summaryrefslogtreecommitdiff
path: root/docs-xml/smbdotconf/security
AgeCommit message (Collapse)AuthorFilesLines
2013-09-17docs: point out side-effects of global "valid users" setting.Günther Deschner1-0/+10
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Tue Sep 17 16:20:16 CEST 2013 on sn-devel-104
2013-06-11auth: Remove "password level"Andrew Bartlett1-48/+0
We now only lowercase the password, we do not attempt to find another case combination that the password might be in. This option is already depricated, so it is now time to remove it. Andrew Bartlett Reviewed-by: Simo Sorce <idra@samba.org>
2013-02-20ntdb: switch between secrets.tdb and secrets.ntdb depending on 'use ntdb'Rusty Russell2-3/+3
Since we open with dbwrap, it auto-converts old tdbs (which it will rename to secrets.tdb.bak once it's done). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Rusty Russell <rusty@rustcorp.com.au> Autobuild-Date(master): Wed Feb 20 07:09:19 CET 2013 on sn-devel-104
2013-02-14docs: fix typo in serverrole.xmlSamba-JP oota1-1/+1
Reviewed-by: David Disseldorp <ddiss@samba.org> Autobuild-User(master): David Disseldorp <ddiss@samba.org> Autobuild-Date(master): Thu Feb 14 18:43:57 CET 2013 on sn-devel-104
2012-12-05Documentation fixes for bug #9462 - Users can not be given write permissions ↵Jeremy Allison8-36/+4
any more by default Ensure we don't apply the masks + force modes on security setting changes, only on create. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
2012-10-19smb.conf(5): Mark four removed parameters as such.Jelmer Vernooij4-2/+6
2012-10-19smb.conf(5): Fix mixing of tabs and spaces.Jelmer Vernooij3-4/+4
2012-10-18smb.conf(5): Add basic documentation for 'tls dh params file'.Jelmer Vernooij1-0/+18
2012-10-18smb.conf(5): Add basic documentation for 'tls enabled'.Jelmer Vernooij1-0/+11
2012-10-18smb.conf(5): Add basic documentation for 'tls crlfile'.Jelmer Vernooij1-0/+17
2012-10-18smb.conf(5): Add basic documentation for 'tls certfile'.Jelmer Vernooij1-0/+17
2012-10-18smb.conf(5): Add basic documentation for 'tls keyfile'.Jelmer Vernooij2-2/+18
2012-10-18smb.conf(5): Add basic documentation for 'tls cafile'.Jelmer Vernooij1-0/+20
2012-10-18smb.conf(5): Add basic documentation for 'log nt token command'.Jelmer Vernooij1-0/+14
2012-10-18smb.conf(5): Add basic documentation for 'ntp signd socket directory'.Jelmer Vernooij1-0/+17
2012-10-18smb.conf(5): Add basic documentation for 'samba kcc command'.Jelmer Vernooij1-0/+19
2012-10-08docs: fix opening and ending tag mismatch: paraBjörn Baumbach1-4/+4
in forcedirectorysecuritymode.xml.
2012-10-08docs: fix opening and ending tag mismatch: paraBjörn Baumbach1-4/+4
in directorysecuritymask.xml.
2012-10-04Remove the parameters:Jeremy Allison8-133/+33
security mask force security mode directory security mask force directory security mode and update the docs.
2012-10-03Correct fix for bug #9222 - smbd ignores the "server signing = no" setting ↵Jeremy Allison1-6/+11
for SMB2. Signing cannot be disabled for SMB2 by design, so fix the documentation instead. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Oct 3 23:47:23 CEST 2012 on sn-devel-104
2012-09-27smb.conf(5): Consistent spelling of parameter names.Jelmer Vernooij1-1/+1
This includes spacing and casing. Conflicts: source4/scripting/python/samba/tests/docs.py
2012-09-26smb.conf(5): Add basic documentation for 'kpasswd port'.Jelmer Vernooij1-0/+12
2012-09-26smb.conf(5): Add basic documentation for 'krb5 port'.Jelmer Vernooij1-0/+11
2012-09-26smb.conf(5): 'write ok' is a reverse synonym for 'read only'.Jelmer Vernooij1-0/+1
2012-09-04docs: Remove references to security=share and security=server from the ↵Andrew Bartlett8-83/+12
smb.conf docs
2012-07-03doc: Remove all references to 'printer admin' option.Andreas Schneider1-27/+0
2012-06-15docs: document new server role valuesAndrew Bartlett1-2/+24
2012-06-11s3/doc: some spelling fixesBjörn Jacke5-6/+6
Thanks to Frans Luteijn <f.a.g.luteijn at knoware.nl> for providing the fixes! Autobuild-User(master): Björn Jacke <bj@sernet.de> Autobuild-Date(master): Mon Jun 11 23:16:26 CEST 2012 on sn-devel-104
2012-05-15docs-xml: remove documentation of "SECURITY = SERVER"Stefan Metzmacher1-32/+0
metze
2012-05-11s3-loadparm: Add synonym "private directory".Karolin Seeger1-0/+1
Karolin Autobuild-User: Karolin Seeger <kseeger@samba.org> Autobuild-Date: Fri May 11 13:04:03 CEST 2012 on sn-devel-104
2012-03-04s3-auth: Remove security=share (depricated since 3.6).Andrew Bartlett4-169/+16
This patch removes security=share, which Samba implemented by matching the per-share password provided by the client in the Tree Connect with a selection of usernames supplied by the client, the smb.conf or guessed from the environment. The rationale for the removal is that for the bulk of security=share users, we just we need a very simple way to run a 'trust the network' Samba server, where users mark shares as guest ok. This is still supported, and the smb.conf options are documented at https://wiki.samba.org/index.php/Public_Samba_Server At the same time, this closes the door on one of the most arcane areas of Samba authentication. Naturally, full user-name/password authentication remain available in security=user and above. This includes documentation updates for username and only user, which now only do a small amount of what they used to do. Andrew Bartlett -------------- / \ / REST \ / IN \ / PEACE \ / \ | SEC_SHARE | | security=share | | | | | | 5 March | | | | 2012 | *| * * * | * _________)/\\_//(\/(/\)/\//\/\///|_)_______
2012-02-16docs-xml: remove docs for "send spnego principal"Stefan Metzmacher1-28/+0
metze
2011-11-17docs: Add documentation for server roleAndrew Bartlett2-1/+75
2011-06-01s3-param Make lp_passwordserver() const.Andrew Bartlett1-8/+0
This means that it no longer takes % substituations, and so the documentation for this behaviour is removed from the smb.conf manpage. (This mode is only useful in security=server, which is already marked as deprecated in 3.6). Andrew Bartlett
2011-05-25docs: Rewrite 'password server' documentationAndrew Bartlett1-52/+54
I think this new version is more clear. Andrew Bartlett
2011-05-25docs: Clarify the 'security=server' fails for NTLMv2Andrew Bartlett1-0/+3
2011-05-13s3-param Deprecate a number of security parameters for 3.6Andrew Bartlett3-78/+68
This follows up on the agreement on the samba-technical list in Jan 2011 to deprecate these options, and to possibly remove these in the 4.0 release after user feedback. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Fri May 13 19:51:41 CEST 2011 on sn-devel-104
2010-12-10s3-docs Add docs for 'client use spnego principal' and 'send spengo principal'Andrew Bartlett2-0/+56
Andrew Bartlett
2010-12-10s3-docs Explain change to NTLMv2 by default in the clientAndrew Bartlett1-6/+7
2010-11-22s3: Fix some typosVolker Lendecke1-1/+1
2010-08-16s3-auth: Remove docs about obsolete 'update encrypted' option.Andreas Schneider1-34/+0
2010-07-19s3-docs: Add more verbose description of "username map cache time".Volker Lendecke1-7/+16
2010-04-13s3: Cache the username map in gencacheVolker Lendecke1-0/+18
This is for uses with a heavy-weight username map script
2009-11-06Fix bug 6865 - acl_xattr module: Has dependency that inherit acls = yes or ↵Jeremy Allison1-0/+5
xattrs are removed. Jeremy.
2009-10-26s3:docs: Public is not a synonym for access based shareenum.Karolin Seeger1-1/+0
Fix build warning. Karolin
2009-10-03s3:doc: add some detail about lanman auth parameterBjörn Jacke1-0/+7
add interesting detail: lm passwords will be removed from databaѕe with lanman auth = no
2009-06-30s3 docs: Add documentation for 'kerberos method' and 'dedicated keytab file' ↵Tim Prouty2-0/+54
parameters
2009-06-19s3/docs: Fix typo.Karolin Seeger1-1/+1
This fixes bug #6412. Thanks to Carsten Dumke <carsten [at] cdumke.de> for reporting! Karolin
2009-05-27s3: update manpage as to the new passdb backend defaultBjörn Jacke1-3/+5
2009-05-26s3/docs Add manpage for "map untrusted to domain" parameterSteven Danneman1-0/+33
This fixes bug 6352.