summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/Samba-Guide/Chap07-2000UserNetwork.xml26
-rw-r--r--docs/Samba-HOWTO-Collection/Group-Mapping.xml8
-rw-r--r--docs/Samba-HOWTO-Collection/ServerType.xml5
-rw-r--r--docs/smbdotconf/logon/logonpath.xml4
-rw-r--r--docs/smbdotconf/security/encryptpasswords.xml18
-rw-r--r--docs/smbdotconf/tuning/hostnamelookups.xml4
6 files changed, 55 insertions, 10 deletions
diff --git a/docs/Samba-Guide/Chap07-2000UserNetwork.xml b/docs/Samba-Guide/Chap07-2000UserNetwork.xml
index fbcf10e02f..e523751c27 100644
--- a/docs/Samba-Guide/Chap07-2000UserNetwork.xml
+++ b/docs/Samba-Guide/Chap07-2000UserNetwork.xml
@@ -899,6 +899,31 @@ passdb backend = ldapsam:ldap://master.abmas.biz \
matches the content of <link linkend="ch7-LDAP-master"/>.
</para></step>
+ <step><para>
+ Create a file called <filename>admin-accts.ldif</filename> with the following contents:
+<screen>
+dn: cn=updateuser,dc=abmas,dc=biz
+objectClass: person
+cn: updateuser
+sn: updateuser
+userpaddword: not24get
+
+dn: cn=sambaadmin,dc=abmas,dc=biz
+objectClass: person
+cn: sambaadmin
+sn: sambaadmin
+userpaddword: buttercup
+</screen>
+ </para></step>
+
+ <step><para>
+ Add an account called <quote>updateuser</quote> to the master LDAP server
+ as shown here:
+<screen>
+&rootprompt; slapadd -v -l admin-accts.ldif
+</screen>
+ <para></step>
+
<step><para><indexterm>
<primary>LDIF</primary>
</indexterm><indexterm>
@@ -1112,7 +1137,6 @@ access to *
updatedn cn=updateuser,dc=abmas,dc=biz
updateref ldap://massive.abmas.biz
-replogfile /var/lib/ldap/replogfile
directory /var/lib/ldap
diff --git a/docs/Samba-HOWTO-Collection/Group-Mapping.xml b/docs/Samba-HOWTO-Collection/Group-Mapping.xml
index eb8a68aa13..278886092f 100644
--- a/docs/Samba-HOWTO-Collection/Group-Mapping.xml
+++ b/docs/Samba-HOWTO-Collection/Group-Mapping.xml
@@ -477,8 +477,14 @@ Domain Guests (S-1-5-21-2547222302-1596225915-2414751004-514) -> domguest
<title>Sample &smb.conf; Add Group Script</title>
<para>
+ <indexterm><primary>smbgrpadd.sh</primary></indexterm>
+ <indexterm><primary>groupadd limitations</primary></indexterm>
A script to create complying group names for use by the Samba group interfaces
- is provided in <link linkend="smbgrpadd.sh">smbgrpadd.sh</link>.
+ is provided in <link linkend="smbgrpadd.sh">smbgrpadd.sh</link>. This script will
+ add a temporary entry in the <filename>/etc/group</filename> file and then rename
+ it to to the desired name. This is an example of a method to get around operating
+ system maintenance tool limititations such as that present in some version of the
+ <command>groupadd</command> tool.
</para>
<indexterm><primary>smbgrpadd.sh</primary></indexterm>
diff --git a/docs/Samba-HOWTO-Collection/ServerType.xml b/docs/Samba-HOWTO-Collection/ServerType.xml
index 8efebcb6c9..042303a337 100644
--- a/docs/Samba-HOWTO-Collection/ServerType.xml
+++ b/docs/Samba-HOWTO-Collection/ServerType.xml
@@ -260,11 +260,6 @@ The &smb.conf; parameter that sets Share Level security is:
<smbconfoption><name>security</name><value>share</value></smbconfoption>
</smbconfblock></para>
-<para>
-There are reports that recent MS Windows clients do not like to work
-with share mode security servers. You are strongly discouraged from using Share Level security.
-</para>
-
</sect3>
</sect2>
diff --git a/docs/smbdotconf/logon/logonpath.xml b/docs/smbdotconf/logon/logonpath.xml
index b7c53b7011..4cd04055c5 100644
--- a/docs/smbdotconf/logon/logonpath.xml
+++ b/docs/smbdotconf/logon/logonpath.xml
@@ -40,6 +40,10 @@
<para>This option takes the standard substitutions, allowing
you to have separate logon scripts for each user or machine.</para>
+ <para>
+ Do not quote the value. Setting this as <quote>\\%N\profile\%U</quote>
+ will break profile handling.
+
<para>Note that this option is only useful if Samba is set up
as a logon server.</para>
</description>
diff --git a/docs/smbdotconf/security/encryptpasswords.xml b/docs/smbdotconf/security/encryptpasswords.xml
index 70ee97ee0a..7c7ef2fcfe 100644
--- a/docs/smbdotconf/security/encryptpasswords.xml
+++ b/docs/smbdotconf/security/encryptpasswords.xml
@@ -8,7 +8,23 @@
will be negotiated with the client. Note that Windows NT 4.0 SP3 and
above and also Windows 98 will by default expect encrypted passwords
unless a registry entry is changed. To use encrypted passwords in
- Samba see the chapter "User Database" in the Samba HOWTO Collection. </para>
+ Samba see the chapter "User Database" in the Samba HOWTO Collection.
+ </para>
+
+ <para>
+ MS Windows clients that expect Microsoft encrypted passwords and that
+ do not have plain text password support enabled will be able to
+ connect only to a Samba server that has encypted password support
+ enabled and for which the user accounts have a valid encrypted password.
+ Refer to the smbpasswd command man page for information regarding the
+ creation of encrypted passwords for user accounts.
+ </para>
+
+ <para>
+ The use of plain text passwords is NOT advised as support for this feature
+ is no longer maintained in Microsoft Windows products. If you want to use
+ plain text passwords you must set this parameter to no.
+ </para>
<para>In order for encrypted passwords to work correctly
<citerefentry><refentrytitle>smbd</refentrytitle>
diff --git a/docs/smbdotconf/tuning/hostnamelookups.xml b/docs/smbdotconf/tuning/hostnamelookups.xml
index 20fd98ce30..890d25e4d9 100644
--- a/docs/smbdotconf/tuning/hostnamelookups.xml
+++ b/docs/smbdotconf/tuning/hostnamelookups.xml
@@ -11,6 +11,6 @@
</para>
</description>
-<value type="default">yes</value>
-<value type="example">no</value>
+<value type="default">no</value>
+<value type="example">yes</value>
</samba:parameter>