From 8f8a9f01909ba29e2b781310baeeaaddc3f15f0d Mon Sep 17 00:00:00 2001
From: "Gerald W. Carter" <jerry@samba.org>
Date: Tue, 22 Apr 2008 10:09:40 -0500
Subject: Moving docs tree to docs-xml to make room for generated docs in the
 release tarball. (This used to be commit
 9f672c26d63955f613088489c6efbdc08b5b2d14)

---
 docs-xml/smbdotconf/security/passwdchat.xml | 60 +++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)
 create mode 100644 docs-xml/smbdotconf/security/passwdchat.xml

(limited to 'docs-xml/smbdotconf/security/passwdchat.xml')

diff --git a/docs-xml/smbdotconf/security/passwdchat.xml b/docs-xml/smbdotconf/security/passwdchat.xml
new file mode 100644
index 0000000000..da18142dfa
--- /dev/null
+++ b/docs-xml/smbdotconf/security/passwdchat.xml
@@ -0,0 +1,60 @@
+<samba:parameter name="passwd chat"
+                 context="G"
+		 type="string"
+                 advanced="1" developer="1"
+                 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+    <para>This string controls the <emphasis>&quot;chat&quot;</emphasis> 
+    conversation that takes places between <citerefentry><refentrytitle>smbd</refentrytitle>
+    <manvolnum>8</manvolnum></citerefentry> and the local password changing
+    program to change the user's password. The string describes a 
+    sequence of response-receive pairs that <citerefentry><refentrytitle>smbd</refentrytitle>
+    <manvolnum>8</manvolnum></citerefentry> uses to determine what to send to the 
+    <smbconfoption name="passwd program"/> and what to expect back. If the expected output is not 
+    received then the password is not changed.</para>
+
+    <para>This chat sequence is often quite site specific, depending 
+    on what local methods are used for password control (such as NIS 
+    etc).</para>
+
+    <para>Note that this parameter only is only used if the <smbconfoption
+    name="unix password sync"/> parameter is set  to <constant>yes</constant>. This sequence is 
+    then called <emphasis>AS ROOT</emphasis> when the SMB password  in the 
+    smbpasswd file is being changed, without access to the old password
+    cleartext. This means that root must be able to reset the user's password without
+    knowing the text of the previous password. In the presence of
+    NIS/YP,  this means that the <smbconfoption name="passwd program"/> must
+    be executed on the NIS master.
+    </para>
+
+    <para>The string can contain the macro <parameter
+    moreinfo="none">%n</parameter> which is substituted 
+    for the new password.  The old passsword (<parameter 
+    moreinfo="none">%o</parameter>) is only available when
+    <smbconfoption name="encrypt passwords"/> has been disabled.
+    The chat sequence can also contain the standard macros 
+    \n, \r, \t and \s to give line-feed, carriage-return, tab 
+    and space.  The chat sequence string can also contain 
+    a '*' which matches any sequence of characters. Double quotes can 
+    be used to collect strings with spaces in them into a single 
+    string.</para>
+
+    <para>If the send string in any part of the chat sequence  is a full
+    stop &quot;.&quot;,  then no string is sent. Similarly,  if the
+    expect string is a full stop then no string is expected.</para>
+
+    <para>If the <smbconfoption name="pam password change"/> parameter is set to <constant>yes</constant>, the
+	chat pairs may be matched in any order, and success is determined by the PAM result, not any particular
+	output. The \n macro is ignored for PAM conversions.
+    </para>
+
+</description>
+
+<related>unix password sync</related>
+<related>passwd program</related>
+<related>passwd chat debug</related>
+<related>pam password change</related>
+
+<value type="default">*new*password* %n\n*new*password* %n\n *changed*</value>
+<value type="example">&quot;*Enter NEW password*&quot; %n\n &quot;*Reenter NEW password*&quot; %n\n &quot;*Password changed*&quot;</value>
+</samba:parameter>
-- 
cgit