From 01f0236f58775e2bf60250caf2b9740bd9f988ea Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Sun, 30 Mar 2003 11:22:22 +0000
Subject: - Regenerate docs - Document 'preload modules' (This used to be
 commit 57407401d0f261d4b8e42fdc64479afef10211c3)

---
 docs/htmldocs/passdb.html | 149 ++++++++++++++++++++++++++++++++--------------
 1 file changed, 104 insertions(+), 45 deletions(-)

(limited to 'docs/htmldocs/passdb.html')

diff --git a/docs/htmldocs/passdb.html b/docs/htmldocs/passdb.html
index 7a8fb7fdec..592e41e1b7 100644
--- a/docs/htmldocs/passdb.html
+++ b/docs/htmldocs/passdb.html
@@ -80,7 +80,7 @@ CLASS="SECT1"
 ><H1
 CLASS="SECT1"
 ><A
-NAME="AEN227"
+NAME="AEN234"
 >3.1. Introduction</A
 ></H1
 ><P
@@ -121,7 +121,7 @@ CLASS="SECT1"
 ><H1
 CLASS="SECT1"
 ><A
-NAME="AEN234"
+NAME="AEN241"
 >3.2. Important Notes About Security</A
 ></H1
 ><P
@@ -182,6 +182,10 @@ CLASS="EMPHASIS"
 >Other Microsoft operating systems which also exhibit 
 		this behavior includes</P
 ><P
+> These versions of MS Windows do not support full domain
+		security protocols, although they may log onto a domain environment.
+		Of these Only MS Windows XP Home does NOT support domain logons.</P
+><P
 ></P
 ><TABLE
 BORDER="0"
@@ -202,7 +206,43 @@ BORDER="0"
 ></TR
 ><TR
 ><TD
->Windows 2000</TD
+>Windows Me</TD
+></TR
+><TR
+><TD
+>Windows XP Home</TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+><P
+> The following versions of MS Windows fully support domain
+		security protocols.</P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>Windows NT 3.5x</TD
+></TR
+><TR
+><TD
+>Windows NT 4.0</TD
+></TR
+><TR
+><TD
+>Windows 2000 Professional</TD
+></TR
+><TR
+><TD
+>Windows 200x Server/Advanced Server</TD
+></TR
+><TR
+><TD
+>Windows XP Professional</TD
 ></TR
 ></TBODY
 ></TABLE
@@ -220,6 +260,21 @@ CLASS="EMPHASIS"
 		SMB Challenge/Response mechanism described here.  Enabling
 		clear text authentication does not disable the ability
 		of the client to participate in encrypted authentication.</P
+><P
+>MS Windows clients will cache the encrypted password alone.
+		Even when plain text passwords are re-enabled, through the appropriate
+		registry change, the plain text password is NEVER cached. This means that
+		in the event that a network connections should become disconnected (broken)
+		only the cached (encrypted) password will be sent to the resource server
+		to affect a auto-reconnect. If the resource server does not support encrypted
+		passwords the auto-reconnect will fail. <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>USE OF ENCRYPTED PASSWORDS
+		IS STRONGLY ADVISED.</I
+></SPAN
+></P
 ></TD
 ></TR
 ></TABLE
@@ -229,7 +284,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN249"
+NAME="AEN267"
 >3.2.1. Advantages of SMB Encryption</A
 ></H2
 ><P
@@ -239,20 +294,25 @@ BORDER="0"
 ><TBODY
 ><TR
 ><TD
->plain text passwords are not passed across 
+>Plain text passwords are not passed across 
 			the network. Someone using a network sniffer cannot just 
 			record passwords going to the SMB server.</TD
 ></TR
 ><TR
 ><TD
 >WinNT doesn't like talking to a server 
-			that isn't using SMB encrypted passwords. It will refuse 
+			that SM not support encrypted passwords. It will refuse 
 			to browse the server if the server is also in user level 
 			security mode. It will insist on prompting the user for the 
 			password on each connection, which is very annoying. The
 			only things you can do to stop this is to use SMB encryption.
 			</TD
 ></TR
+><TR
+><TD
+>Encrypted password support allows auto-matic share
+			(resource) reconnects.</TD
+></TR
 ></TBODY
 ></TABLE
 ><P
@@ -263,7 +323,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN254"
+NAME="AEN273"
 >3.2.2. Advantages of non-encrypted passwords</A
 ></H2
 ><P
@@ -273,20 +333,19 @@ BORDER="0"
 ><TBODY
 ><TR
 ><TD
->plain text passwords are not kept 
-			on disk. </TD
+>Plain text passwords are not kept 
+			on disk, and are NOT cached in memory. </TD
 ></TR
 ><TR
 ><TD
->uses same password file as other unix 
+>Uses same password file as other unix 
 			services such as login and ftp</TD
 ></TR
 ><TR
 ><TD
->you are probably already using other 
-			services (such as telnet and ftp) which send plain text 
-			passwords over the net, so sending them for SMB isn't 
-			such a big deal.</TD
+>Use of other services (such as telnet and ftp) which
+			send plain text passwords over the net, so sending them for SMB
+			isn't such a big deal.</TD
 ></TR
 ></TBODY
 ></TABLE
@@ -299,7 +358,7 @@ CLASS="SECT1"
 ><H1
 CLASS="SECT1"
 ><A
-NAME="AEN260"
+NAME="AEN279"
 >3.3. The smbpasswd Command</A
 ></H1
 ><P
@@ -311,8 +370,7 @@ CLASS="COMMAND"
 CLASS="COMMAND"
 >yppasswd</B
 > programs.
-	It maintains the two 32 byte password fields 
-	in the passdb backend. </P
+	It maintains the two 32 byte password fields in the passdb backend. </P
 ><P
 ><B
 CLASS="COMMAND"
@@ -403,7 +461,7 @@ CLASS="SECT1"
 ><H1
 CLASS="SECT1"
 ><A
-NAME="AEN291"
+NAME="AEN310"
 >3.4. Plain text</A
 ></H1
 ><P
@@ -423,7 +481,7 @@ CLASS="SECT1"
 ><H1
 CLASS="SECT1"
 ><A
-NAME="AEN296"
+NAME="AEN315"
 >3.5. TDB</A
 ></H1
 ><P
@@ -436,7 +494,7 @@ CLASS="SECT1"
 ><H1
 CLASS="SECT1"
 ><A
-NAME="AEN299"
+NAME="AEN318"
 >3.6. LDAP</A
 ></H1
 ><DIV
@@ -444,7 +502,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN301"
+NAME="AEN320"
 >3.6.1. Introduction</A
 ></H2
 ><P
@@ -512,7 +570,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN321"
+NAME="AEN340"
 >3.6.2. Introduction</A
 ></H2
 ><P
@@ -621,15 +679,16 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN350"
+NAME="AEN369"
 >3.6.3. Supported LDAP Servers</A
 ></H2
 ><P
->The LDAP samdb code in 2.2.3 has been developed and tested using the OpenLDAP
-2.0 server and client libraries.  The same code should be able to work with
-Netscape's Directory Server and client SDK. However, due to lack of testing
-so far, there are bound to be compile errors and bugs.  These should not be
-hard to fix. If you are so inclined, please be sure to forward all patches to
+>The LDAP samdb code in 2.2.3 (and later) has been developed and tested
+using the OpenLDAP 2.0 server and client libraries. 
+The same code should be able to work with Netscape's Directory Server
+and client SDK. However, due to lack of testing so far, there are bound
+to be compile errors and bugs.  These should not be hard to fix.
+If you are so inclined, please be sure to forward all patches to
 <A
 HREF="samba-patches@samba.org"
 TARGET="_top"
@@ -646,7 +705,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN355"
+NAME="AEN374"
 >3.6.4. Schema and Relationship to the RFC 2307 posixAccount</A
 ></H2
 ><P
@@ -703,7 +762,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN367"
+NAME="AEN386"
 >3.6.5. Configuring Samba with LDAP</A
 ></H2
 ><DIV
@@ -711,7 +770,7 @@ CLASS="SECT3"
 ><H3
 CLASS="SECT3"
 ><A
-NAME="AEN369"
+NAME="AEN388"
 >3.6.5.1. OpenLDAP configuration</A
 ></H3
 ><P
@@ -793,7 +852,7 @@ CLASS="SECT3"
 ><H3
 CLASS="SECT3"
 ><A
-NAME="AEN386"
+NAME="AEN405"
 >3.6.5.2. Configuring Samba</A
 ></H3
 ><P
@@ -909,7 +968,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN414"
+NAME="AEN433"
 >3.6.6. Accounts and Groups management</A
 ></H2
 ><P
@@ -934,7 +993,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN419"
+NAME="AEN438"
 >3.6.7. Security and sambaAccount</A
 ></H2
 ><P
@@ -1013,7 +1072,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN439"
+NAME="AEN458"
 >3.6.8. LDAP specials attributes for sambaAccounts</A
 ></H2
 ><P
@@ -1220,7 +1279,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN509"
+NAME="AEN528"
 >3.6.9. Example LDIF Entries for a sambaAccount</A
 ></H2
 ><P
@@ -1279,7 +1338,7 @@ CLASS="SECT1"
 ><H1
 CLASS="SECT1"
 ><A
-NAME="AEN517"
+NAME="AEN536"
 >3.7. MySQL</A
 ></H1
 ><DIV
@@ -1287,7 +1346,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN519"
+NAME="AEN538"
 >3.7.1. Building</A
 ></H2
 ><P
@@ -1308,7 +1367,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN525"
+NAME="AEN544"
 >3.7.2. Creating the database</A
 ></H2
 ><P
@@ -1344,7 +1403,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN535"
+NAME="AEN554"
 >3.7.3. Configuring</A
 ></H2
 ><P
@@ -1455,7 +1514,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN552"
+NAME="AEN571"
 >3.7.4. Using plaintext passwords or encrypted password</A
 ></H2
 ><P
@@ -1470,7 +1529,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN557"
+NAME="AEN576"
 >3.7.5. Getting non-column data from the table</A
 ></H2
 ><P
@@ -1496,7 +1555,7 @@ CLASS="SECT1"
 ><H1
 CLASS="SECT1"
 ><A
-NAME="AEN565"
+NAME="AEN584"
 >3.8. Passdb XML plugin</A
 ></H1
 ><DIV
@@ -1504,7 +1563,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN567"
+NAME="AEN586"
 >3.8.1. Building</A
 ></H2
 ><P
@@ -1524,7 +1583,7 @@ CLASS="SECT2"
 ><H2
 CLASS="SECT2"
 ><A
-NAME="AEN573"
+NAME="AEN592"
 >3.8.2. Usage</A
 ></H2
 ><P
-- 
cgit