misc/nishomedir.xml33
-rw-r--r--docs/docbook/smbdotconf/misc/panicaction.xml16
-rw-r--r--docs/docbook/smbdotconf/misc/piddirectory.xml13
-rw-r--r--docs/docbook/smbdotconf/misc/postexec.xml22
-rw-r--r--docs/docbook/smbdotconf/misc/preexec.xml25
-rw-r--r--docs/docbook/smbdotconf/misc/preexecclose.xml12
-rw-r--r--docs/docbook/smbdotconf/misc/preload.xml19
-rw-r--r--docs/docbook/smbdotconf/misc/remoteannounce.xml35
-rw-r--r--docs/docbook/smbdotconf/misc/remotebrowsesync.xml35
-rw-r--r--docs/docbook/smbdotconf/misc/rootpostexec.xml16
-rw-r--r--docs/docbook/smbdotconf/misc/rootpreexec.xml17
-rw-r--r--docs/docbook/smbdotconf/misc/rootpreexecclose.xml15
-rw-r--r--docs/docbook/smbdotconf/misc/setdirectory.xml15
-rw-r--r--docs/docbook/smbdotconf/misc/socketaddress.xml16
-rw-r--r--docs/docbook/smbdotconf/misc/sourceenvironment.xml27
-rw-r--r--docs/docbook/smbdotconf/misc/timeoffset.xml15
-rw-r--r--docs/docbook/smbdotconf/misc/utmp.xml24
-rw-r--r--docs/docbook/smbdotconf/misc/utmpdirectory.xml20
-rw-r--r--docs/docbook/smbdotconf/misc/volume.xml11
-rw-r--r--docs/docbook/smbdotconf/misc/widelinks.xml17
-rw-r--r--docs/docbook/smbdotconf/misc/wtmpdirectory.xml24
-rw-r--r--docs/docbook/smbdotconf/printing/lpqcachetime.xml29
-rw-r--r--docs/docbook/smbdotconf/printing/printcapname.xml52
-rw-r--r--docs/docbook/smbdotconf/printing/useclientdriver.xml40
-rw-r--r--docs/docbook/smbdotconf/security/createmask.xml45
-rw-r--r--docs/docbook/smbdotconf/security/minpasswordlength.xml17
-rw-r--r--docs/docbook/smbdotconf/security/preloadmodules.xml18
-rw-r--r--docs/docbook/smbdotconf/smb.conf.5.xml685
57 files changed, 2141 insertions, 0 deletions
diff --git a/docs/docbook/smbdotconf/filename/vetofiles.xml b/docs/docbook/smbdotconf/filename/vetofiles.xml
new file mode 100644
index 0000000000..567286580d
--- /dev/null
+++ b/docs/docbook/smbdotconf/filename/vetofiles.xml
@@ -0,0 +1,49 @@
+<samba:parameter name="veto files"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This is a list of files and directories that
+ are neither visible nor accessible. Each entry in the list must
+ be separated by a '/', which allows spaces to be included
+ in the entry. '*' and '?' can be used to specify multiple files
+ or directories as in DOS wildcards.</para>
+
+ <para>Each entry must be a unix path, not a DOS path and
+ must <emphasis>not</emphasis> include the unix directory
+ separator '/'.</para>
+
+ <para>Note that the <parameter moreinfo="none">case sensitive</parameter> option
+ is applicable in vetoing files.</para>
+
+ <para>One feature of the veto files parameter that it
+ is important to be aware of is Samba's behaviour when
+ trying to delete a directory. If a directory that is
+ to be deleted contains nothing but veto files this
+ deletion will <emphasis>fail</emphasis> unless you also set
+ the <parameter moreinfo="none">delete veto files</parameter> parameter to
+ <parameter moreinfo="none">yes</parameter>.</para>
+
+ <para>Setting this parameter will affect the performance
+ of Samba, as it will be forced to check all files and directories
+ for a match as they are scanned.</para>
+
+ <para>See also <link linkend="HIDEFILES"><parameter moreinfo="none">hide files
+ </parameter></link> and <link linkend="CASESENSITIVE"><parameter moreinfo="none">
+ case sensitive</parameter></link>.</para>
+
+ <para>Default: <emphasis>No files or directories are vetoed.
+ </emphasis></para>
+
+ <para>Examples:
+<programlisting format="linespecific">
+; Veto any files containing the word Security,
+; any ending in .tmp, and any directory containing the
+; word root.
+veto files = /*Security*/*.tmp/*root*/
+
+; Veto the Apple specific files that a NetAtalk server
+; creates.
+veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
+</programlisting></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/generate-context.xsl b/docs/docbook/smbdotconf/generate-context.xsl
new file mode 100644
index 0000000000..13fb216700
--- /dev/null
+++ b/docs/docbook/smbdotconf/generate-context.xsl
@@ -0,0 +1,55 @@
+<?xml version='1.0'?>
+<!-- vim:set sts=2 shiftwidth=2 syntax=xml: -->
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+ xmlns:exsl="http://exslt.org/common"
+ xmlns:samba="http://samba.org/common"
+ version="1.1"
+ extension-element-prefixes="exsl">
+
+<xsl:output method="xml" omit-xml-declaration="yes"/>
+
+<xsl:param name="smb.context" select="'G'"/>
+
+<!-- This is needed to copy content unchanged -->
+<xsl:template match="@*|node()">
+ <xsl:copy>
+ <xsl:apply-templates select="@*|node()"/>
+ </xsl:copy>
+</xsl:template>
+
+<xsl:template match="variablelist">
+ <xsl:element name="itemizedlist">
+ <xsl:apply-templates/>
+ </xsl:element>
+</xsl:template>
+
+<xsl:template match="//samba:parameter">
+ <xsl:message>
+ <xsl:text>Processing samba:parameter (</xsl:text>
+ <xsl:value-of select="@name"/>
+ <xsl:text>)</xsl:text>
+ </xsl:message>
+
+ <xsl:variable name="name"><xsl:value-of select="translate(translate(string(@name),' ',''),
+ 'abcdefghijklmnopqrstuvwxyz','ABCDEFGHIJKLMNOPQRSTUVWXYZ')"/>
+ </xsl:variable>
+
+ <xsl:if test="contains(@context,$smb.context)">
+ <xsl:element name="listitem">
+ <xsl:element name="para">
+ <xsl:element name="link">
+ <xsl:attribute name="linkend">
+ <xsl:value-of select="$name"/>
+ </xsl:attribute>
+ <xsl:element name="parameter">
+ <xsl:attribute name="moreinfo"><xsl:text>none</xsl:text></xsl:attribute>
+ <xsl:value-of select="@name"/>
+ </xsl:element>
+ </xsl:element>
+ </xsl:element>
+ </xsl:element>
+ <xsl:text>&#10;</xsl:text>
+ </xsl:if>
+</xsl:template>
+
+</xsl:stylesheet>
diff --git a/docs/docbook/smbdotconf/misc/addsharecommand.xml b/docs/docbook/smbdotconf/misc/addsharecommand.xml
new file mode 100644
index 0000000000..bd5f2101db
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/addsharecommand.xml
@@ -0,0 +1,63 @@
+<samba:parameter name="add share command"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>Samba 2.2.0 introduced the ability to dynamically
+ add and delete shares via the Windows NT 4.0 Server Manager. The
+ <parameter moreinfo="none">add share command</parameter> is used to define an
+ external program or script which will add a new service definition
+ to <filename moreinfo="none">smb.conf</filename>. In order to successfully
+ execute the <parameter moreinfo="none">add share command</parameter>, <command moreinfo="none">smbd</command>
+ requires that the administrator be connected using a root account (i.e.
+ uid == 0).
+ </para>
+
+ <para>
+ When executed, <command moreinfo="none">smbd</command> will automatically invoke the
+ <parameter moreinfo="none">add share command</parameter> with four parameters.
+ </para>
+
+ <itemizedlist>
+ <listitem>
+ <para><parameter moreinfo="none">configFile</parameter> - the location
+ of the global <filename moreinfo="none">smb.conf</filename> file.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para><parameter moreinfo="none">shareName</parameter> - the name of the new
+ share.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para><parameter moreinfo="none">pathName</parameter> - path to an **existing**
+ directory on disk.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para><parameter moreinfo="none">comment</parameter> - comment string to associate
+ with the new share.
+ </para>
+ </listitem>
+ </itemizedlist>
+
+ <para>
+ This parameter is only used for add file shares. To add printer shares,
+ see the <link linkend="ADDPRINTERCOMMAND"><parameter moreinfo="none">addprinter
+ command</parameter></link>.
+ </para>
+
+ <para>
+ See also <link linkend="CHANGESHARECOMMAND"><parameter moreinfo="none">change share
+ command</parameter></link>, <link linkend="DELETESHARECOMMAND"><parameter moreinfo="none">delete share
+ command</parameter></link>.
+ </para>
+
+ <para>Default: <emphasis>none</emphasis></para>
+
+ <para>Example: <command moreinfo="none">add share command = /usr/local/bin/addshare</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/autoservices.xml b/docs/docbook/smbdotconf/misc/autoservices.xml
new file mode 100644
index 0000000000..d94997a6ce
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/autoservices.xml
@@ -0,0 +1,9 @@
+<samba:parameter name="auto services"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This is a synonym for the <link linkend="PRELOAD">
+ <parameter moreinfo="none">preload</parameter></link>.</para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/available.xml b/docs/docbook/smbdotconf/misc/available.xml
new file mode 100644
index 0000000000..20931b3063
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/available.xml
@@ -0,0 +1,13 @@
+<samba:parameter name="available"
+ context="S"
+ basic="1" advanced="1" print="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter lets you &quot;turn off&quot; a service. If
+ <parameter moreinfo="none">available = no</parameter>, then <emphasis>ALL</emphasis>
+ attempts to connect to the service will fail. Such failures are
+ logged.</para>
+
+ <para>Default: <command moreinfo="none">available = yes</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/changesharecommand.xml b/docs/docbook/smbdotconf/misc/changesharecommand.xml
new file mode 100644
index 0000000000..d0116594c0
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/changesharecommand.xml
@@ -0,0 +1,62 @@
+<samba:parameter name="change share command"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>Samba 2.2.0 introduced the ability to dynamically
+ add and delete shares via the Windows NT 4.0 Server Manager. The
+ <parameter moreinfo="none">change share command</parameter> is used to define an
+ external program or script which will modify an existing service definition
+ in <filename moreinfo="none">smb.conf</filename>. In order to successfully
+ execute the <parameter moreinfo="none">change share command</parameter>, <command moreinfo="none">smbd</command>
+ requires that the administrator be connected using a root account (i.e.
+ uid == 0).
+ </para>
+
+ <para>
+ When executed, <command moreinfo="none">smbd</command> will automatically invoke the
+ <parameter moreinfo="none">change share command</parameter> with four parameters.
+ </para>
+
+ <itemizedlist>
+ <listitem>
+ <para><parameter moreinfo="none">configFile</parameter> - the location
+ of the global <filename moreinfo="none">smb.conf</filename> file.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para><parameter moreinfo="none">shareName</parameter> - the name of the new
+ share.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para><parameter moreinfo="none">pathName</parameter> - path to an **existing**
+ directory on disk.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para><parameter moreinfo="none">comment</parameter> - comment string to associate
+ with the new share.
+ </para>
+ </listitem>
+ </itemizedlist>
+
+ <para>
+ This parameter is only used modify existing file shares definitions. To modify
+ printer shares, use the &quot;Printers...&quot; folder as seen when browsing the Samba host.
+ </para>
+
+ <para>
+ See also <link linkend="ADDSHARECOMMAND"><parameter moreinfo="none">add share
+ command</parameter></link>, <link linkend="DELETESHARECOMMAND"><parameter moreinfo="none">delete
+ share command</parameter></link>.
+ </para>
+
+ <para>Default: <emphasis>none</emphasis></para>
+
+ <para>Example: <command moreinfo="none">change share command = /usr/local/bin/addshare</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/configfile.xml b/docs/docbook/smbdotconf/misc/configfile.xml
new file mode 100644
index 0000000000..855b6460fe
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/configfile.xml
@@ -0,0 +1,24 @@
+<samba:parameter name="config file"
+ context="G"
+ hide="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This allows you to override the config file
+ to use, instead of the default (usually <filename moreinfo="none">smb.conf</filename>).
+ There is a chicken and egg problem here as this option is set
+ in the config file!</para>
+
+ <para>For this reason, if the name of the config file has changed
+ when the parameters are loaded then it will reload them from
+ the new config file.</para>
+
+ <para>This option takes the usual substitutions, which can
+ be very useful.</para>
+
+ <para>If the config file doesn't exist then it won't be loaded
+ (allowing you to special case the config files of just a few
+ clients).</para>
+
+ <para>Example: <command moreinfo="none">config file = /usr/local/samba/lib/smb.conf.%m</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/copy.xml b/docs/docbook/smbdotconf/misc/copy.xml
new file mode 100644
index 0000000000..c3152956b0
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/copy.xml
@@ -0,0 +1,20 @@
+<samba:parameter name="copy"
+ context="S"
+ hide="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter allows you to &quot;clone&quot; service
+ entries. The specified service is simply duplicated under the
+ current service's name. Any parameters specified in the current
+ section will override those in the section being copied.</para>
+
+ <para>This feature lets you set up a 'template' service and
+ create similar services easily. Note that the service being
+ copied must occur earlier in the configuration file than the
+ service doing the copying.</para>
+
+ <para>Default: <emphasis>no value</emphasis></para>
+
+ <para>Example: <command moreinfo="none">copy = otherservice</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/default.xml b/docs/docbook/smbdotconf/misc/default.xml
new file mode 100644
index 0000000000..fce58dc40b
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/default.xml
@@ -0,0 +1,9 @@
+<samba:parameter name="default"
+ context="G"
+ developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>A synonym for <link linkend="DEFAULTSERVICE"><parameter moreinfo="none">
+ default service</parameter></link>.</para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/defaultservice.xml b/docs/docbook/smbdotconf/misc/defaultservice.xml
new file mode 100644
index 0000000000..39e467b1d1
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/defaultservice.xml
@@ -0,0 +1,38 @@
+<samba:parameter name="default service"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter specifies the name of a service
+ which will be connected to if the service actually requested cannot
+ be found. Note that the square brackets are <emphasis>NOT</emphasis>
+ given in the parameter value (see example below).</para>
+
+ <para>There is no default value for this parameter. If this
+ parameter is not given, attempting to connect to a nonexistent
+ service results in an error.</para>
+
+ <para>Typically the default service would be a <link linkend="GUESTOK">
+ <parameter moreinfo="none">guest ok</parameter></link>, <link linkend="READONLY">
+ <parameter moreinfo="none">read-only</parameter></link> service.</para>
+
+ <para>Also note that the apparent service name will be changed
+ to equal that of the requested service, this is very useful as it
+ allows you to use macros like <parameter moreinfo="none">%S</parameter> to make
+ a wildcard service.</para>
+
+ <para>Note also that any &quot;_&quot; characters in the name of the service
+ used in the default service will get mapped to a &quot;/&quot;. This allows for
+ interesting things.</para>
+
+ <para>Example:</para>
+
+<para><programlisting format="linespecific">
+[global]
+ default service = pub
+
+[pub]
+ path = /%S
+</programlisting></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/deletereadonly.xml b/docs/docbook/smbdotconf/misc/deletereadonly.xml
new file mode 100644
index 0000000000..cfffceedcb
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/deletereadonly.xml
@@ -0,0 +1,14 @@
+<samba:parameter name="delete readonly"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter allows readonly files to be deleted.
+ This is not normal DOS semantics, but is allowed by UNIX.</para>
+
+ <para>This option may be useful for running applications such
+ as rcs, where UNIX file ownership prevents changing file
+ permissions, and DOS semantics prevent deletion of a read only file.</para>
+
+ <para>Default: <command moreinfo="none">delete readonly = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/deletesharecommand.xml b/docs/docbook/smbdotconf/misc/deletesharecommand.xml
new file mode 100644
index 0000000000..cf60b27752
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/deletesharecommand.xml
@@ -0,0 +1,51 @@
+<samba:parameter name="delete share command"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>Samba 2.2.0 introduced the ability to dynamically
+ add and delete shares via the Windows NT 4.0 Server Manager. The
+ <parameter moreinfo="none">delete share command</parameter> is used to define an
+ external program or script which will remove an existing service
+ definition from <filename moreinfo="none">smb.conf</filename>. In order to successfully
+ execute the <parameter moreinfo="none">delete share command</parameter>, <command moreinfo="none">smbd</command>
+ requires that the administrator be connected using a root account (i.e.
+ uid == 0).
+ </para>
+
+ <para>
+ When executed, <command moreinfo="none">smbd</command> will automatically invoke the
+ <parameter moreinfo="none">delete share command</parameter> with two parameters.
+ </para>
+
+ <itemizedlist>
+ <listitem>
+ <para><parameter moreinfo="none">configFile</parameter> - the location
+ of the global <filename moreinfo="none">smb.conf</filename> file.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para><parameter moreinfo="none">shareName</parameter> - the name of
+ the existing service.
+ </para>
+ </listitem>
+ </itemizedlist>
+
+ <para>
+ This parameter is only used to remove file shares. To delete printer shares,
+ see the <link linkend="DELETEPRINTERCOMMAND"><parameter moreinfo="none">deleteprinter
+ command</parameter></link>.
+ </para>
+
+ <para>
+ See also <link linkend="ADDSHARECOMMAND"><parameter moreinfo="none">add share
+ command</parameter></link>, <link linkend="CHANGESHARECOMMAND"><parameter moreinfo="none">change
+ share command</parameter></link>.
+ </para>
+
+ <para>Default: <emphasis>none</emphasis></para>
+
+ <para>Example: <command moreinfo="none">delete share command = /usr/local/bin/delshare</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/dfreecommand.xml b/docs/docbook/smbdotconf/misc/dfreecommand.xml
new file mode 100644
index 0000000000..1e839a5242
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/dfreecommand.xml
@@ -0,0 +1,52 @@
+<samba:parameter name="dfree command"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+
+ <para>The <parameter moreinfo="none">dfree command</parameter> setting
+ should only be used on systems where a problem occurs with the
+ internal disk space calculations. This has been known to happen
+ with Ultrix, but may occur with other operating systems. The
+ symptom that was seen was an error of &quot;Abort Retry
+ Ignore&quot; at the end of each directory listing.</para>
+
+ <para>This setting allows the replacement of the internal routines to
+ calculate the total disk space and amount available with an external
+ routine. The example below gives a possible script that might fulfill
+ this function.</para>
+
+ <para>The external program will be passed a single parameter indicating
+ a directory in the filesystem being queried. This will typically consist
+ of the string <filename moreinfo="none">./</filename>. The script should return two
+ integers in ASCII. The first should be the total disk space in blocks,
+ and the second should be the number of available blocks. An optional
+ third return value can give the block size in bytes. The default
+ blocksize is 1024 bytes.</para>
+
+ <para>Note: Your script should <emphasis>NOT</emphasis> be setuid or
+ setgid and should be owned by (and writeable only by) root!</para>
+
+ <para>Default: <emphasis>By default internal routines for
+ determining the disk capacity and remaining space will be used.
+ </emphasis></para>
+
+ <para>Example: <command moreinfo="none">dfree command = /usr/local/samba/bin/dfree</command></para>
+
+ <para>Where the script dfree (which must be made executable) could be:</para>
+
+<para><programlisting format="linespecific">
+#!/bin/sh
+df $1 | tail -1 | awk '{print $2&quot; &quot;$4}'
+</programlisting></para>
+
+ <para>or perhaps (on Sys V based systems):</para>
+
+<para><programlisting format="linespecific">
+#!/bin/sh
+/usr/bin/df -k $1 | tail -1 | awk '{print $3&quot; &quot;$5}'
+</programlisting></para>
+
+ <para>Note that you may have to replace the command names with full path names on some systems.</para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/dontdescend.xml b/docs/docbook/smbdotconf/misc/dontdescend.xml
new file mode 100644
index 0000000000..d3e9fb2d5c
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/dontdescend.xml
@@ -0,0 +1,21 @@
+<samba:parameter name="dont descend"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>There are certain directories on some systems
+ (e.g., the <filename moreinfo="none">/proc</filename> tree under Linux) that are either not
+ of interest to clients or are infinitely deep (recursive). This
+ parameter allows you to specify a comma-delimited list of directories
+ that the server should always show as empty.</para>
+
+ <para>Note that Samba can be very fussy about the exact format
+ of the &quot;dont descend&quot; entries. For example you may need <filename moreinfo="none">
+ ./proc</filename> instead of just <filename moreinfo="none">/proc</filename>.
+ Experimentation is the best policy :-) </para>
+
+ <para>Default: <emphasis>none (i.e., all directories are OK
+ to descend)</emphasis></para>
+
+ <para>Example: <command moreinfo="none">dont descend = /proc,/dev</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/dosfilemode.xml b/docs/docbook/smbdotconf/misc/dosfilemode.xml
new file mode 100644
index 0000000000..2628dc45b0
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/dosfilemode.xml
@@ -0,0 +1,18 @@
+<samba:parameter name="dos filemode"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para> The default behavior in Samba is to provide
+ UNIX-like behavior where only the owner of a file/directory is
+ able to change the permissions on it. However, this behavior
+ is often confusing to DOS/Windows users. Enabling this parameter
+ allows a user who has write access to the file (by whatever
+ means) to modify the permissions on it. Note that a user
+ belonging to the group owning the file will not be allowed to
+ change permissions if the group is only granted read access.
+ Ownership of the file/directory is not changed, only the permissions
+ are modified.</para>
+
+ <para>Default: <command moreinfo="none">dos filemode = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/dosfiletimeresolution.xml b/docs/docbook/smbdotconf/misc/dosfiletimeresolution.xml
new file mode 100644
index 0000000000..600294d442
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/dosfiletimeresolution.xml
@@ -0,0 +1,25 @@
+<samba:parameter name="dos filetime resolution"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>Under the DOS and Windows FAT filesystem, the finest
+ granularity on time resolution is two seconds. Setting this parameter
+ for a share causes Samba to round the reported time down to the
+ nearest two second boundary when a query call that requires one second
+ resolution is made to <citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry>.</para>
+
+ <para>This option is mainly used as a compatibility option for Visual
+ C++ when used against Samba shares. If oplocks are enabled on a
+ share, Visual C++ uses two different time reading calls to check if a
+ file has changed since it was last read. One of these calls uses a
+ one-second granularity, the other uses a two second granularity. As
+ the two second call rounds any odd second down, then if the file has a
+ timestamp of an odd number of seconds then the two timestamps will not
+ match and Visual C++ will keep reporting the file has changed. Setting
+ this option causes the two timestamps to match, and Visual C++ is
+ happy.</para>
+
+ <para>Default: <command moreinfo="none">dos filetime resolution = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/dosfiletimes.xml b/docs/docbook/smbdotconf/misc/dosfiletimes.xml
new file mode 100644
index 0000000000..a201d2d832
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/dosfiletimes.xml
@@ -0,0 +1,17 @@
+<samba:parameter name="dos filetimes"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>Under DOS and Windows, if a user can write to a
+ file they can change the timestamp on it. Under POSIX semantics,
+ only the owner of the file or root may change the timestamp. By
+ default, Samba runs with POSIX semantics and refuses to change the
+ timestamp on a file if the user <command moreinfo="none">smbd</command> is acting
+ on behalf of is not the file owner. Setting this option to <constant>
+ yes</constant> allows DOS semantics and <citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> will change the file
+ timestamp as DOS requires.</para>
+
+ <para>Default: <command moreinfo="none">dos filetimes = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/exec.xml b/docs/docbook/smbdotconf/misc/exec.xml
new file mode 100644
index 0000000000..0d44d81bff
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/exec.xml
@@ -0,0 +1,9 @@
+<samba:parameter name="exec"
+ context="S"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This is a synonym for <link linkend="PREEXEC">
+ <parameter moreinfo="none">preexec</parameter></link>.</para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/fakedirectorycreatetimes.xml b/docs/docbook/smbdotconf/misc/fakedirectorycreatetimes.xml
new file mode 100644
index 0000000000..f0a0d39230
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/fakedirectorycreatetimes.xml
@@ -0,0 +1,33 @@
+<samba:parameter name="fake directory create times"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>NTFS and Windows VFAT file systems keep a create
+ time for all files and directories. This is not the same as the
+ ctime - status change time - that Unix keeps, so Samba by default
+ reports the earliest of the various times Unix does keep. Setting
+ this parameter for a share causes Samba to always report midnight
+ 1-1-1980 as the create time for directories.</para>
+
+ <para>This option is mainly used as a compatibility option for
+ Visual C++ when used against Samba shares. Visual C++ generated
+ makefiles have the object directory as a dependency for each object
+ file, and a make rule to create the directory. Also, when NMAKE
+ compares timestamps it uses the creation time when examining a
+ directory. Thus the object directory will be created if it does not
+ exist, but once it does exist it will always have an earlier
+ timestamp than the object files it contains.</para>
+
+ <para>However, Unix time semantics mean that the create time
+ reported by Samba will be updated whenever a file is created or
+ or deleted in the directory. NMAKE finds all object files in
+ the object directory. The timestamp of the last one built is then
+ compared to the timestamp of the object directory. If the
+ directory's timestamp if newer, then all object files
+ will be rebuilt. Enabling this option
+ ensures directories always predate their contents and an NMAKE build
+ will proceed as expected.</para>
+
+ <para>Default: <command moreinfo="none">fake directory create times = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/followsymlinks.xml b/docs/docbook/smbdotconf/misc/followsymlinks.xml
new file mode 100644
index 0000000000..1b22eb9e64
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/followsymlinks.xml
@@ -0,0 +1,21 @@
+<samba:parameter name="follow symlinks"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter allows the Samba administrator
+ to stop <citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> from following symbolic
+ links in a particular share. Setting this
+ parameter to <constant>no</constant> prevents any file or directory
+ that is a symbolic link from being followed (the user will get an
+ error). This option is very useful to stop users from adding a
+ symbolic link to <filename moreinfo="none">/etc/passwd</filename> in their home
+ directory for instance. However it will slow filename lookups
+ down slightly.</para>
+
+ <para>This option is enabled (i.e. <command moreinfo="none">smbd</command> will
+ follow symbolic links) by default.</para>
+
+ <para>Default: <command moreinfo="none">follow symlinks = yes</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/fstype.xml b/docs/docbook/smbdotconf/misc/fstype.xml
new file mode 100644
index 0000000000..4b9c67b202
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/fstype.xml
@@ -0,0 +1,18 @@
+<samba:parameter name="fstype"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter allows the administrator to
+ configure the string that specifies the type of filesystem a share
+ is using that is reported by <citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> when a client queries the filesystem type
+ for a share. The default type is <constant>NTFS</constant> for
+ compatibility with Windows NT but this can be changed to other
+ strings such as <constant>Samba</constant> or <constant>FAT
+ </constant> if required.</para>
+
+ <para>Default: <command moreinfo="none">fstype = NTFS</command></para>
+
+ <para>Example: <command moreinfo="none">fstype = Samba</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/hidelocalusers.xml b/docs/docbook/smbdotconf/misc/hidelocalusers.xml
new file mode 100644
index 0000000000..18a1c817c1
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/hidelocalusers.xml
@@ -0,0 +1,11 @@
+<samba:parameter name="hide local users"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter toggles the hiding of local UNIX
+ users (root, wheel, floppy, etc) from remote clients.</para>
+
+ <para>Default: <command moreinfo="none">hide local users = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/homedirmap.xml b/docs/docbook/smbdotconf/misc/homedirmap.xml
new file mode 100644
index 0000000000..d4f09c7f50
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/homedirmap.xml
@@ -0,0 +1,32 @@
+<samba:parameter name="homedir map"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>If<link linkend="NISHOMEDIR"><parameter moreinfo="none">nis homedir
+ </parameter></link> is <constant>yes</constant>, and <citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> is also acting
+ as a Win95/98 <parameter moreinfo="none">logon server</parameter> then this parameter
+ specifies the NIS (or YP) map from which the server for the user's
+ home directory should be extracted. At present, only the Sun
+ auto.home map format is understood. The form of the map is:</para>
+
+ <para><command moreinfo="none">username server:/some/file/system</command></para>
+
+ <para>and the program will extract the servername from before
+ the first ':'. There should probably be a better parsing system
+ that copes with different map formats and also Amd (another
+ automounter) maps.</para>
+
+ <note><para>A working NIS client is required on
+ the system for this option to work.</para></note>
+
+ <para>See also <link linkend="NISHOMEDIR"><parameter moreinfo="none">nis homedir</parameter>
+ </link>, <link linkend="DOMAINLOGONS"><parameter moreinfo="none">domain logons</parameter>
+ </link>.</para>
+
+ <para>Default: <command moreinfo="none">homedir map = &lt;empty string&gt;</command></para>
+
+ <para>Example: <command moreinfo="none">homedir map = amd.homedir</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/include.xml b/docs/docbook/smbdotconf/misc/include.xml
new file mode 100644
index 0000000000..dcc32968e7
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/include.xml
@@ -0,0 +1,18 @@
+<samba:parameter name="include"
+ context="G"
+ hide="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This allows you to include one config file
+ inside another. The file is included literally, as though typed
+ in place.</para>
+
+ <para>It takes the standard substitutions, except <parameter moreinfo="none">%u
+ </parameter>, <parameter moreinfo="none">%P</parameter> and <parameter moreinfo="none">%S</parameter>.
+ </para>
+
+ <para>Default: <emphasis>no file included</emphasis></para>
+
+ <para>Example: <command moreinfo="none">include = /usr/local/samba/lib/admin_smb.conf</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/lockdir.xml b/docs/docbook/smbdotconf/misc/lockdir.xml
new file mode 100644
index 0000000000..4e5f6bce85
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/lockdir.xml
@@ -0,0 +1,9 @@
+<samba:parameter name="lock dir"
+ context="G"
+ hide="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>Synonym for <link linkend="LOCKDIRECTORY"><parameter moreinfo="none">
+ lock directory</parameter></link>.
+</para></listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/lockdirectory.xml b/docs/docbook/smbdotconf/misc/lockdirectory.xml
new file mode 100644
index 0000000000..c877566b31
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/lockdirectory.xml
@@ -0,0 +1,15 @@
+<samba:parameter name="lock directory"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This option specifies the directory where lock
+ files will be placed. The lock files are used to implement the
+ <link linkend="MAXCONNECTIONS"><parameter moreinfo="none">max connections</parameter>
+ </link> option.</para>
+
+ <para>Default: <command moreinfo="none">lock directory = ${prefix}/var/locks</command></para>
+
+ <para>Example: <command moreinfo="none">lock directory = /var/run/samba/locks</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/magicoutput.xml b/docs/docbook/smbdotconf/misc/magicoutput.xml
new file mode 100644
index 0000000000..c321f12b99
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/magicoutput.xml
@@ -0,0 +1,18 @@
+<samba:parameter name="magic output"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter specifies the name of a file
+ which will contain output created by a magic script (see the
+ <link linkend="MAGICSCRIPT"><parameter moreinfo="none">magic script</parameter></link>
+ parameter below).</para>
+
+ <para>Warning: If two clients use the same <parameter moreinfo="none">magic script
+ </parameter> in the same directory the output file content
+ is undefined.</para>
+
+ <para>Default: <command moreinfo="none">magic output = &lt;magic script name&gt;.out</command></para>
+
+ <para>Example: <command moreinfo="none">magic output = myfile.txt</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/magicscript.xml b/docs/docbook/smbdotconf/misc/magicscript.xml
new file mode 100644
index 0000000000..67f39d918e
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/magicscript.xml
@@ -0,0 +1,31 @@
+<samba:parameter name="magic script"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter specifies the name of a file which,
+ if opened, will be executed by the server when the file is closed.
+ This allows a UNIX script to be sent to the Samba host and
+ executed on behalf of the connected user.</para>
+
+ <para>Scripts executed in this way will be deleted upon
+ completion assuming that the user has the appropriate level
+ of privilege and the file permissions allow the deletion.</para>
+
+ <para>If the script generates output, output will be sent to
+ the file specified by the <link linkend="MAGICOUTPUT"><parameter moreinfo="none">
+ magic output</parameter></link> parameter (see above).</para>
+
+ <para>Note that some shells are unable to interpret scripts
+ containing CR/LF instead of CR as
+ the end-of-line marker. Magic scripts must be executable
+ <emphasis>as is</emphasis> on the host, which for some hosts and
+ some shells will require filtering at the DOS end.</para>
+
+ <para>Magic scripts are <emphasis>EXPERIMENTAL</emphasis> and
+ should <emphasis>NOT</emphasis> be relied upon.</para>
+
+ <para>Default: <emphasis>None. Magic scripts disabled.</emphasis></para>
+
+ <para>Example: <command moreinfo="none">magic script = user.csh</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/messagecommand.xml b/docs/docbook/smbdotconf/misc/messagecommand.xml
new file mode 100644
index 0000000000..6df2a02bb7
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/messagecommand.xml
@@ -0,0 +1,73 @@
+<samba:parameter name="message command"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This specifies what command to run when the
+ server receives a WinPopup style message.</para>
+
+ <para>This would normally be a command that would
+ deliver the message somehow. How this is to be done is
+ up to your imagination.</para>
+
+ <para>An example is:</para>
+
+ <para><command moreinfo="none">message command = csh -c 'xedit %s;rm %s' &amp;</command>
+ </para>
+
+ <para>This delivers the message using <command moreinfo="none">xedit</command>, then
+ removes it afterwards. <emphasis>NOTE THAT IT IS VERY IMPORTANT
+ THAT THIS COMMAND RETURN IMMEDIATELY</emphasis>. That's why I
+ have the '&amp;' on the end. If it doesn't return immediately then
+ your PCs may freeze when sending messages (they should recover
+ after 30 seconds, hopefully).</para>
+
+ <para>All messages are delivered as the global guest user.
+ The command takes the standard substitutions, although <parameter moreinfo="none">
+ %u</parameter> won't work (<parameter moreinfo="none">%U</parameter> may be better
+ in this case).</para>
+
+ <para>Apart from the standard substitutions, some additional
+ ones apply. In particular:</para>
+
+ <itemizedlist>
+ <listitem>
+ <para><parameter moreinfo="none">%s</parameter> = the filename containing
+ the message.</para>
+ </listitem>
+
+ <listitem>
+ <para><parameter moreinfo="none">%t</parameter> = the destination that
+ the message was sent to (probably the server name).</para>
+ </listitem>
+
+ <listitem>
+ <para><parameter moreinfo="none">%f</parameter> = who the message
+ is from.</para>
+ </listitem>
+ </itemizedlist>
+
+ <para>You could make this command send mail, or whatever else
+ takes your fancy. Please let us know of any really interesting
+ ideas you have.</para>
+
+ <para>Here's a way of sending the messages as mail to root:</para>
+
+ <para><command moreinfo="none">message command = /bin/mail -s 'message from %f on
+ %m' root &lt; %s; rm %s</command></para>
+
+ <para>If you don't have a message command then the message
+ won't be delivered and Samba will tell the sender there was
+ an error. Unfortunately WfWg totally ignores the error code
+ and carries on regardless, saying that the message was delivered.
+ </para>
+
+ <para>If you want to silently delete it then try:</para>
+
+ <para><command moreinfo="none">message command = rm %s</command></para>
+
+ <para>Default: <emphasis>no message command</emphasis></para>
+
+ <para>Example: <command moreinfo="none">message command = csh -c 'xedit %s; rm %s' &amp;</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/nishomedir.xml b/docs/docbook/smbdotconf/misc/nishomedir.xml
new file mode 100644
index 0000000000..734dcf8de5
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/nishomedir.xml
@@ -0,0 +1,33 @@
+<samba:parameter name="nis homedir"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>Get the home share server from a NIS map. For
+ UNIX systems that use an automounter, the user's home directory
+ will often be mounted on a workstation on demand from a remote
+ server. </para>
+
+ <para>When the Samba logon server is not the actual home directory
+ server, but is mounting the home directories via NFS then two
+ network hops would be required to access the users home directory
+ if the logon server told the client to use itself as the SMB server
+ for home directories (one over SMB and one over NFS). This can
+ be very slow.</para>
+
+ <para>This option allows Samba to return the home share as
+ being on a different server to the logon server and as
+ long as a Samba daemon is running on the home directory server,
+ it will be mounted on the Samba client directly from the directory
+ server. When Samba is returning the home share to the client, it
+ will consult the NIS map specified in <link linkend="HOMEDIRMAP">
+ <parameter moreinfo="none">homedir map</parameter></link> and return the server
+ listed there.</para>
+
+ <para>Note that for this option to work there must be a working
+ NIS system and the Samba server with this option must also
+ be a logon server.</para>
+
+ <para>Default: <command moreinfo="none">nis homedir = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/panicaction.xml b/docs/docbook/smbdotconf/misc/panicaction.xml
new file mode 100644
index 0000000000..04b7aab8c8
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/panicaction.xml
@@ -0,0 +1,16 @@
+<samba:parameter name="panic action"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This is a Samba developer option that allows a
+ system command to be called when either <citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> or <citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> crashes. This is usually used to
+ draw attention to the fact that a problem occurred.</para>
+
+ <para>Default: <command moreinfo="none">panic action = &lt;empty string&gt;</command></para>
+
+ <para>Example: <command moreinfo="none">panic action = &quot;/bin/sleep 90000&quot;</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/piddirectory.xml b/docs/docbook/smbdotconf/misc/piddirectory.xml
new file mode 100644
index 0000000000..b526a80221
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/piddirectory.xml
@@ -0,0 +1,13 @@
+<samba:parameter name="pid directory"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This option specifies the directory where pid
+ files will be placed. </para>
+
+ <para>Default: <command moreinfo="none">pid directory = ${prefix}/var/locks</command></para>
+
+ <para>Example: <command moreinfo="none">pid directory = /var/run/</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/postexec.xml b/docs/docbook/smbdotconf/misc/postexec.xml
new file mode 100644
index 0000000000..a6b65515ad
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/postexec.xml
@@ -0,0 +1,22 @@
+<samba:parameter name="postexec"
+ context="S"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This option specifies a command to be run
+ whenever the service is disconnected. It takes the usual
+ substitutions. The command may be run as the root on some
+ systems.</para>
+
+ <para>An interesting example may be to unmount server
+ resources:</para>
+
+ <para><command moreinfo="none">postexec = /etc/umount /cdrom</command></para>
+
+ <para>See also <link linkend="PREEXEC"><parameter moreinfo="none">preexec</parameter></link>.</para>
+
+ <para>Default: <emphasis>none (no command executed)</emphasis></para>
+
+ <para>Example: <command moreinfo="none">postexec = echo \&quot;%u disconnected from %S from %m (%I)\&quot; &gt;&gt; /tmp/log</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/preexec.xml b/docs/docbook/smbdotconf/misc/preexec.xml
new file mode 100644
index 0000000000..49c73d9491
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/preexec.xml
@@ -0,0 +1,25 @@
+<samba:parameter name="preexec"
+ context="S"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This option specifies a command to be run whenever
+ the service is connected to. It takes the usual substitutions.</para>
+
+ <para>An interesting example is to send the users a welcome
+ message every time they log in. Maybe a message of the day? Here
+ is an example:</para>
+
+ <para><command moreinfo="none">preexec = csh -c 'echo \&quot;Welcome to %S!\&quot; | /usr/local/samba/bin/smbclient -M %m -I %I' &amp; </command></para>
+
+ <para>Of course, this could get annoying after a while :-)</para>
+
+ <para>See also <link linkend="PREEXECCLOSE"><parameter moreinfo="none">preexec close</parameter></link> and <link
+ linkend="POSTEXEC"><parameter moreinfo="none">postexec
+ </parameter></link>.</para>
+
+ <para>Default: <emphasis>none (no command executed)</emphasis></para>
+
+ <para>Example: <command moreinfo="none">preexec = echo \&quot;%u connected to %S from %m (%I)\&quot; &gt;&gt; /tmp/log</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/preexecclose.xml b/docs/docbook/smbdotconf/misc/preexecclose.xml
new file mode 100644
index 0000000000..346d21dbd8
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/preexecclose.xml
@@ -0,0 +1,12 @@
+<samba:parameter name="preexec close"
+ context="S"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This boolean option controls whether a non-zero
+ return code from <link linkend="PREEXEC"><parameter moreinfo="none">preexec
+ </parameter></link> should close the service being connected to.</para>
+
+ <para>Default: <command moreinfo="none">preexec close = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/preload.xml b/docs/docbook/smbdotconf/misc/preload.xml
new file mode 100644
index 0000000000..96b59e3a43
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/preload.xml
@@ -0,0 +1,19 @@
+<samba:parameter name="preload"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This is a list of services that you want to be
+ automatically added to the browse lists. This is most useful
+ for homes and printers services that would otherwise not be
+ visible.</para>
+
+ <para>Note that if you just want all printers in your
+ printcap file loaded then the <link linkend="LOADPRINTERS">
+ <parameter moreinfo="none">load printers</parameter></link> option is easier.</para>
+
+ <para>Default: <emphasis>no preloaded services</emphasis></para>
+
+ <para>Example: <command moreinfo="none">preload = fred lp colorlp</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/remoteannounce.xml b/docs/docbook/smbdotconf/misc/remoteannounce.xml
new file mode 100644
index 0000000000..019cc306a7
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/remoteannounce.xml
@@ -0,0 +1,35 @@
+<samba:parameter name="remote announce"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry>to periodically announce itself
+ to arbitrary IP addresses with an arbitrary workgroup name.</para>
+
+ <para>This is useful if you want your Samba server to appear
+ in a remote workgroup for which the normal browse propagation
+ rules don't work. The remote workgroup can be anywhere that you
+ can send IP packets to.</para>
+
+ <para>For example:</para>
+
+ <para><command moreinfo="none">remote announce = 192.168.2.255/SERVERS
+ 192.168.4.255/STAFF</command></para>
+
+ <para>the above line would cause <command moreinfo="none">nmbd</command> to announce itself
+ to the two given IP addresses using the given workgroup names.
+ If you leave out the workgroup name then the one given in
+ the <link linkend="WORKGROUP"><parameter moreinfo="none">workgroup</parameter></link>
+ parameter is used instead.</para>
+
+ <para>The IP addresses you choose would normally be the broadcast
+ addresses of the remote networks, but can also be the IP addresses
+ of known browse masters if your network config is that stable.</para>
+
+ <para>See the documentation file <ulink url="improved-browsing.html">BROWSING</ulink>
+ in the <filename moreinfo="none">docs/</filename> directory.</para>
+
+ <para>Default: <command moreinfo="none">remote announce = &lt;empty string&gt;</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/remotebrowsesync.xml b/docs/docbook/smbdotconf/misc/remotebrowsesync.xml
new file mode 100644
index 0000000000..06069581e6
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/remotebrowsesync.xml
@@ -0,0 +1,35 @@
+<samba:parameter name="remote browse sync"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> to periodically request
+ synchronization of browse lists with the master browser of a Samba
+ server that is on a remote segment. This option will allow you to
+ gain browse lists for multiple workgroups across routed networks. This
+ is done in a manner that does not work with any non-Samba servers.</para>
+
+ <para>This is useful if you want your Samba server and all local
+ clients to appear in a remote workgroup for which the normal browse
+ propagation rules don't work. The remote workgroup can be anywhere
+ that you can send IP packets to.</para>
+
+ <para>For example:</para>
+
+ <para><command moreinfo="none">remote browse sync = 192.168.2.255 192.168.4.255</command></para>
+
+ <para>the above line would cause <command moreinfo="none">nmbd</command> to request
+ the master browser on the specified subnets or addresses to
+ synchronize their browse lists with the local server.</para>
+
+ <para>The IP addresses you choose would normally be the broadcast
+ addresses of the remote networks, but can also be the IP addresses
+ of known browse masters if your network config is that stable. If
+ a machine IP address is given Samba makes NO attempt to validate
+ that the remote machine is available, is listening, nor that it
+ is in fact the browse master on its segment.</para>
+
+ <para>Default: <command moreinfo="none">remote browse sync = &lt;empty string&gt;</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/rootpostexec.xml b/docs/docbook/smbdotconf/misc/rootpostexec.xml
new file mode 100644
index 0000000000..baed004327
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/rootpostexec.xml
@@ -0,0 +1,16 @@
+<samba:parameter name="root postexec"
+ context="S"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This is the same as the <parameter moreinfo="none">postexec</parameter>
+ parameter except that the command is run as root. This
+ is useful for unmounting filesystems
+ (such as CDROMs) after a connection is closed.</para>
+
+ <para>See also <link linkend="POSTEXEC"><parameter moreinfo="none">
+ postexec</parameter></link>.</para>
+
+ <para>Default: <command moreinfo="none">root postexec = &lt;empty string&gt;</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/rootpreexec.xml b/docs/docbook/smbdotconf/misc/rootpreexec.xml
new file mode 100644
index 0000000000..4939d1ee48
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/rootpreexec.xml
@@ -0,0 +1,17 @@
+<samba:parameter name="root preexec"
+ context="S"
+ advanced="1" wizard="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This is the same as the <parameter moreinfo="none">preexec</parameter>
+ parameter except that the command is run as root. This
+ is useful for mounting filesystems (such as CDROMs) when a
+ connection is opened.</para>
+
+ <para>See also <link linkend="PREEXEC"><parameter moreinfo="none">
+ preexec</parameter></link> and <link linkend="PREEXECCLOSE">
+ <parameter moreinfo="none">preexec close</parameter></link>.</para>
+
+ <para>Default: <command moreinfo="none">root preexec = &lt;empty string&gt;</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/rootpreexecclose.xml b/docs/docbook/smbdotconf/misc/rootpreexecclose.xml
new file mode 100644
index 0000000000..b333cffe90
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/rootpreexecclose.xml
@@ -0,0 +1,15 @@
+<samba:parameter name="root preexec close"
+ context="S"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This is the same as the <parameter moreinfo="none">preexec close
+ </parameter> parameter except that the command is run as root.</para>
+
+ <para>See also <link linkend="PREEXEC"><parameter moreinfo="none">
+ preexec</parameter></link> and <link linkend="PREEXECCLOSE">
+ <parameter moreinfo="none">preexec close</parameter></link>.</para>
+
+ <para>Default: <command moreinfo="none">root preexec close = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/setdirectory.xml b/docs/docbook/smbdotconf/misc/setdirectory.xml
new file mode 100644
index 0000000000..b4ff72d4d0
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/setdirectory.xml
@@ -0,0 +1,15 @@
+<samba:parameter name="set directory"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>If <command moreinfo="none">set directory = no</command>, then
+ users of the service may not use the setdir command to change
+ directory.</para>
+
+ <para>The <command moreinfo="none">setdir</command> command is only implemented
+ in the Digital Pathworks client. See the Pathworks documentation
+ for details.</para>
+
+ <para>Default: <command moreinfo="none">set directory = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/socketaddress.xml b/docs/docbook/smbdotconf/misc/socketaddress.xml
new file mode 100644
index 0000000000..4d2299acda
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/socketaddress.xml
@@ -0,0 +1,16 @@
+<samba:parameter name="socket address"
+ context="G"
+ developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This option allows you to control what
+ address Samba will listen for connections on. This is used to
+ support multiple virtual interfaces on the one server, each
+ with a different configuration.</para>
+
+ <para>By default Samba will accept connections on any
+ address.</para>
+
+ <para>Example: <command moreinfo="none">socket address = 192.168.2.20</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/sourceenvironment.xml b/docs/docbook/smbdotconf/misc/sourceenvironment.xml
new file mode 100644
index 0000000000..c6b4ce368f
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/sourceenvironment.xml
@@ -0,0 +1,27 @@
+<samba:parameter name="source environment"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter causes Samba to set environment
+ variables as per the content of the file named.</para>
+
+ <para>If the value of this parameter starts with a &quot;|&quot; character
+ then Samba will treat that value as a pipe command to open and
+ will set the environment variables from the output of the pipe.</para>
+
+ <para>The contents of the file or the output of the pipe should
+ be formatted as the output of the standard Unix <command moreinfo="none">env(1)</command> command. This is of the form:</para>
+
+ <para>Example environment entry:</para>
+
+ <para><command moreinfo="none">SAMBA_NETBIOS_NAME = myhostname</command></para>
+
+ <para>Default: <emphasis>No default value</emphasis></para>
+
+ <para>Examples: <command moreinfo="none">source environment = |/etc/smb.conf.sh</command></para>
+
+ <para>Example: <command moreinfo="none">source environment =
+ /usr/local/smb_env_vars</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/timeoffset.xml b/docs/docbook/smbdotconf/misc/timeoffset.xml
new file mode 100644
index 0000000000..4cd12b6d36
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/timeoffset.xml
@@ -0,0 +1,15 @@
+<samba:parameter name="time offset"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter is a setting in minutes to add
+ to the normal GMT to local time conversion. This is useful if
+ you are serving a lot of PCs that have incorrect daylight
+ saving time handling.</para>
+
+ <para>Default: <command moreinfo="none">time offset = 0</command></para>
+
+ <para>Example: <command moreinfo="none">time offset = 60</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/utmp.xml b/docs/docbook/smbdotconf/misc/utmp.xml
new file mode 100644
index 0000000000..3dfa7caa5d
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/utmp.xml
@@ -0,0 +1,24 @@
+<samba:parameter name="utmp"
+ context="G"
+ developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This boolean parameter is only available if
+ Samba has been configured and compiled with the option <command moreinfo="none">
+ --with-utmp</command>. If set to <constant>yes</constant> then Samba will attempt
+ to add utmp or utmpx records (depending on the UNIX system) whenever a
+ connection is made to a Samba server. Sites may use this to record the
+ user connecting to a Samba share.</para>
+
+ <para>Due to the requirements of the utmp record, we
+ are required to create a unique identifier for the
+ incoming user. Enabling this option creates an n^2
+ algorithm to find this number. This may impede
+ performance on large installations. </para>
+
+ <para>See also the <link linkend="UTMPDIRECTORY"><parameter moreinfo="none">
+ utmp directory</parameter></link> parameter.</para>
+
+ <para>Default: <command moreinfo="none">utmp = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/utmpdirectory.xml b/docs/docbook/smbdotconf/misc/utmpdirectory.xml
new file mode 100644
index 0000000000..3b50c3db29
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/utmpdirectory.xml
@@ -0,0 +1,20 @@
+<samba:parameter name="utmp directory"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter is only available if Samba has
+ been configured and compiled with the option <command moreinfo="none">
+ --with-utmp</command>. It specifies a directory pathname that is
+ used to store the utmp or utmpx files (depending on the UNIX system) that
+ record user connections to a Samba server. See also the <link linkend="UTMP">
+ <parameter moreinfo="none">utmp</parameter></link> parameter. By default this is
+ not set, meaning the system will use whatever utmp file the
+ native system is set to use (usually
+ <filename moreinfo="none">/var/run/utmp</filename> on Linux).</para>
+
+ <para>Default: <emphasis>no utmp directory</emphasis></para>
+
+ <para>Example: <command moreinfo="none">utmp directory = /var/run/utmp</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/volume.xml b/docs/docbook/smbdotconf/misc/volume.xml
new file mode 100644
index 0000000000..0ab5edb522
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/volume.xml
@@ -0,0 +1,11 @@
+<samba:parameter name="volume"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+ <listitem>
+ <para> This allows you to override the volume label
+ returned for a share. Useful for CDROMs with installation programs
+ that insist on a particular volume label.</para>
+
+ <para>Default: <emphasis>the name of the share</emphasis></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/widelinks.xml b/docs/docbook/smbdotconf/misc/widelinks.xml
new file mode 100644
index 0000000000..ead3569fd9
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/widelinks.xml
@@ -0,0 +1,17 @@
+<samba:parameter name="wide links"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+ <listitem>
+ <para>This parameter controls whether or not links
+ in the UNIX file system may be followed by the server. Links
+ that point to areas within the directory tree exported by the
+ server are always allowed; this parameter controls access only
+ to areas that are outside the directory tree being exported.</para>
+
+ <para>Note that setting this parameter can have a negative
+ effect on your server performance due to the extra system calls
+ that Samba has to do in order to perform the link checks.</para>
+
+ <para>Default: <command moreinfo="none">wide links = yes</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/misc/wtmpdirectory.xml b/docs/docbook/smbdotconf/misc/wtmpdirectory.xml
new file mode 100644
index 0000000000..2448edfadb
--- /dev/null
+++ b/docs/docbook/smbdotconf/misc/wtmpdirectory.xml
@@ -0,0 +1,24 @@
+<samba:parameter name="wtmp directory"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter is only available if Samba has
+ been configured and compiled with the option <command moreinfo="none">
+ --with-utmp</command>. It specifies a directory pathname that is
+ used to store the wtmp or wtmpx files (depending on the UNIX system) that
+ record user connections to a Samba server. The difference with
+ the utmp directory is the fact that user info is kept after a user
+ has logged out.</para>
+
+ <para>See also the <link linkend="UTMP">
+ <parameter moreinfo="none">utmp</parameter></link> parameter. By default this is
+ not set, meaning the system will use whatever utmp file the
+ native system is set to use (usually
+ <filename moreinfo="none">/var/run/wtmp</filename> on Linux).</para>
+
+ <para>Default: <emphasis>no wtmp directory</emphasis></para>
+
+ <para>Example: <command moreinfo="none">wtmp directory = /var/log/wtmp</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/printing/lpqcachetime.xml b/docs/docbook/smbdotconf/printing/lpqcachetime.xml
new file mode 100644
index 0000000000..df48a5fd01
--- /dev/null
+++ b/docs/docbook/smbdotconf/printing/lpqcachetime.xml
@@ -0,0 +1,29 @@
+<samba:parameter name="lpq cache time"
+ context="G"
+ developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This controls how long lpq info will be cached
+ for to prevent the <command moreinfo="none">lpq</command> command being called too
+ often. A separate cache is kept for each variation of the <command moreinfo="none">
+ lpq</command> command used by the system, so if you use different
+ <command moreinfo="none">lpq</command> commands for different users then they won't
+ share cache information.</para>
+
+ <para>The cache files are stored in <filename moreinfo="none">/tmp/lpq.xxxx</filename>
+ where xxxx is a hash of the <command moreinfo="none">lpq</command> command in use.</para>
+
+ <para>The default is 10 seconds, meaning that the cached results
+ of a previous identical <command moreinfo="none">lpq</command> command will be used
+ if the cached data is less than 10 seconds old. A large value may
+ be advisable if your <command moreinfo="none">lpq</command> command is very slow.</para>
+
+ <para>A value of 0 will disable caching completely.</para>
+
+ <para>See also the <link linkend="PRINTING"><parameter moreinfo="none">printing</parameter></link> parameter.</para>
+
+ <para>Default: <command moreinfo="none">lpq cache time = 10</command></para>
+
+ <para>Example: <command moreinfo="none">lpq cache time = 30</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/printing/printcapname.xml b/docs/docbook/smbdotconf/printing/printcapname.xml
new file mode 100644
index 0000000000..e7aa9e938d
--- /dev/null
+++ b/docs/docbook/smbdotconf/printing/printcapname.xml
@@ -0,0 +1,52 @@
+<samba:parameter name="printcap name"
+ context="S"
+ print="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter may be used to override the
+ compiled-in default printcap name used by the server (usually <filename moreinfo="none">
+ /etc/printcap</filename>). See the discussion of the <link
+ linkend="PRINTERSSECT">[printers]</link> section above for reasons
+ why you might want to do this.</para>
+
+ <para>To use the CUPS printing interface set <command moreinfo="none">printcap name = cups
+ </command>. This should be supplemented by an addtional setting
+ <link linkend="PRINTING">printing = cups</link> in the [global]
+ section. <command moreinfo="none">printcap name = cups</command> will use the
+ &quot;dummy&quot; printcap created by CUPS, as specified in your CUPS
+ configuration file.
+ </para>
+
+ <para>On System V systems that use <command moreinfo="none">lpstat</command> to
+ list available printers you can use <command moreinfo="none">printcap name = lpstat
+ </command> to automatically obtain lists of available printers. This
+ is the default for systems that define SYSV at configure time in
+ Samba (this includes most System V based systems). If <parameter moreinfo="none">
+ printcap name</parameter> is set to <command moreinfo="none">lpstat</command> on
+ these systems then Samba will launch <command moreinfo="none">lpstat -v</command> and
+ attempt to parse the output to obtain a printer list.</para>
+
+ <para>A minimal printcap file would look something like this:</para>
+
+<para><programlisting format="linespecific">
+print1|My Printer 1
+print2|My Printer 2
+print3|My Printer 3
+print4|My Printer 4
+print5|My Printer 5
+</programlisting></para>
+
+ <para>where the '|' separates aliases of a printer. The fact
+ that the second alias has a space in it gives a hint to Samba
+ that it's a comment.</para>
+
+ <note><para>Under AIX the default printcap
+ name is <filename moreinfo="none">/etc/qconfig</filename>. Samba will assume the
+ file is in AIX <filename moreinfo="none">qconfig</filename> format if the string
+ <filename moreinfo="none">qconfig</filename> appears in the printcap filename.</para></note>
+
+ <para>Default: <command moreinfo="none">printcap name = /etc/printcap</command></para>
+
+ <para>Example: <command moreinfo="none">printcap name = /etc/myprintcap</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/printing/useclientdriver.xml b/docs/docbook/smbdotconf/printing/useclientdriver.xml
new file mode 100644
index 0000000000..67c8cbf8d0
--- /dev/null
+++ b/docs/docbook/smbdotconf/printing/useclientdriver.xml
@@ -0,0 +1,40 @@
+<samba:parameter name="use client driver"
+ context="S"
+ print="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This parameter applies only to Windows NT/2000
+ clients. It has no affect on Windows 95/98/ME clients. When
+ serving a printer to Windows NT/2000 clients without first installing
+ a valid printer driver on the Samba host, the client will be required
+ to install a local printer driver. From this point on, the client
+ will treat the print as a local printer and not a network printer
+ connection. This is much the same behavior that will occur
+ when <command moreinfo="none">disable spoolss = yes</command>.
+ </para>
+
+ <para>The differentiating factor is that under normal
+ circumstances, the NT/2000 client will attempt to open the network
+ printer using MS-RPC. The problem is that because the client
+ considers the printer to be local, it will attempt to issue the
+ OpenPrinterEx() call requesting access rights associated with the
+ logged on user. If the user possesses local administator rights but
+ not root privilegde on the Samba host (often the case), the
+ OpenPrinterEx() call will fail. The result is that the client will
+ now display an &quot;Access Denied; Unable to connect&quot; message
+ in the printer queue window (even though jobs may successfully be
+ printed). </para>
+
+ <para>If this parameter is enabled for a printer, then any attempt
+ to open the printer with the PRINTER_ACCESS_ADMINISTER right is mapped
+ to PRINTER_ACCESS_USE instead. Thus allowing the OpenPrinterEx()
+ call to succeed. <emphasis>This parameter MUST not be able enabled
+ on a print share which has valid print driver installed on the Samba
+ server.</emphasis></para>
+
+ <para>See also <link linkend="DISABLESPOOLSS"><parameter
+ moreinfo="none">disable spoolss</parameter></link></para>
+
+ <para>Default: <command moreinfo="none">use client driver = no</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/security/createmask.xml b/docs/docbook/smbdotconf/security/createmask.xml
new file mode 100644
index 0000000000..4a581d3a19
--- /dev/null
+++ b/docs/docbook/smbdotconf/security/createmask.xml
@@ -0,0 +1,45 @@
+<samba:parameter name="create mask"
+ context="S"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>A synonym for this parameter is
+ <link linkend="CREATEMODE"><parameter moreinfo="none">create mode</parameter>
+ </link>.</para>
+
+ <para>When a file is created, the necessary permissions are
+ calculated according to the mapping from DOS modes to UNIX
+ permissions, and the resulting UNIX mode is then bit-wise 'AND'ed
+ with this parameter. This parameter may be thought of as a bit-wise
+ MASK for the UNIX modes of a file. Any bit <emphasis>not</emphasis>
+ set here will be removed from the modes set on a file when it is
+ created.</para>
+
+ <para>The default value of this parameter removes the
+ 'group' and 'other' write and execute bits from the UNIX modes.</para>
+
+ <para>Following this Samba will bit-wise 'OR' the UNIX mode created
+ from this parameter with the value of the <link linkend="FORCECREATEMODE">
+ <parameter moreinfo="none">force create mode</parameter></link>
+ parameter which is set to 000 by default.</para>
+
+ <para>This parameter does not affect directory modes. See the
+ parameter <link linkend="DIRECTORYMODE"><parameter moreinfo="none">directory mode
+ </parameter></link> for details.</para>
+
+ <para>See also the <link linkend="FORCECREATEMODE"><parameter moreinfo="none">force
+ create mode</parameter></link> parameter for forcing particular mode
+ bits to be set on created files. See also the <link linkend="DIRECTORYMODE">
+ <parameter moreinfo="none">directory mode</parameter></link> parameter for masking
+ mode bits on created directories. See also the <link linkend="INHERITPERMISSIONS">
+ <parameter moreinfo="none">inherit permissions</parameter></link> parameter.</para>
+
+ <para>Note that this parameter does not apply to permissions
+ set by Windows NT/2000 ACL editors. If the administrator wishes to enforce
+ a mask on access control lists also, they need to set the <link linkend="SECURITYMASK">
+ <parameter moreinfo="none">security mask</parameter></link>.</para>
+
+ <para>Default: <command moreinfo="none">create mask = 0744</command></para>
+
+ <para>Example: <command moreinfo="none">create mask = 0775</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/security/minpasswordlength.xml b/docs/docbook/smbdotconf/security/minpasswordlength.xml
new file mode 100644
index 0000000000..6f73d9b52f
--- /dev/null
+++ b/docs/docbook/smbdotconf/security/minpasswordlength.xml
@@ -0,0 +1,17 @@
+<samba:parameter name="min password length"
+ context="G"
+ advanced="1" developer="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This option sets the minimum length in characters of a
+ plaintext password that <command moreinfo="none">smbd</command> will
+ accept when performing UNIX password changing.</para>
+
+ <para>See also <link linkend="UNIXPASSWORDSYNC"><parameter moreinfo="none">unix
+ password sync</parameter></link>, <link linkend="PASSWDPROGRAM">
+ <parameter moreinfo="none">passwd program</parameter></link> and <link linkend="PASSWDCHATDEBUG">
+ <parameter moreinfo="none">passwd chat debug</parameter></link>.</para>
+
+ <para>Default: <command moreinfo="none">min password length = 5</command></para>
+</listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/security/preloadmodules.xml b/docs/docbook/smbdotconf/security/preloadmodules.xml
new file mode 100644
index 0000000000..7b4e57cff1
--- /dev/null
+++ b/docs/docbook/smbdotconf/security/preloadmodules.xml
@@ -0,0 +1,18 @@
+<samba:parameter name="preload modules"
+ context="G"
+ basic="1"
+ xmlns:samba="http://samba.org/common">
+<listitem>
+ <para>This is a list of paths to modules that should
+ be loaded into smbd before a client connects. This improves
+ the speed of smbd when reacting to new connections somewhat. </para>
+
+ <para>It is recommended to only use this option on heavy-performance
+ servers.</para>
+
+ <para>Default: <command>preload modules = </command></para>
+
+ <para>Example: <command>preload modules = /usr/lib/samba/passdb/mysql.so+++ </command></para>
+
+ </listitem>
+</samba:parameter>
diff --git a/docs/docbook/smbdotconf/smb.conf.5.xml b/docs/docbook/smbdotconf/smb.conf.5.xml
new file mode 100644
index 0000000000..2a5d190f69
--- /dev/null
+++ b/docs/docbook/smbdotconf/smb.conf.5.xml
@@ -0,0 +1,685 @@
+<?xml version="1.0" encoding="iso8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
+
+<!ENTITY % globalentities SYSTEM './../global.ent'> %globalentities;
+]>
+<refentry id="smb.conf.5">
+
+<refmeta>
+ <refentrytitle>smb.conf</refentrytitle>
+ <manvolnum>5</manvolnum>
+</refmeta>
+
+
+<refnamediv>
+ <refname>smb.conf</refname>
+ <refpurpose>The configuration file for the Samba suite</refpurpose>
+</refnamediv>
+
+<refsect1>
+ <title>SYNOPSIS</title>
+
+ <para>The <filename moreinfo="none">smb.conf</filename> file is a configuration
+ file for the Samba suite. <filename moreinfo="none">smb.conf</filename> contains
+ runtime configuration information for the Samba programs. The <filename moreinfo="none">smb.conf</filename> file
+ is designed to be configured and administered by the <citerefentry><refentrytitle>swat</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> program. The complete
+ description of the file format and possible parameters held within
+ are here for reference purposes.</para> </refsect1>
+
+<refsect1 id="FILEFORMATSECT">
+ <title>FILE FORMAT</title>
+
+ <para>The file consists of sections and parameters. A section
+ begins with the name of the section in square brackets and continues
+ until the next section begins. Sections contain parameters of the
+ form</para>
+
+ <para><replaceable>name</replaceable> = <replaceable>value
+ </replaceable></para>
+
+ <para>The file is line-based - that is, each newline-terminated
+ line represents either a comment, a section name or a parameter.</para>
+
+ <para>Section and parameter names are not case sensitive.</para>
+
+ <para>Only the first equals sign in a parameter is significant.
+ Whitespace before or after the first equals sign is discarded.
+ Leading, trailing and internal whitespace in section and parameter
+ names is irrelevant. Leading and trailing whitespace in a parameter
+ value is discarded. Internal whitespace within a parameter value
+ is retained verbatim.</para>
+
+ <para>Any line beginning with a semicolon (';') or a hash ('#')
+ character is ignored, as are lines containing only whitespace.</para>
+
+ <para>Any line ending in a '\' is continued
+ on the next line in the customary UNIX fashion.</para>
+
+ <para>The values following the equals sign in parameters are all
+ either a string (no quotes needed) or a boolean, which may be given
+ as yes/no, 0/1 or true/false. Case is not significant in boolean
+ values, but is preserved in string values. Some items such as
+ create modes are numeric.</para>
+</refsect1>
+
+<refsect1>
+ <title>SECTION DESCRIPTIONS</title>
+
+ <para>Each section in the configuration file (except for the
+ [global] section) describes a shared resource (known
+ as a &quot;share&quot;). The section name is the name of the
+ shared resource and the parameters within the section define
+ the shares attributes.</para>
+
+ <para>There are three special sections, [global],
+ [homes] and [printers], which are
+ described under <emphasis>special sections</emphasis>. The
+ following notes apply to ordinary section descriptions.</para>
+
+ <para>A share consists of a directory to which access is being
+ given plus a description of the access rights which are granted
+ to the user of the service. Some housekeeping options are
+ also specifiable.</para>
+
+ <para>Sections are either file share services (used by the
+ client as an extension of their native file systems) or
+ printable services (used by the client to access print services
+ on the host running the server).</para>
+
+ <para>Sections may be designated <emphasis>guest</emphasis> services,
+ in which case no password is required to access them. A specified
+ UNIX <emphasis>guest account</emphasis> is used to define access
+ privileges in this case.</para>
+
+ <para>Sections other than guest services will require a password
+ to access them. The client provides the username. As older clients
+ only provide passwords and not usernames, you may specify a list
+ of usernames to check against the password using the &quot;user =&quot;
+ option in the share definition. For modern clients such as
+ Windows 95/98/ME/NT/2000, this should not be necessary.</para>
+
+ <para>Note that the access rights granted by the server are
+ masked by the access rights granted to the specified or guest
+ UNIX user by the host system. The server does not grant more
+ access than the host system grants.</para>
+
+ <para>The following sample section defines a file space share.
+ The user has write access to the path <filename moreinfo="none">/home/bar</filename>.
+ The share is accessed via the share name &quot;foo&quot;:</para>
+
+<screen format="linespecific">
+<computeroutput moreinfo="none">
+[foo]
+ path = /home/bar
+ read only = no
+</computeroutput>
+</screen>
+
+ <para>The following sample section defines a printable share.
+ The share is readonly, but printable. That is, the only write
+ access permitted is via calls to open, write to and close a
+ spool file. The <emphasis>guest ok</emphasis> parameter means
+ access will be permitted as the default guest user (specified
+ elsewhere):</para>
+
+<screen format="linespecific">
+<computeroutput moreinfo="none">
+[aprinter]
+ path = /usr/spool/public
+ read only = yes
+ printable = yes
+ guest ok = yes
+</computeroutput>
+</screen>
+</refsect1>
+
+<refsect1>
+ <title>SPECIAL SECTIONS</title>
+
+ <refsect2>
+ <title>The [global] section</title>
+
+ <para>parameters in this section apply to the server
+ as a whole, or are defaults for sections which do not
+ specifically define certain items. See the notes
+ under PARAMETERS for more information.</para>
+ </refsect2>
+
+ <refsect2 id="HOMESECT">
+ <title>The [homes] section</title>
+
+ <para>If a section called homes is included in the
+ configuration file, services connecting clients to their
+ home directories can be created on the fly by the server.</para>
+
+ <para>When the connection request is made, the existing
+ sections are scanned. If a match is found, it is used. If no
+ match is found, the requested section name is treated as a
+ user name and looked up in the local password file. If the
+ name exists and the correct password has been given, a share is
+ created by cloning the [homes] section.</para>
+
+ <para>Some modifications are then made to the newly
+ created share:</para>
+
+ <itemizedlist>
+ <listitem><para>The share name is changed from homes to
+ the located username.</para></listitem>
+
+ <listitem><para>If no path was given, the path is set to
+ the user's home directory.</para></listitem>
+ </itemizedlist>
+
+ <para>If you decide to use a <emphasis>path =</emphasis> line
+ in your [homes] section then you may find it useful
+ to use the %S macro. For example :</para>
+
+ <para><userinput moreinfo="none">path = /data/pchome/%S</userinput></para>
+
+ <para>would be useful if you have different home directories
+ for your PCs than for UNIX access.</para>
+
+ <para>This is a fast and simple way to give a large number
+ of clients access to their home directories with a minimum
+ of fuss.</para>
+
+ <para>A similar process occurs if the requested section
+ name is &quot;homes&quot;, except that the share name is not
+ changed to that of the requesting user. This method of using
+ the [homes] section works well if different users share
+ a client PC.</para>
+
+ <para>The [homes] section can specify all the parameters
+ a normal service section can specify, though some make more sense
+ than others. The following is a typical and suitable [homes]
+ section:</para>
+
+<screen format="linespecific">
+<computeroutput moreinfo="none">
+[homes]
+ read only = no
+</computeroutput>
+</screen>
+
+ <para>An important point is that if guest access is specified
+ in the [homes] section, all home directories will be
+ visible to all clients <emphasis>without a password</emphasis>.
+ In the very unlikely event that this is actually desirable, it
+ would be wise to also specify <emphasis>read only
+ access</emphasis>.</para>
+
+ <para>Note that the <emphasis>browseable</emphasis> flag for
+ auto home directories will be inherited from the global browseable
+ flag, not the [homes] browseable flag. This is useful as
+ it means setting <emphasis>browseable = no</emphasis> in
+ the [homes] section will hide the [homes] share but make
+ any auto home directories visible.</para>
+ </refsect2>
+
+ <refsect2 id="PRINTERSSECT">
+ <title>The [printers] section</title>
+
+ <para>This section works like [homes],
+ but for printers.</para>
+
+ <para>If a [printers] section occurs in the
+ configuration file, users are able to connect to any printer
+ specified in the local host's printcap file.</para>
+
+ <para>When a connection request is made, the existing sections
+ are scanned. If a match is found, it is used. If no match is found,
+ but a [homes] section exists, it is used as described
+ above. Otherwise, the requested section name is treated as a
+ printer name and the appropriate printcap file is scanned to see
+ if the requested section name is a valid printer share name. If
+ a match is found, a new printer share is created by cloning
+ the [printers] section.</para>
+
+ <para>A few modifications are then made to the newly created
+ share:</para>
+
+ <itemizedlist>
+ <listitem><para>The share name is set to the located printer
+ name</para></listitem>
+
+ <listitem><para>If no printer name was given, the printer name
+ is set to the located printer name</para></listitem>
+
+ <listitem><para>If the share does not permit guest access and
+ no username was given, the username is set to the located
+ printer name.</para></listitem>
+ </itemizedlist>
+
+ <para>Note that the [printers] service MUST be
+ printable - if you specify otherwise, the server will refuse
+ to load the configuration file.</para>
+
+ <para>Typically the path specified would be that of a
+ world-writeable spool directory with the sticky bit set on
+ it. A typical [printers] entry would look like
+ this:</para>
+
+<screen format="linespecific"><computeroutput moreinfo="none">
+[printers]
+ path = /usr/spool/public
+ guest ok = yes
+ printable = yes
+</computeroutput></screen>
+
+ <para>All aliases given for a printer in the printcap file
+ are legitimate printer names as far as the server is concerned.
+ If your printing subsystem doesn't work like that, you will have
+ to set up a pseudo-printcap. This is a file consisting of one or
+ more lines like this:</para>
+
+<screen format="linespecific">
+<computeroutput moreinfo="none">
+alias|alias|alias|alias...
+</computeroutput>
+</screen>
+
+ <para>Each alias should be an acceptable printer name for
+ your printing subsystem. In the [global] section, specify
+ the new file as your printcap. The server will then only recognize
+ names found in your pseudo-printcap, which of course can contain
+ whatever aliases you like. The same technique could be used
+ simply to limit access to a subset of your local printers.</para>
+
+ <para>An alias, by the way, is defined as any component of the
+ first entry of a printcap record. Records are separated by newlines,
+ components (if there are more than one) are separated by vertical
+ bar symbols ('|').</para>
+
+ <note><para>On SYSV systems which use lpstat to determine what
+ printers are defined on the system you may be able to use
+ &quot;printcap name = lpstat&quot; to automatically obtain a list
+ of printers. See the &quot;printcap name&quot; option
+ for more details.</para></note>
+ </refsect2>
+</refsect1>
+
+<refsect1>
+ <title>PARAMETERS</title>
+
+ <para>parameters define the specific attributes of sections.</para>
+
+ <para>Some parameters are specific to the [global] section
+ (e.g., <emphasis>security</emphasis>). Some parameters are usable
+ in all sections (e.g., <emphasis>create mode</emphasis>). All others
+ are permissible only in normal sections. For the purposes of the
+ following descriptions the [homes] and [printers]
+ sections will be considered normal. The letter <emphasis>G</emphasis>
+ in parentheses indicates that a parameter is specific to the
+ [global] section. The letter <emphasis>S</emphasis>
+ indicates that a parameter can be specified in a service specific
+ section. Note that all <emphasis>S</emphasis> parameters can also be specified in
+ the [global] section - in which case they will define
+ the default behavior for all services.</para>
+
+ <para>parameters are arranged here in alphabetical order - this may
+ not create best bedfellows, but at least you can find them! Where
+ there are synonyms, the preferred synonym is described, others refer
+ to the preferred synonym.</para>
+</refsect1>
+
+<refsect1>
+ <title>VARIABLE SUBSTITUTIONS</title>
+
+ <para>Many of the strings that are settable in the config file
+ can take substitutions. For example the option &quot;path =
+ /tmp/%u&quot; would be interpreted as &quot;path =
+ /tmp/john&quot; if the user connected with the username john.</para>
+
+ <para>These substitutions are mostly noted in the descriptions below,
+ but there are some general substitutions which apply whenever they
+ might be relevant. These are:</para>
+
+ <variablelist>
+ <varlistentry>
+ <term>%U</term>
+ <listitem><para>session user name (the user name that the client
+ wanted, not necessarily the same as the one they got).</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%G</term>
+ <listitem><para>primary group name of %U.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%h</term>
+ <listitem><para>the Internet hostname that Samba is running
+ on.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%m</term>
+ <listitem><para>the NetBIOS name of the client machine
+ (very useful).</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%L</term>
+ <listitem><para>the NetBIOS name of the server. This allows you
+ to change your config based on what the client calls you. Your
+ server can have a &quot;dual personality&quot;.</para>
+
+ <para>Note that this parameter is not available when Samba listens
+ on port 445, as clients no longer send this information </para>
+ </listitem>
+
+ </varlistentry>
+
+ <varlistentry>
+ <term>%M</term>
+ <listitem><para>the Internet name of the client machine.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%R</term>
+ <listitem><para>the selected protocol level after
+ protocol negotiation. It can be one of CORE, COREPLUS,
+ LANMAN1, LANMAN2 or NT1.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%d</term>
+ <listitem><para>The process id of the current server
+ process.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%a</term>
+ <listitem><para>the architecture of the remote
+ machine. Only some are recognized, and those may not be
+ 100% reliable. It currently recognizes Samba, WfWg, Win95,
+ WinNT and Win2k. Anything else will be known as
+ &quot;UNKNOWN&quot;. If it gets it wrong then sending a level
+ 3 log to <ulink url="mailto:samba@samba.org">samba@samba.org
+ </ulink> should allow it to be fixed.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%I</term>
+ <listitem><para>The IP address of the client machine.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%T</term>
+ <listitem><para>the current date and time.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%D</term>
+ <listitem><para>Name of the domain or workgroup of the current user.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%$(<replaceable>envvar</replaceable>)</term>
+ <listitem><para>The value of the environment variable
+ <replaceable>envar</replaceable>.</para></listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>The following substitutes apply only to some configuration options(only those
+ that are used when a connection has been established):</para>
+
+ <variablelist>
+ <varlistentry>
+ <term>%S</term>
+ <listitem><para>the name of the current service, if any.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%P</term>
+ <listitem><para>the root directory of the current service,
+ if any.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%u</term>
+ <listitem><para>user name of the current service, if any.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%g</term>
+ <listitem><para>primary group name of %u.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%H</term>
+ <listitem><para>the home directory of the user given
+ by %u.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%N</term>
+ <listitem><para>the name of your NIS home directory server.
+ This is obtained from your NIS auto.map entry. If you have
+ not compiled Samba with the <emphasis>--with-automount</emphasis>
+ option then this value will be the same as %L.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%p</term>
+ <listitem><para>the path of the service's home directory,
+ obtained from your NIS auto.map entry. The NIS auto.map entry
+ is split up as &quot;%N:%p&quot;.</para></listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>There are some quite creative things that can be done
+ with these substitutions and other smb.conf options.</para>
+</refsect1>
+
+<refsect1 id="NAMEMANGLINGSECT">
+ <title>NAME MANGLING</title>
+
+ <para>Samba supports &quot;name mangling&quot; so that DOS and
+ Windows clients can use files that don't conform to the 8.3 format.
+ It can also be set to adjust the case of 8.3 format filenames.</para>
+
+ <para>There are several options that control the way mangling is
+ performed, and they are grouped here rather than listed separately.
+ For the defaults look at the output of the testparm program. </para>
+
+ <para>All of these options can be set separately for each service
+ (or globally, of course). </para>
+
+ <para>The options are: </para>
+
+ <variablelist>
+
+ <varlistentry>
+ <term>mangle case = yes/no</term>
+ <listitem><para> controls if names that have characters that
+ aren't of the &quot;default&quot; case are mangled. For example,
+ if this is yes then a name like &quot;Mail&quot; would be mangled.
+ Default <emphasis>no</emphasis>.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>case sensitive = yes/no</term>
+ <listitem><para>controls whether filenames are case sensitive. If
+ they aren't then Samba must do a filename search and match on passed
+ names. Default <emphasis>no</emphasis>.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>default case = upper/lower</term>
+ <listitem><para>controls what the default case is for new
+ filenames. Default <emphasis>lower</emphasis>.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>preserve case = yes/no</term>
+ <listitem><para>controls if new files are created with the
+ case that the client passes, or if they are forced to be the
+ &quot;default&quot; case. Default <emphasis>yes</emphasis>.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>short preserve case = yes/no</term>
+ <listitem><para>controls if new files which conform to 8.3 syntax,
+ that is all in upper case and of suitable length, are created
+ upper case, or if they are forced to be the &quot;default&quot;
+ case. This option can be use with &quot;preserve case = yes&quot;
+ to permit long filenames to retain their case, while short names
+ are lowercased. Default <emphasis>yes</emphasis>.</para></listitem>
+ </varlistentry>
+ </variablelist>
+
+ <para>By default, Samba 3.0 has the same semantics as a Windows
+ NT server, in that it is case insensitive but case preserving.</para>
+
+</refsect1>
+
+<refsect1 id="VALIDATIONSECT">
+ <title>NOTE ABOUT USERNAME/PASSWORD VALIDATION</title>
+
+ <para>There are a number of ways in which a user can connect
+ to a service. The server uses the following steps in determining
+ if it will allow a connection to a specified service. If all the
+ steps fail, then the connection request is rejected. However, if one of the
+ steps succeeds, then the following steps are not checked.</para>
+
+ <para>If the service is marked &quot;guest only = yes&quot; and the
+ server is running with share-level security (&quot;security = share&quot;)
+ then steps 1 to 5 are skipped.</para>
+
+
+ <orderedlist continuation="restarts" inheritnum="ignore" numeration="arabic">
+ <listitem><para>If the client has passed a username/password
+ pair and that username/password pair is validated by the UNIX
+ system's password programs then the connection is made as that
+ username. Note that this includes the
+ \\server\service%<replaceable>username</replaceable> method of passing
+ a username.</para></listitem>
+
+ <listitem><para>If the client has previously registered a username
+ with the system and now supplies a correct password for that
+ username then the connection is allowed.</para></listitem>
+
+ <listitem><para>The client's NetBIOS name and any previously
+ used user names are checked against the supplied password, if
+ they match then the connection is allowed as the corresponding
+ user.</para></listitem>
+
+ <listitem><para>If the client has previously validated a
+ username/password pair with the server and the client has passed
+ the validation token then that username is used. </para></listitem>
+
+ <listitem><para>If a &quot;user = &quot; field is given in the
+ <filename moreinfo="none">smb.conf</filename> file for the service and the client
+ has supplied a password, and that password matches (according to
+ the UNIX system's password checking) with one of the usernames
+ from the &quot;user =&quot; field then the connection is made as
+ the username in the &quot;user =&quot; line. If one
+ of the username in the &quot;user =&quot; list begins with a
+ '@' then that name expands to a list of names in
+ the group of the same name.</para></listitem>
+
+ <listitem><para>If the service is a guest service then a
+ connection is made as the username given in the &quot;guest
+ account =&quot; for the service, irrespective of the
+ supplied password.</para></listitem>
+ </orderedlist>
+
+</refsect1>
+
+<refsect1>
+ <title>COMPLETE LIST OF GLOBAL PARAMETERS</title>
+
+ <para>Here is a list of all global parameters. See the section of
+ each parameter for details. Note that some are synonyms.</para>
+
+ <xi:include href="parameters.global.xml" parse="xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
+
+</refsect1>
+
+<refsect1>
+ <title>COMPLETE LIST OF SERVICE PARAMETERS</title>
+
+ <para>Here is a list of all service parameters. See the section on
+ each parameter for details. Note that some are synonyms.</para>
+
+ <xi:include href="parameters.service.xml" parse="xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
+
+</refsect1>
+
+<refsect1>
+ <title>EXPLANATION OF EACH PARAMETER</title>
+
+ <xi:include href="parameters.all.xml" parse="xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
+
+</refsect1>
+
+<refsect1>
+ <title>WARNINGS</title>
+
+ <para>Although the configuration file permits service names
+ to contain spaces, your client software may not. Spaces will
+ be ignored in comparisons anyway, so it shouldn't be a
+ problem - but be aware of the possibility.</para>
+
+ <para>On a similar note, many clients - especially DOS clients -
+ limit service names to eight characters. <citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> has no such limitation, but attempts to connect from such
+ clients will fail if they truncate the service names. For this reason
+ you should probably keep your service names down to eight characters
+ in length.</para>
+
+ <para>Use of the [homes] and [printers] special sections make life
+ for an administrator easy, but the various combinations of default
+ attributes can be tricky. Take extreme care when designing these
+ sections. In particular, ensure that the permissions on spool
+ directories are correct.</para>
+</refsect1>
+
+<refsect1>
+ <title>VERSION</title>
+
+ <para>This man page is correct for version 3.0 of the Samba suite.</para>
+</refsect1>
+
+<refsect1>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry><refentrytitle>samba</refentrytitle>
+ <manvolnum>7</manvolnum></citerefentry>, <citerefentry><refentrytitle>smbpasswd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>swat</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>nmbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>smbclient</refentrytitle>
+ <manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>nmblookup</refentrytitle>
+ <manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>testparm</refentrytitle>
+ <manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>testprns</refentrytitle>
+ <manvolnum>1</manvolnum></citerefentry>.</para>
+</refsect1>
+
+<refsect1>
+ <title>AUTHOR</title>
+
+ <para>The original Samba software and related utilities
+ were created by Andrew Tridgell. Samba is now developed
+ by the Samba Team as an Open Source project similar
+ to the way the Linux kernel is developed.</para>
+
+ <para>The original Samba man pages were written by Karl Auer.
+ The man page sources were converted to YODL format (another
+ excellent piece of Open Source software, available at <ulink url="ftp://ftp.icce.rug.nl/pub/unix/">
+ ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0
+ release by Jeremy Allison. The conversion to DocBook for
+ Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2
+ for Samba 3.0 was done by Alexander Bokovoy.</para>
+</refsect1>
+
+</refentry>