From ad0e01e75059bedde6400529f1a5193ef9735e9b Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 25 Oct 2002 15:15:32 +0000 Subject: sync from HEAD (This used to be commit 2eb7f0acd761a11bb0f24010347247074c5ed49a) --- docs/docbook/manpages/findsmb.1.sgml | 2 +- docs/docbook/manpages/make_smbcodepage.1.sgml | 197 ------------- docs/docbook/manpages/make_unicodemap.1.sgml | 172 ----------- docs/docbook/manpages/net.8.sgml | 287 +++++++++++++++++- docs/docbook/manpages/nmbd.8.sgml | 4 +- docs/docbook/manpages/nmblookup.1.sgml | 12 +- docs/docbook/manpages/pdbedit.8.sgml | 32 ++ docs/docbook/manpages/smb.conf.5.sgml | 403 ++++++++++++-------------- docs/docbook/manpages/smbpasswd.5.sgml | 2 +- docs/docbook/manpages/winbindd.8.sgml | 31 +- 10 files changed, 551 insertions(+), 591 deletions(-) delete mode 100644 docs/docbook/manpages/make_smbcodepage.1.sgml delete mode 100644 docs/docbook/manpages/make_unicodemap.1.sgml (limited to 'docs/docbook/manpages') diff --git a/docs/docbook/manpages/findsmb.1.sgml b/docs/docbook/manpages/findsmb.1.sgml index 7b2371fdb7..fb953b9f25 100644 --- a/docs/docbook/manpages/findsmb.1.sgml +++ b/docs/docbook/manpages/findsmb.1.sgml @@ -98,7 +98,7 @@ IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION VERSION - This man page is correct for version 2.2 of + This man page is correct for version 3.0 of the Samba suite. diff --git a/docs/docbook/manpages/make_smbcodepage.1.sgml b/docs/docbook/manpages/make_smbcodepage.1.sgml deleted file mode 100644 index 774b3d8f8b..0000000000 --- a/docs/docbook/manpages/make_smbcodepage.1.sgml +++ /dev/null @@ -1,197 +0,0 @@ - - - - - make_smbcodepage - 1 - - - - - make_smbcodepage - construct a codepage file for Samba - - - - - make_smbcodepage - c|d - codepage - inputfile - outputfile - - - - - DESCRIPTION - - This tool is part of the - Samba suite. - - make_smbcodepage compiles or de-compiles - codepage files for use with the internationalization features - of Samba 2.2 - - - - - - OPTIONS - - - - c|d - This tells make_smbcodepage - if it is compiling (c) a text format code - page file to binary, or (d) de-compiling - a binary codepage file to text. - - - - codepage - This is the codepage we are processing (a - number, e.g. 850). - - - - - inputfile - This is the input file to process. In - the c case, this will be a text - codepage definition file such as the ones found in the Samba - source/codepages directory. In - the d case, this will be the - binary format codepage definition file normally found in - the lib/codepages directory in the - Samba install directory path. - - - - - outputfile - This is the output file to produce. - - - - - - Samba Codepage Files - - A text Samba codepage definition file is a description - that tells Samba how to map from upper to lower case for - characters greater than ascii 127 in the specified DOS code page. - Note that for certain DOS codepages (437 for example) mapping - from lower to upper case may be non-symmetrical. For example, in - code page 437 lower case a acute maps to a plain upper case A - when going from lower to upper case, but plain upper case A maps - to plain lower case a when lower casing a character. - - A binary Samba codepage definition file is a binary - representation of the same information, including a value that - specifies what codepage this file is describing. - - As Samba does not yet use UNICODE (current for Samba version 2.2) - you must specify the client code page that your DOS and Windows - clients are using if you wish to have case insensitivity done - correctly for your particular language. The default codepage Samba - uses is 850 (Western European). Text codepage definition sample files - are provided in the Samba distribution for codepages 437 (USA), 737 (Greek), - 850 (Western European) 852 (MS-DOS Latin 2), 861 (Icelandic), 866 (Cyrillic), - 932 (Kanji SJIS), 936 (Simplified Chinese), 949 (Hangul) and 950 (Traditional - Chinese). Users are encouraged to write text codepage definition files for - their own code pages and donate them to samba@samba.org. All codepage files - in the Samba source/codepages directory are - compiled and installed when a 'make install' - command is issued there. - - The client codepage used by the smbd server - is configured using the client code page parameter - in the smb.conf file. - - - - - Files - - codepage_def.<codepage> - - These are the input (text) codepage files provided in the - Samba source/codepages directory. - - A text codepage definition file consists of multiple lines - containing four fields. These fields are: - - - lower: which is the - (hex) lower case character mapped on this line. - - - upper: which is the (hex) - upper case character that the lower case character will map to. - - - map upper to lower which - is a boolean value (put either True or False here) which tells - Samba if it is to map the given upper case character to the - given lower case character when lower casing a filename. - - - map lower to upper which - is a boolean value (put either True or False here) which tells - Samba if it is to map the given lower case character to the - given upper case character when upper casing a filename. - - - - - codepage.<codepage> - These are the - output (binary) codepage files produced and placed in the Samba - destination lib/codepage directory. - - - - Installation - - The location of the server and its support files is a - matter for individual system administrators. The following are - thus suggestions only. - - It is recommended that the make_smbcodepage - program be installed under the /usr/local/samba - hierarchy, in a directory readable by all, writeable - only by root. The program itself should be executable by all. The - program should NOT be setuid or setgid! - - - - VERSION - - This man page is correct for version 2.2 of - the Samba suite. - - - - SEE ALSO - smbd(8), - smb.conf(5) - - - - - AUTHOR - - The original Samba software and related utilities - were created by Andrew Tridgell. Samba is now developed - by the Samba Team as an Open Source project similar - to the way the Linux kernel is developed. - - The original Samba man pages were written by Karl Auer. - The man page sources were converted to YODL format (another - excellent piece of Open Source software, available at - - ftp://ftp.icce.rug.nl/pub/unix/) and updated for the Samba 2.0 - release by Jeremy Allison. The conversion to DocBook for - Samba 2.2 was done by Gerald Carter - - - diff --git a/docs/docbook/manpages/make_unicodemap.1.sgml b/docs/docbook/manpages/make_unicodemap.1.sgml deleted file mode 100644 index 5e7292341b..0000000000 --- a/docs/docbook/manpages/make_unicodemap.1.sgml +++ /dev/null @@ -1,172 +0,0 @@ - - - - - make_unicodemap - 1 - - - - - make_unicodemap - construct a unicode map file for Samba - - - - - make_unicodemap - codepage - inputfile - outputfile - - - - - - - DESCRIPTION - - - This tool is part of the Samba - suite. - - - - make_unicodemap compiles text unicode map - files into binary unicode map files for use with the - internationalization features of Samba 2.2. - - - - - - - OPTIONS - - - - codepage - This is the codepage or UNIX character - set we are processing (a number, e.g. 850). - - - - - inputfile - This is the input file to process. This is a - text unicode map file such as the ones found in the Samba - source/codepages directory. - - - - - outputfile - This is the binary output file to produce. - - - - - - - - Samba Unicode Map Files - - - A text Samba unicode map file is a description that tells Samba - how to map characters from a specified DOS code page or UNIX character - set to 16 bit unicode. - - - A binary Samba unicode map file is a binary representation - of the same information, including a value that specifies what - codepage or UNIX character set this file is describing. - - - - - Files - - CP<codepage>.TXT - - - These are the input (text) unicode map files provided - in the Samba source/codepages - directory. - - - - A text unicode map file consists of multiple lines - containing two fields. These fields are : - - - - character - which is - the (hex) character mapped on this line. - - - unicode - which - is the (hex) 16 bit unicode character that the character - will map to. - - - - - unicode_map.<codepage> - These are - the output (binary) unicode map files produced and placed in - the Samba destination lib/codepage - directory. - - - - - - Installation - - - The location of the server and its support files is a matter - for individual system administrators. The following are thus - suggestions only. - - - - It is recommended that the make_unicodemap - program be installed under the - $prefix/samba hierarchy, - in a directory readable by all, writeable only by root. The - program itself should be executable by all. The program - should NOT be setuid or setgid! - - - - - VERSION - - This man page is correct for version 2.2 of - the Samba suite. - - - - SEE ALSO - smbd(8), - smb.conf(5) - - - - - AUTHOR - - The original Samba software and related utilities - were created by Andrew Tridgell. Samba is now developed - by the Samba Team as an Open Source project similar - to the way the Linux kernel is developed. - - The original Samba man pages were written by Karl Auer. - The man page sources were converted to YODL format (another - excellent piece of Open Source software, available at - - ftp://ftp.icce.rug.nl/pub/unix/) and updated for the Samba 2.0 - release by Jeremy Allison. The conversion to DocBook for - Samba 2.2 was done by Gerald Carter - - - diff --git a/docs/docbook/manpages/net.8.sgml b/docs/docbook/manpages/net.8.sgml index 5b822ccfe6..aab9032f14 100644 --- a/docs/docbook/manpages/net.8.sgml +++ b/docs/docbook/manpages/net.8.sgml @@ -17,6 +17,25 @@ net <ads|rap|rpc> + -h + -w workgroup + -W myworkgroup + -U user + -I ip-address + -p port + -n myname + -s conffile + -S server + -C comment + -M maxusers + -F flags + -j jobid + -l + -r + -f + -t timeout + -P + -D debuglevel @@ -26,23 +45,283 @@ This tool is part of the Samba suite. - + The samba net utility is meant to work just like the net utility + available for windows and DOS. + OPTIONS - + + + -h + + Display summary of all available options. + + + + + + -w target-workgroup + + Sets target workgroup or domain. You have to specify either this option or the IP address or the name of a server. + + + + + -W workgroup + + Sets client workgroup or domain + + + + + -U user + + User name to use + + + + + -I ip-address + + IP address of target server to use. You have to specify either this option or a target workgroup or a target server. + + + + + -p port + + Port on the target server to connect to. + + + + + -n myname + + Sets name of the client. + + + + + -s conffile + + Specify alternative configuration file that should be loaded. + + + + + -S server + + Name of target server. You should specify either this option or a target workgroup or a target IP address. + + + + + -C comment + + FIXME + + + + + -M maxusers + + FIXME + + + + + -F flags + + FIXME + + + + + -j jobid + + FIXME + + + + + -l + + FIXME + + + + + -r + + FIXME + + + + + -f + + FIXME + + + + + -t timeout + + FIXME + + + + + -P + + Make queries to the external server using the machine account of the local server. + + + + -D debuglevel + set the debuglevel. Debug level 0 is the lowest + and 100 being the highest. This should be set to 100 if you are + planning on submitting a bug report to the Samba team (see + BUGS.txt). + + + - COMMANDS + TIME + + The NET TIME command allows you to view the time on a remote server + or synchronise the time on the local server with the time on the remote server. + + + + + + Without any options, the NET TIME command + displays the time on the remote server. + + + + + SYSTEM + + Displays the time on the remote server in a format ready for /bin/date + + + + + SET + + Tries to set the date and time of the local server to that on + the remote server using /bin/date. + + + + + ZONE + + Displays the timezone in hours from GMT on the remote computer. + + + + + + + RPC + + The NET RPC command allows you to do various + NT4 operations. + + + + JOIN -U username[%password] [options] + + Join a domain with specified username and password. Password + will be prompted if none is specified. + + + + + JOIN [options except -U] + + to join a domain created in server manager + + + + + USER [misc. options] [targets] + + List users + + + + + USER DELETE <name> [misc options] + + delete specified user + + + + + USER INFO <name> [misc options] + + list the domain groups of the specified user + + + + + USER ADD <name> [password] [-F user flags] [misc. options + + Add specified user + + + + + GROUP [misc options] [targets] + + List user groups + + + + + GROUP DELETE <name> [misc. options] [targets] + + Delete specified group + + + + + GROUP ADD <name> [-C comment] + + Create specified group + + + + SHARE [misc. options] [targets] + + enumerates all exported resources (network shares) on target server + + - + + SHARE ADD <name=serverpath> [misc. options] [targets] + + Adds a share from a server (makes the export active) + + + + SHARE DELETE <sharenam + + + diff --git a/docs/docbook/manpages/nmbd.8.sgml b/docs/docbook/manpages/nmbd.8.sgml index 2b8e066120..bd8bf964f1 100644 --- a/docs/docbook/manpages/nmbd.8.sgml +++ b/docs/docbook/manpages/nmbd.8.sgml @@ -1,3 +1,4 @@ +2Q @@ -20,7 +21,6 @@ -a -i -o - -P -h -V -d <debug level> @@ -39,7 +39,7 @@ nmbd is a server that understands and can reply to NetBIOS over IP name service requests, like those produced by SMB/CIFS clients such as Windows 95/98/ME, - Windows NT, Windows 2000, and LanManager clients. It also + Windows NT, Windows 2000, Windows XP and LanManager clients. It also participates in the browsing protocols which make up the Windows "Network Neighborhood" view. diff --git a/docs/docbook/manpages/nmblookup.1.sgml b/docs/docbook/manpages/nmblookup.1.sgml index 67efac5634..33ae631ed9 100644 --- a/docs/docbook/manpages/nmblookup.1.sgml +++ b/docs/docbook/manpages/nmblookup.1.sgml @@ -28,6 +28,7 @@ -s <smb config file> -i <NetBIOS scope> -T + -f name @@ -182,6 +183,15 @@ pair that is the normal output. + + -f + + Show which flags apply to the name that has been looked up. Possible + answers are zero or more of: Response, Authoritative, + Truncated, Recursion_Desired, Recursion_Available, Broadcast. + + + name @@ -217,7 +227,7 @@ VERSION - This man page is correct for version 2.2 of + This man page is correct for version 3.0 of the Samba suite. diff --git a/docs/docbook/manpages/pdbedit.8.sgml b/docs/docbook/manpages/pdbedit.8.sgml index 45ccbaee64..fd8ce375e5 100644 --- a/docs/docbook/manpages/pdbedit.8.sgml +++ b/docs/docbook/manpages/pdbedit.8.sgml @@ -31,6 +31,8 @@ -e passdb-backend -b passdb-backend -D debuglevel + -P account-policy + -V value @@ -268,6 +270,36 @@ Example: pdbedit -b xml:/root/pdb-backup.xml -l + + + -P account-policy + Display an account policy + Valid policies are: minimum password age, reset count minutes, disconnect time, + user must logon to change password, password history, lockout duration, min password length, + maximum password age and bad lockout attempt. + + Example: pdbedit -P "bad lockout attempt" + + account policy value for bad lockout attempt is 0 + + + + + + + -V account-policy-value + Sets an account policy to a specified value. + This option may only be used in conjunction + with the -P option. + + Example: pdbedit -P "bad lockout attempt" -V 3 + + account policy value for bad lockout attempt was 0 + account policy value for bad lockout attempt is now 3 + + + + diff --git a/docs/docbook/manpages/smb.conf.5.sgml b/docs/docbook/manpages/smb.conf.5.sgml index c0893f1005..a1f767185c 100644 --- a/docs/docbook/manpages/smb.conf.5.sgml +++ b/docs/docbook/manpages/smb.conf.5.sgml @@ -109,7 +109,7 @@ [foo] path = /home/bar - writeable = true + read only = no @@ -124,9 +124,9 @@ [aprinter] path = /usr/spool/public - writeable = false - printable = true - guest ok = true + read only = yes + printable = yes + guest ok = yes @@ -195,7 +195,7 @@ [homes] - writeable = yes + read only = no @@ -333,29 +333,6 @@ might be relevant. These are: - - %S - the name of the current service, if any. - - - - - %P - the root directory of the current service, - if any. - - - - %u - user name of the current service, if any. - - - - - %g - primary group name of %u. - - %U session user name (the user name that the client @@ -367,17 +344,6 @@ primary group name of %U. - - %H - the home directory of the user given - by %u. - - - - %v - the Samba version. - - %h the Internet hostname that Samba is running @@ -408,22 +374,6 @@ - - %N - the name of your NIS home directory server. - This is obtained from your NIS auto.map entry. If you have - not compiled Samba with the --with-automount - option then this value will be the same as %L. - - - - - %p - the path of the service's home directory, - obtained from your NIS auto.map entry. The NIS auto.map entry - is split up as "%N:%p". - - %R the selected protocol level after @@ -458,6 +408,11 @@ %T the current date and time. + + + %D + Name of the domain or workgroup of the current user. + %$(envvar) @@ -466,6 +421,56 @@ + The following substitutes apply only to some configuration options(only those + that are used when a connection has been established): + + + + %S + the name of the current service, if any. + + + + + %P + the root directory of the current service, + if any. + + + + %u + user name of the current service, if any. + + + + + %g + primary group name of %u. + + + + %H + the home directory of the user given + by %u. + + + + %N + the name of your NIS home directory server. + This is obtained from your NIS auto.map entry. If you have + not compiled Samba with the --with-automount + option then this value will be the same as %L. + + + + + %p + the path of the service's home directory, + obtained from your NIS auto.map entry. The NIS auto.map entry + is split up as "%N:%p". + + + There are some quite creative things that can be done with these substitutions and other smb.conf options. @@ -528,7 +533,7 @@ - By default, Samba 2.2 has the same semantics as a Windows + By default, Samba 3.0 has the same semantics as a Windows NT server, in that it is case insensitive but case preserving. @@ -630,8 +635,6 @@ disable spoolss display charset dns proxy - domain admin group - domain guest group domain logons domain master dos charset @@ -642,6 +645,7 @@ hide local users hide unreadable hide unwriteable files + hide special files homedir map host msdfs hostname lookups @@ -763,6 +767,7 @@ update encrypted use mmap use rhosts + use sendfile username level username map utmp @@ -897,7 +902,6 @@ set directory share modes short preserve case - status strict allocate strict locking strict sync @@ -1394,12 +1398,12 @@ request has a time limit associated with it. If this parameter is set and the lock range requested - cannot be immediately satisfied, Samba 2.2 will internally + cannot be immediately satisfied, samba will internally queue the lock request, and periodically attempt to obtain the lock until the timeout period expires. - If this parameter is set to false, then - Samba 2.2 will behave as previous versions of Samba would and + If this parameter is set to no, then + samba will behave as previous versions of Samba would and will fail the lock request immediately if the lock range cannot be obtained. @@ -1447,7 +1451,7 @@ This controls whether smbd(8) will serve a browse list to a client doing a NetServerEnum call. Normally - set to true. You should never need to change + set to yes. You should never need to change this. Default: browse list = yes @@ -1747,7 +1751,7 @@ debug timestamp (G) - Samba 2.2 debug log messages are timestamped + Samba debug log messages are timestamped by default. If you are running at a high debug level these timestamps can be distracting. This boolean parameter allows timestamping @@ -2031,11 +2035,11 @@ This option is used when Samba is attempting to delete a directory that contains one or more vetoed directories (see the veto files - option). If this option is set to false (the default) then if a vetoed + option). If this option is set to no (the default) then if a vetoed directory contains any non-vetoed files or directories then the directory delete will fail. This is usually what you want. - If this option is set to true, then Samba + If this option is set to yes, then Samba will attempt to recursively delete any files and directories within the vetoed directory. This can be useful for integration with file serving systems such as NetAtalk which create meta-files within @@ -2291,56 +2295,9 @@ - - - domain admin group (G) - This parameter is intended as a temporary solution - to enable users to be a member of the "Domain Admins" group when - a Samba host is acting as a PDC. A complete solution will be provided - by a system for mapping Windows NT/2000 groups onto UNIX groups. - Please note that this parameter has a somewhat confusing name. It - accepts a list of usernames and of group names in standard - smb.conf notation. - - - See also domain - guest group, domain - logons - - - Default: no domain administrators - Example: domain admin group = root @wheel - - - - - - - - domain guest group (G) - This parameter is intended as a temporary solution - to enable users to be a member of the "Domain Guests" group when - a Samba host is acting as a PDC. A complete solution will be provided - by a system for mapping Windows NT/2000 groups onto UNIX groups. - Please note that this parameter has a somewhat confusing name. It - accepts a list of usernames and of group names in standard - smb.conf notation. - - - See also domain - admin group, domain - logons - - - Default: no domain guests - Example: domain guest group = nobody @guest - - - - domain logons (G) - If set to true, the Samba server will serve + If set to yes, the Samba server will serve Windows 95/98 Domain logons for the workgroup it is in. Samba 2.2 also has limited capability to act as a domain controller for Windows @@ -2478,7 +2435,7 @@ default, Samba runs with POSIX semantics and refuses to change the timestamp on a file if the user smbd is acting on behalf of is not the file owner. Setting this option to - true allows DOS semantics and smbd will change the file + yes allows DOS semantics and smbd will change the file timestamp as DOS requires. Default: dos filetimes = no @@ -2870,7 +2827,7 @@ caching algorithm will be used to reduce the time taken for getwd() calls. This can have a significant impact on performance, especially when the wide links - parameter is set to false. + parameter is set to no. Default: getwd cache = yes @@ -3026,10 +2983,21 @@ + + hide special files (G) + This parameter prevents clients from seeing + special files such as sockets, devices and fifo's in directory + listings. + + + Default: hide special files = no + + + homedir map (G) Ifnis homedir - is true, and is yes, and smbd(8) is also acting as a Win95/98 logon server then this parameter specifies the NIS (or YP) map from which the server for the user's @@ -3603,7 +3571,7 @@ oplocks are supported then level2 oplocks are not granted (even if this parameter is set to yes). Note also, the oplocks - parameter must be set to true on this share in order for + parameter must be set to yes on this share in order for this parameter to have any effect. See also the oplocks @@ -3624,10 +3592,10 @@ nmbd(8) will produce Lanman announce broadcasts that are needed by OS/2 clients in order for them to see the Samba server in their browse list. This parameter can have three - values, true, false, or + values, yes, no, or auto. The default is auto. - If set to false Samba will never produce these - broadcasts. If set to true Samba will produce + If set to no Samba will never produce these + broadcasts. If set to yes Samba will produce Lanman announce broadcasts at a frequency set by the parameter lm interval. If set to auto Samba will not send Lanman announce broadcasts by default but will @@ -3682,15 +3650,15 @@ local master (G) This option allows nmbd(8) to try and become a local master browser - on a subnet. If set to false then + on a subnet. If set to no then nmbd will not attempt to become a local master browser on a subnet and will also lose in all browsing elections. By - default this value is set to true. Setting this value to true doesn't + default this value is set to yes. Setting this value to yes doesn't mean that Samba will become the local master browser on a subnet, just that nmbd will participate in elections for local master browser. - Setting this value to false will cause nmbd + Setting this value to no will cause nmbd never to become a local master browser. Default: local master = yes @@ -4324,10 +4292,21 @@ a better algorithm (generates less collisions) in the names. However, many Win32 applications store the mangled names and so changing to the new algorithm must not be done - lightly as these applications may break unless reinstalled. - New installations of Samba may set the default to hash2. - Default: mangling method = hash - Example: mangling method = hash2 + lightly as these applications may break unless reinstalled. + Default: mangling method = hash2 + Example: mangling method = hash + + + + + mangle prefix (G) + controls the number of prefix + characters from the original name used when generating + the mangled names. A larger value will give a weaker + hash and therefore more name collisions. The minimum + value is 1 and the maximum value is 6. + Default: mangle prefix = 1 + Example: mangle prefix = 4 @@ -5454,7 +5433,7 @@ if the expect string is a full stop then no string is expected. If the pam - password change parameter is set to true, the chat pairs + password change parameter is set to yes, the chat pairs may be matched in any order, and success is determined by the PAM result, not any particular output. The \n macro is ignored for PAM conversions. @@ -5516,7 +5495,7 @@ it. Note that if the unix - password sync parameter is set to true + password sync parameter is set to yes then this program is called AS ROOT before the SMB password in the smbpasswd(5) file is changed. If this UNIX password change fails, then @@ -5527,7 +5506,7 @@ is set this parameter MUST USE ABSOLUTE PATHS for ALL programs called, and must be examined for security implications. Note that by default unix - password sync is set to false. + password sync is set to no. See also unix password sync. @@ -5816,7 +5795,7 @@ url="nmbd.8.html">nmbd(8) is a preferred master browser for its workgroup. - If this is set to true, on startup, nmbd + If this is set to yes, on startup, nmbd will force an election, and it will have a slight advantage in winning the election. It is recommended that this parameter is used in conjunction with @@ -5849,7 +5828,7 @@ - preload + preload (G) This is a list of services that you want to be automatically added to the browse lists. This is most useful for homes and printers services that would otherwise not be @@ -5990,7 +5969,7 @@ Note that a printable service will ALWAYS allow writing to the service path (user privileges permitting) via the spooling - of print data. The writeable + of print data. The read only parameter controls only non-printing access to the resource. @@ -6356,7 +6335,7 @@ This is a list of users that are given read-only access to a service. If the connecting user is in this list then they will not be given write access, no matter what the writeable + linkend="READONLY">read only option is set to. The list can include group names using the syntax described in the invalid users parameter. @@ -6375,8 +6354,18 @@ read only (S) - Note that this is an inverted synonym for writeable. + An inverted synonym is + writeable. + + If this parameter is yes, then users + of a service may not create or modify files in the service's + directory. + + Note that a printable service (printable = yes) + will ALWAYS allow writing to the directory + (user privileges permitting), but only via spooling operations. + + Default: read only = yes @@ -6521,10 +6510,10 @@ restrict anonymous (G) - This is a boolean parameter. If it is true, then + This is a boolean parameter. If it is yes, then anonymous access to the server will be restricted, namely in the case where the server is expecting the client to send a username, - but it doesn't. Setting it to true will force these anonymous + but it doesn't. Setting it to yes will force these anonymous connections to be denied, and the client will be required to always supply a username and password when connecting. Use of this parameter is only recommended for homogeneous NT client environments. @@ -6534,7 +6523,7 @@ likes to use anonymous connections when refreshing the share list, and this is a way to work around that. - When restrict anonymous is true, all anonymous connections + When restrict anonymous is yes, all anonymous connections are denied no matter what they are for. This can effect the ability of a machine to access the Samba Primary Domain Controller to revalidate its machine account after someone else has logged on the client @@ -6838,7 +6827,7 @@ url="smbpasswd.8.html">smbpasswd(8) has been used to add this machine into a Windows NT Domain. It expects the encrypted passwords - parameter to be set to true. In this + parameter to be set to yes. In this mode Samba will try to validate the username/password by passing it to a Windows NT Primary or Backup Domain Controller, in exactly the same way that a Windows NT Server would do. @@ -7257,22 +7246,6 @@ - - status (G) - This enables or disables logging of connections - to a status file that smbstatus(1) - can read. - - With this disabled smbstatus won't be able - to tell you what connections are active. You should never need to - change this parameter. - - Default: status = yes - - - - - strict allocate (S) This is a boolean that controls the handling of @@ -7357,10 +7330,10 @@ sync always (S) This is a boolean parameter that controls whether writes will always be written to stable storage before - the write call returns. If this is false then the server will be + the write call returns. If this is no then the server will be guided by the client's request in each write call (clients can set a bit indicating that a particular write should be synchronous). - If this is true then every write will be followed by a fsync() + If this is yes then every write will be followed by a fsync() call to ensure the data is written to disk. Note that the strict sync parameter must be set to yes in order for this parameter to have @@ -7532,7 +7505,7 @@ This boolean parameter controls whether Samba attempts to synchronize the UNIX password with the SMB password when the encrypted SMB password in the smbpasswd file is changed. - If this is set to true the program specified in the passwd + If this is set to yes the program specified in the passwd programparameter is called AS ROOT - to allow the new UNIX password to be set without access to the old UNIX password (as the SMB password change code has no @@ -7622,7 +7595,7 @@ This global parameter determines if the tdb internals of Samba can depend on mmap working correctly on the running system. Samba requires a coherent mmap/read-write system memory cache. Currently only HPUX does not have such a - coherent cache, and so this parameter is set to false by + coherent cache, and so this parameter is set to no by default on HPUX. On all other systems this parameter should be left alone. This parameter is provided to help the Samba developers track down problems with the tdb internal code. @@ -7637,7 +7610,7 @@ use rhosts (G) - If this global parameter is true, it specifies + If this global parameter is yes, it specifies that the UNIX user's .rhosts file in their home directory will be read to find the names of hosts and users who will be allowed access without specifying a password. @@ -7786,28 +7759,28 @@ If any line begins with a '#' or a ';' then it is ignored - If any line begins with an '!' then the processing - will stop after that line if a mapping was done by the line. - Otherwise mapping continues with every line being processed. - Using '!' is most useful when you have a wildcard mapping line + If any line begins with an '!' then the processing + will stop after that line if a mapping was done by the line. + Otherwise mapping continues with every line being processed. + Using '!' is most useful when you have a wildcard mapping line later in the file. - - For example to map from the name admin + + For example to map from the name admin or administrator to the UNIX name root you would use: root = admin administrator - Or to map anyone in the UNIX group system + Or to map anyone in the UNIX group system to the UNIX name sys you would use: sys = @system - You can have as many mappings as you like in a username + You can have as many mappings as you like in a username map file. - - - If your system supports the NIS NETGROUP option then + + + If your system supports the NIS NETGROUP option then the netgroup database is checked before the /etc/group database for matching groups. @@ -7816,12 +7789,12 @@ tridge = "Andrew Tridgell" - would map the windows username "Andrew Tridgell" to the + would map the windows username "Andrew Tridgell" to the unix username "tridge". - The following example would map mary and fred to the - unix user sys, and map the rest to guest. Note the use of the - '!' to tell Samba to stop processing if it gets a match on + The following example would map mary and fred to the + unix user sys, and map the rest to guest. Note the use of the + '!' to tell Samba to stop processing if it gets a match on that line. @@ -7829,20 +7802,20 @@ guest = * - Note that the remapping is applied to all occurrences + Note that the remapping is applied to all occurrences of usernames. Thus if you connect to \\server\fred and - fred is remapped to mary then you - will actually be connecting to \\server\mary and will need to - supply a password suitable for mary not - fred. The only exception to this is the + fred is remapped to mary then you + will actually be connecting to \\server\mary and will need to + supply a password suitable for mary not + fred. The only exception to this is the username passed to the - password server (if you have one). The password - server will receive whatever username the client supplies without + password server (if you have one). The password + server will receive whatever username the client supplies without modification. - Also note that no reverse mapping is done. The main effect - this has is with printing. Users who have been mapped may have - trouble deleting print jobs as PrintManager under WfWg will think + Also note that no reverse mapping is done. The main effect + this has is with printing. Users who have been mapped may have + trouble deleting print jobs as PrintManager under WfWg will think they don't own the print job. Default: no username map @@ -7851,13 +7824,29 @@ + + + use sendfile (S) + If this parameter is yes, and Samba + was built with the --with-sendfile-support option, and the underlying operating + system supports sendfile system call, then some SMB read calls (mainly ReadAndX + and ReadRaw) will use the more efficient sendfile system call for files that + are exclusively oplocked. This may make more efficient use of the system CPU's + and cause Samba to be faster. This is off by default as it's effects are unknown + as yet. + + + Default: use sendfile = no + + + utmp (G) - This boolean parameter is only available if + This boolean parameter is only available if Samba has been configured and compiled with the option - --with-utmp. If set to true then Samba will attempt + --with-utmp. If set to yes then Samba will attempt to add utmp or utmpx records (depending on the UNIX system) whenever a connection is made to a Samba server. Sites may use this to record the user connecting to a Samba share. @@ -8109,7 +8098,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ getpwent() and endpwent() group of system calls. If the winbind enum users parameter is - false, calls to the getpwent system call + no, calls to the getpwent system call will not return any data. Warning: Turning off user @@ -8131,7 +8120,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ getgrent() and endgrent() group of system calls. If the winbind enum groups parameter is - false, calls to the getgrent() system + no, calls to the getgrent() system call will not return any data. Warning: Turning off group @@ -8199,7 +8188,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ winbind use default domain - winbind use default domain + winbind use default domain (G) This parameter specifies whether the winbindd(8) daemon should operate on users without domain component in their username. @@ -8207,9 +8196,9 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ own domain. While this does not benifit Windows users, it makes SSH, FTP and e-mail function in a way much closer to the way they would in a native unix system. - Default: winbind use default domain = <falseg> + Default: winbind use default domain = <no> - Example: winbind use default domain = true + Example: winbind use default domain = yes @@ -8304,9 +8293,9 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ wins support (G) This boolean controls if the nmbd(8) process in Samba will act as a WINS server. You should - not set this to true unless you have a multi-subnetted network and + not set this to yes unless you have a multi-subnetted network and you wish a particular nmbd to be your WINS server. - Note that you should NEVER set this to true + Note that you should NEVER set this to yes on more than one machine in your network. Default: wins support = no @@ -8377,7 +8366,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ This is a list of users that are given read-write access to a service. If the connecting user is in this list then they will be given write access, no matter what the writeable + linkend="READONLY">read only option is set to. The list can include group names using the @group syntax. @@ -8415,8 +8404,8 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ write ok (S) - Synonym for - writeable. + Inverted synonym for + read only. @@ -8436,18 +8425,8 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ writeable (S) - An inverted synonym is - read only. - - If this parameter is no, then users - of a service may not create or modify files in the service's - directory. - - Note that a printable service (printable = yes) - will ALWAYS allow writing to the directory - (user privileges permitting), but only via spooling operations. - - Default: writeable = no + Inverted synonym for + read only. @@ -8481,7 +8460,7 @@ veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ VERSION - This man page is correct for version 2.2 of + This man page is correct for version 3.0 of the Samba suite. diff --git a/docs/docbook/manpages/smbpasswd.5.sgml b/docs/docbook/manpages/smbpasswd.5.sgml index be75107819..5c80ac4c06 100644 --- a/docs/docbook/manpages/smbpasswd.5.sgml +++ b/docs/docbook/manpages/smbpasswd.5.sgml @@ -172,7 +172,7 @@ VERSION - This man page is correct for version 2.2 of + This man page is correct for version 3.0 of the Samba suite. diff --git a/docs/docbook/manpages/winbindd.8.sgml b/docs/docbook/manpages/winbindd.8.sgml index 32ea86b0d6..848f6ed3fa 100644 --- a/docs/docbook/manpages/winbindd.8.sgml +++ b/docs/docbook/manpages/winbindd.8.sgml @@ -17,8 +17,10 @@ winbindd -i + -B -d <debug level> -s <smb config file> + -n @@ -118,6 +120,33 @@ group: files winbind option is used by developers when interactive debugging of winbindd is required. + + + -n + Disable caching. This means winbindd will + always have to wait for a response from the domain controller + before it can respond to a client and this thus makes things + slower. The results will however be more accurate, since + results from the cache might not be up-to-date. This + might also temporarily hang winbindd if the DC doesn't respond. + + + + + -B + Dual daemon mode. This means winbindd will run + as 2 threads. The first will answer all requests from the cache, + thus making responses to clients faster. The other will + update the cache for the query that the first has just responded. + Advantage of this is that responses are accurate and fast. + + + + + -s|--conf=smb.conf + Specifies the location of the all-important + smb.conf file. + @@ -368,7 +397,7 @@ auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok VERSION - This man page is correct for version 2.2 of + This man page is correct for version 3.0 of the Samba suite. -- cgit