From 992f1e6b8f86b346fddd266b04d29cde69585633 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 7 Apr 2004 10:15:11 +0000 Subject: Add all the source files from the old CVS tree, add the 5 missing chapters from the HOWTO and add jht's Samba by Example book. (This used to be commit 9fb5bcb93e57c5162b3ee6f9c7d777dc0269d100) --- docs/smbdotconf/security/updateencrypted.xml | 34 ++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 docs/smbdotconf/security/updateencrypted.xml (limited to 'docs/smbdotconf/security/updateencrypted.xml') diff --git a/docs/smbdotconf/security/updateencrypted.xml b/docs/smbdotconf/security/updateencrypted.xml new file mode 100644 index 0000000000..551f4338f6 --- /dev/null +++ b/docs/smbdotconf/security/updateencrypted.xml @@ -0,0 +1,34 @@ + + + + This boolean parameter allows a user logging on with + a plaintext password to have their encrypted (hashed) password in + the smbpasswd file to be updated automatically as they log + on. This option allows a site to migrate from plaintext + password authentication (users authenticate with plaintext + password over the wire, and are checked against a UNIX account + database) to encrypted password authentication (the SMB + challenge/response authentication mechanism) without forcing all + users to re-enter their passwords via smbpasswd at the time the + change is made. This is a convenience option to allow the change + over to encrypted passwords to be made over a longer period. + Once all users have encrypted representations of their passwords + in the smbpasswd file this parameter should be set to + no. + + In order for this parameter to work correctly the + encrypt passwords parameter must + be set to no when this parameter is set to yes. + + Note that even when this parameter is set a user + authenticating to smbd must still enter a valid + password in order to connect correctly, and to update their hashed + (smbpasswd) passwords. + + +no + -- cgit