From 6c2e58987bcb3b5fe527f7f6743c549ed6c0c877 Mon Sep 17 00:00:00 2001 From: John Terpstra Date: Thu, 25 Aug 2005 16:49:40 +0000 Subject: Formatting and other fixes to man pages. (This used to be commit 411025ed0d6ba37ff00f4afc8ccdc9dae94b62e0) --- docs/Samba3-ByExample/SBE-SecureOfficeServer.xml | 2 +- docs/manpages-3/editreg.1.xml | 84 ----------------------- docs/manpages-3/findsmb.1.xml | 4 +- docs/manpages-3/lmhosts.5.xml | 8 +-- docs/manpages-3/log2pcap.1.xml | 8 +-- docs/manpages-3/net.8.xml | 8 +-- docs/manpages-3/pdbedit.8.xml | 12 ++-- docs/manpages-3/smb.conf.5.xml | 14 ++-- docs/smbdotconf/domain/machinepasswordtimeout.xml | 24 ++++--- docs/smbdotconf/filename/deletevetofiles.xml | 2 +- docs/smbdotconf/filename/hidefiles.xml | 4 +- docs/smbdotconf/filename/hidespecialfiles.xml | 10 +-- docs/smbdotconf/filename/hideunwriteablefiles.xml | 8 +-- docs/smbdotconf/filename/mangledmap.xml | 27 +++++--- docs/smbdotconf/filename/manglednames.xml | 2 +- docs/smbdotconf/filename/maparchive.xml | 14 ++-- docs/smbdotconf/filename/maphidden.xml | 13 ++-- docs/smbdotconf/filename/mapsystem.xml | 18 ++--- docs/smbdotconf/filename/preservecase.xml | 12 ++-- docs/smbdotconf/filename/storedosattributes.xml | 20 +++--- docs/smbdotconf/filename/vetofiles.xml | 46 +++++++------ docs/smbdotconf/filename/vetooplockfiles.xml | 27 ++++---- docs/smbdotconf/ldap/ldapdeletedn.xml | 2 +- docs/smbdotconf/ldap/ldapidmapsuffix.xml | 10 +-- docs/smbdotconf/ldap/ldapport.xml | 14 ++-- docs/smbdotconf/ldap/ldapreplicationsleep.xml | 30 ++++---- docs/smbdotconf/ldap/ldaptimeout.xml | 11 ++- docs/smbdotconf/ldap/ldapusersuffix.xml | 9 +-- docs/smbdotconf/locking/cscpolicy.xml | 18 +++-- docs/smbdotconf/locking/lockspincount.xml | 2 +- docs/smbdotconf/locking/oplockbreakwaittime.xml | 22 +++--- docs/smbdotconf/locking/oplockcontentionlimit.xml | 25 ++++--- docs/smbdotconf/locking/oplocks.xml | 16 +++-- docs/smbdotconf/locking/posixlocking.xml | 15 ++-- docs/smbdotconf/locking/strictlocking.xml | 25 ++++--- docs/smbdotconf/logging/debughirestimestamp.xml | 12 ++-- docs/smbdotconf/logging/debugpid.xml | 17 ++--- docs/smbdotconf/logging/debugtimestamp.xml | 11 +-- docs/smbdotconf/logging/debuguid.xml | 13 ++-- docs/smbdotconf/logging/logfile.xml | 10 +-- docs/smbdotconf/logging/loglevel.xml | 17 ++--- docs/smbdotconf/logging/maxlogsize.xml | 12 ++-- docs/smbdotconf/logging/syslog.xml | 20 +++--- docs/smbdotconf/logging/syslogonly.xml | 7 +- docs/smbdotconf/logon/adduserscript.xml | 64 +++++++++-------- docs/smbdotconf/logon/addusertogroupscript.xml | 15 ++-- docs/smbdotconf/logon/logonpath.xml | 26 ++++--- docs/smbdotconf/logon/logonscript.xml | 11 +-- docs/smbdotconf/logon/shutdownscript.xml | 5 +- docs/smbdotconf/misc/afsshare.xml | 2 +- docs/smbdotconf/misc/dfreecommand.xml | 20 +++--- docs/smbdotconf/misc/followsymlinks.xml | 23 +++---- docs/smbdotconf/misc/fstype.xml | 15 ++-- docs/smbdotconf/misc/homedirmap.xml | 30 ++++---- docs/smbdotconf/misc/include.xml | 14 ++-- docs/smbdotconf/misc/magicoutput.xml | 9 ++- docs/smbdotconf/misc/messagecommand.xml | 27 +++++--- docs/smbdotconf/misc/panicaction.xml | 3 +- docs/smbdotconf/misc/piddirectory.xml | 5 +- docs/smbdotconf/misc/preexecclose.xml | 6 +- docs/smbdotconf/misc/remoteannounce.xml | 42 +++++++----- docs/smbdotconf/misc/remotebrowsesync.xml | 32 +++++---- docs/smbdotconf/misc/rootpostexec.xml | 9 +-- docs/smbdotconf/misc/rootpreexec.xml | 9 +-- docs/smbdotconf/misc/setdirectory.xml | 13 ++-- docs/smbdotconf/misc/utmp.xml | 25 +++---- docs/smbdotconf/misc/wtmpdirectory.xml | 22 +++--- docs/smbdotconf/printing/cupsoptions.xml | 11 +-- docs/smbdotconf/printing/cupsserver.xml | 10 +-- docs/smbdotconf/printing/deleteprintercommand.xml | 2 +- docs/smbdotconf/printing/enumportscommand.xml | 2 +- docs/smbdotconf/printing/loadprinters.xml | 2 +- docs/smbdotconf/printing/lppausecommand.xml | 8 ++- docs/smbdotconf/printing/lpresumecommand.xml | 2 +- docs/smbdotconf/printing/lprmcommand.xml | 4 +- docs/smbdotconf/printing/maxreportedprintjobs.xml | 11 +-- docs/smbdotconf/printing/os2drivermap.xml | 8 +-- docs/smbdotconf/protocol/profileacls.xml | 13 ++-- docs/smbdotconf/security/allowtrusteddomains.xml | 2 +- docs/smbdotconf/security/authmethods.xml | 21 +++--- docs/smbdotconf/security/clientschannel.xml | 15 ++-- docs/smbdotconf/security/forceunknownacluser.xml | 30 ++++---- docs/smbdotconf/security/passdbbackend.xml | 4 +- docs/smbdotconf/security/restrictanonymous.xml | 4 +- docs/smbdotconf/security/smbpasswdfile.xml | 10 +-- docs/smbdotconf/security/usernamemap.xml | 20 +++--- docs/smbdotconf/security/validusers.xml | 23 ++++--- docs/smbdotconf/security/writelist.xml | 23 ++++--- docs/smbdotconf/tuning/usesendfile.xml | 5 +- 89 files changed, 689 insertions(+), 653 deletions(-) delete mode 100644 docs/manpages-3/editreg.1.xml (limited to 'docs') diff --git a/docs/Samba3-ByExample/SBE-SecureOfficeServer.xml b/docs/Samba3-ByExample/SBE-SecureOfficeServer.xml index 8f8a73dcae..2f14775d7d 100644 --- a/docs/Samba3-ByExample/SBE-SecureOfficeServer.xml +++ b/docs/Samba3-ByExample/SBE-SecureOfficeServer.xml @@ -1788,7 +1788,7 @@ hosts: wins The next step is to make certain that Samba is running using ps ax | grep mbd. The nmbd daemon will provide the WINS name resolution service when the - &smmb.conf; file [global] parameter Yes has been specified. Having validated that Samba is operational, excute the following: diff --git a/docs/manpages-3/editreg.1.xml b/docs/manpages-3/editreg.1.xml deleted file mode 100644 index 2b08555a4f..0000000000 --- a/docs/manpages-3/editreg.1.xml +++ /dev/null @@ -1,84 +0,0 @@ - - - - - - editreg - 1 - - - - - editreg - A utility for printing and editing NT4 registry files - - - - - - editreg - -v - -c file - file - - - - - DESCRIPTION - - This tool is part of the samba - 7 suite. - - editreg is a utility that - can visualize windows registry files (currently only NT4) and apply - so-called commandfiles to them. - - - - - - OPTIONS - - - - registry_file - Registry file to view or edit. - - - - - -v,--verbose - Increases verbosity of messages. - - - - - -c commandfile - Read commands to execute on registry_file from commandfile. Currently not yet supported! - - - - &stdarg.help; - - - - - - VERSION - - This man page is correct for version 3.0 of the Samba - suite. - - - - AUTHOR - - The original Samba software and related utilities - were created by Andrew Tridgell. Samba is now developed - by the Samba Team as an Open Source project similar - to the way the Linux kernel is developed. - - The editreg man page was written by Jelmer Vernooij. - - - diff --git a/docs/manpages-3/findsmb.1.xml b/docs/manpages-3/findsmb.1.xml index ac8c8c010f..0fb4c51dee 100644 --- a/docs/manpages-3/findsmb.1.xml +++ b/docs/manpages-3/findsmb.1.xml @@ -94,7 +94,7 @@ without -r option set would yield output similar to the following - + IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION --------------------------------------------------------------------- 192.168.35.10 MINESET-TEST1 [DMVENGR] @@ -107,7 +107,7 @@ IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION 192.168.35.88 SCNT2 +[MVENGR] [Windows NT 4.0] [NT LAN Manager 4.0] 192.168.35.93 FROGSTAR-PC [MVENGR] [Windows 5.0] [Windows 2000 LAN Manager] 192.168.35.97 HERBNT1 *[HERB-NT] [Windows NT 4.0] [NT LAN Manager 4.0] - + diff --git a/docs/manpages-3/lmhosts.5.xml b/docs/manpages-3/lmhosts.5.xml index f797569102..e736a1035a 100644 --- a/docs/manpages-3/lmhosts.5.xml +++ b/docs/manpages-3/lmhosts.5.xml @@ -53,16 +53,16 @@ - An example follows: - - + An example follows: + # # Sample Samba lmhosts file. # 192.9.200.1 TESTPC 192.9.200.20 NTSERVER#20 192.9.200.21 SAMBASERVER - + + Contains three IP to NetBIOS name mappings. The first and third will be returned for any queries for the names "TESTPC" diff --git a/docs/manpages-3/log2pcap.1.xml b/docs/manpages-3/log2pcap.1.xml index 16155c4312..895c7be624 100644 --- a/docs/manpages-3/log2pcap.1.xml +++ b/docs/manpages-3/log2pcap.1.xml @@ -86,15 +86,15 @@ Extract all network traffic from all samba log files: - + $ log2pcap < /var/log/* > trace.pcap - + Convert to pcap using text2pcap: - + $ log2pcap -h samba.log | text2pcap -T 139,139 - trace.pcap - + diff --git a/docs/manpages-3/net.8.xml b/docs/manpages-3/net.8.xml index bcd6eb2ecc..234ca1d5c5 100644 --- a/docs/manpages-3/net.8.xml +++ b/docs/manpages-3/net.8.xml @@ -620,10 +620,10 @@ Parameters take the for "parameter=value". Common options include: Add a new group mapping entry: - + net groupmap add {rid=int|sid=string} unixgroup=string \ [type={domain|local}] [ntgroup=string] [comment=string] - + @@ -643,10 +643,10 @@ net groupmap add {rid=int|sid=string} unixgroup=string \ Update en existing group entry - + net groupmap modify {ntgroup=string|sid=SID} [unixgroup=string] \ [comment=string] [type={domain|local}] - + diff --git a/docs/manpages-3/pdbedit.8.xml b/docs/manpages-3/pdbedit.8.xml index bb88fa891c..e26bf2777d 100644 --- a/docs/manpages-3/pdbedit.8.xml +++ b/docs/manpages-3/pdbedit.8.xml @@ -70,10 +70,10 @@ This option prints a list of user/uid pairs separated by the ':' character. Example: pdbedit -L - + sorce:500:Simo Sorce samba:45:Test User - + @@ -86,7 +86,7 @@ samba:45:Test User out the account fields in a descriptive format. Example: pdbedit -L -v - + --------------- username: sorce user ID/Group: 500/500 @@ -105,7 +105,7 @@ Home Directory: \\BERSERKER\samba HomeDir Drive: Logon Script: Profile Path: \\BERSERKER\profile - + @@ -121,14 +121,14 @@ Profile Path: \\BERSERKER\profile 5 for details) Example: pdbedit -L -w - + sorce:500:508818B733CE64BEAAD3B435B51404EE: D2A2418EFC466A8A0F6B1DBB5C3DB80C: [UX ]:LCT-00000000: samba:45:0F2B255F7B67A7A9AAD3B435B51404EE: BC281CE3F53B6A5146629CD4751D3490: [UX ]:LCT-3BFA1E8D: - + diff --git a/docs/manpages-3/smb.conf.5.xml b/docs/manpages-3/smb.conf.5.xml index f67c1f2c09..bf8e5c7e18 100644 --- a/docs/manpages-3/smb.conf.5.xml +++ b/docs/manpages-3/smb.conf.5.xml @@ -30,9 +30,9 @@ The file consists of sections and parameters. A section begins with the name of the section in square brackets and continues until the next section begins. Sections contain parameters of the form: - + name = value - + @@ -179,9 +179,9 @@ If you decide to use a path = line in your [homes] section, it may be useful to use the %S macro. For example: - + path = /data/pchome/%S - + is useful if you have different home directories for your PCs than for UNIX access. @@ -273,10 +273,10 @@ All aliases given for a printer in the printcap file are legitimate printer names as far as the server is concerned. If your printing subsystem doesn't work like that, you will have to set up a pseudo-printcap. This is a file consisting of one or more lines like this: - + alias|alias|alias|alias... - - + + Each alias should be an acceptable printer name for your printing subsystem. In the [global] section, diff --git a/docs/smbdotconf/domain/machinepasswordtimeout.xml b/docs/smbdotconf/domain/machinepasswordtimeout.xml index 790eaf97b9..a8e312ba36 100644 --- a/docs/smbdotconf/domain/machinepasswordtimeout.xml +++ b/docs/smbdotconf/domain/machinepasswordtimeout.xml @@ -3,18 +3,20 @@ type="integer" advanced="1" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - - If a Samba server is a member of a Windows - NT Domain (see the domain - parameter) then periodically a running smbd - process will try and change the MACHINE ACCOUNT - PASSWORD stored in the TDB called private/secrets.tdb - . This parameter specifies how often this password - will be changed, in seconds. The default is one week (expressed in - seconds), the same as a Windows NT Domain member server. + - See also smbpasswd - 8, and the domain parameter. + + If a Samba server is a member of a Windows NT Domain (see the domain parameter) then periodically a running smbd process will try and change + the MACHINE ACCOUNT PASSWORD stored in the TDB called private/secrets.tdb + . This parameter specifies how often this password will be changed, in seconds. The default is one + week (expressed in seconds), the same as a Windows NT Domain member server. + + + + See also smbpasswd 8, + and the domain parameter. + 604800 diff --git a/docs/smbdotconf/filename/deletevetofiles.xml b/docs/smbdotconf/filename/deletevetofiles.xml index b8809bacd7..31138aa8e2 100644 --- a/docs/smbdotconf/filename/deletevetofiles.xml +++ b/docs/smbdotconf/filename/deletevetofiles.xml @@ -17,7 +17,7 @@ directories you might normally veto DOS/Windows users from seeing (e.g. .AppleDouble) -Setting yes allows these + Setting yes allows these directories to be transparently deleted when the parent directory is deleted (so long as the user has permissions to do so). diff --git a/docs/smbdotconf/filename/hidefiles.xml b/docs/smbdotconf/filename/hidefiles.xml index 1d83860fca..0b475053ee 100644 --- a/docs/smbdotconf/filename/hidefiles.xml +++ b/docs/smbdotconf/filename/hidefiles.xml @@ -31,9 +31,9 @@ An example of us of this parameter is: - + hide files = /.*/DesktopFolderDB/TrashFor%m/resource.frk/ - + diff --git a/docs/smbdotconf/filename/hidespecialfiles.xml b/docs/smbdotconf/filename/hidespecialfiles.xml index 4714131c06..ea2b68a66c 100644 --- a/docs/smbdotconf/filename/hidespecialfiles.xml +++ b/docs/smbdotconf/filename/hidespecialfiles.xml @@ -3,10 +3,12 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter prevents clients from seeing - special files such as sockets, devices and fifo's in directory - listings. - + + + This parameter prevents clients from seeing special files such as sockets, devices and + fifo's in directory listings. + + no diff --git a/docs/smbdotconf/filename/hideunwriteablefiles.xml b/docs/smbdotconf/filename/hideunwriteablefiles.xml index e450cf05b5..831e8c69c9 100644 --- a/docs/smbdotconf/filename/hideunwriteablefiles.xml +++ b/docs/smbdotconf/filename/hideunwriteablefiles.xml @@ -3,10 +3,10 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter prevents clients from seeing - the existance of files that cannot be written to. Defaults to off. - Note that unwriteable directories are shown as usual. - + + This parameter prevents clients from seeing the existance of files that cannot be written to. + Defaults to off. Note that unwriteable directories are shown as usual. + no diff --git a/docs/smbdotconf/filename/mangledmap.xml b/docs/smbdotconf/filename/mangledmap.xml index cbcec9b1df..b4be3a80d2 100644 --- a/docs/smbdotconf/filename/mangledmap.xml +++ b/docs/smbdotconf/filename/mangledmap.xml @@ -3,22 +3,29 @@ context="S" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This is for those who want to directly map UNIX - file names which cannot be represented on Windows/DOS. The mangling - of names is not always what is needed. In particular you may have + + This is for those who want to directly map UNIX file names which cannot be represented on + Windows/DOS. The mangling of names is not always what is needed. In particular you may have documents with file extensions that differ between DOS and UNIX. For example, under UNIX it is common to use .html for HTML files, whereas under Windows/DOS .htm - is more commonly used. + is more commonly used. + - So to map html to htm - you would use: + + So to map html to htm + you would use: + -(*.html *.htm). + + (*.html *.htm). + - One very useful case is to remove the annoying ;1 - off the ends of filenames on some CDROMs (only visible - under some UNIXes). To do this use a map of (*;1 *;). + + One very useful case is to remove the annoying ;1 off + the ends of filenames on some CDROMs (only visible under some UNIXes). To do this use a map of + (*;1 *;). + no mangled map diff --git a/docs/smbdotconf/filename/manglednames.xml b/docs/smbdotconf/filename/manglednames.xml index 64bc4a9412..90bbc58667 100644 --- a/docs/smbdotconf/filename/manglednames.xml +++ b/docs/smbdotconf/filename/manglednames.xml @@ -7,7 +7,7 @@ should be mapped to DOS-compatible names ("mangled") and made visible, or whether non-DOS names should simply be ignored. -See the section on for + See the section on for details on how to control the mangling process. If mangling is used then the mangling algorithm is as follows: diff --git a/docs/smbdotconf/filename/maparchive.xml b/docs/smbdotconf/filename/maparchive.xml index 1110ec943b..35169f97f3 100644 --- a/docs/smbdotconf/filename/maparchive.xml +++ b/docs/smbdotconf/filename/maparchive.xml @@ -3,16 +3,20 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This controls whether the DOS archive attribute + + This controls whether the DOS archive attribute should be mapped to the UNIX owner execute bit. The DOS archive bit is set when a file has been modified since its last backup. One motivation for this option it to keep Samba/your PC from making any file it touches from becoming executable under UNIX. This can - be quite annoying for shared source code, documents, etc... + be quite annoying for shared source code, documents, etc... + -Note that this requires the - parameter to be set such that owner execute bit is not masked out - (i.e. it must include 100). See the parameter for details. + + Note that this requires the parameter to be set such that owner + execute bit is not masked out (i.e. it must include 100). See the parameter + for details. + yes diff --git a/docs/smbdotconf/filename/maphidden.xml b/docs/smbdotconf/filename/maphidden.xml index da40f7ff3e..841c6876e6 100644 --- a/docs/smbdotconf/filename/maphidden.xml +++ b/docs/smbdotconf/filename/maphidden.xml @@ -3,12 +3,15 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This controls whether DOS style hidden files - should be mapped to the UNIX world execute bit. + + This controls whether DOS style hidden files should be mapped to the UNIX world execute bit. + -Note that this requires the - to be set such that the world execute bit is not masked out (i.e. - it must include 001). See the parameter for details. + + Note that this requires the to be set such that the world execute + bit is not masked out (i.e. it must include 001). See the parameter + for details. + no diff --git a/docs/smbdotconf/filename/mapsystem.xml b/docs/smbdotconf/filename/mapsystem.xml index 35b7dc7cfe..021602d578 100644 --- a/docs/smbdotconf/filename/mapsystem.xml +++ b/docs/smbdotconf/filename/mapsystem.xml @@ -3,13 +3,15 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This controls whether DOS style system files - should be mapped to the UNIX group execute bit. + + This controls whether DOS style system files should be mapped to the UNIX group execute bit. + -Note that this requires the - to be set such that the group execute bit is not masked out (i.e. - it must include 010). See the parameter - for details. - - no + + Note that this requires the to be set such that the group + execute bit is not masked out (i.e. it must include 010). See the parameter + for details. + + +no diff --git a/docs/smbdotconf/filename/preservecase.xml b/docs/smbdotconf/filename/preservecase.xml index e84cb56461..875900d4c2 100644 --- a/docs/smbdotconf/filename/preservecase.xml +++ b/docs/smbdotconf/filename/preservecase.xml @@ -3,10 +3,14 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This controls if new filenames are created - with the case that the client passes, or if they are forced to - be the . - See the section on NAME MANGLING for a fuller discussion. + + This controls if new filenames are created with the case that the client passes, or if + they are forced to be the . + + + + See the section on NAME MANGLING for a fuller discussion. + yes diff --git a/docs/smbdotconf/filename/storedosattributes.xml b/docs/smbdotconf/filename/storedosattributes.xml index bedf185c2f..e6075c4ccf 100644 --- a/docs/smbdotconf/filename/storedosattributes.xml +++ b/docs/smbdotconf/filename/storedosattributes.xml @@ -3,16 +3,16 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - If this parameter is set Samba no longer attempts to - map DOS attributes like SYSTEM, HIDDEN, ARCHIVE or READ-ONLY - to UNIX permission bits (such as the . Instead, DOS attributes will be stored onto an extended - attribute in the UNIX filesystem, associated with the file or directory. - For this to operate correctly, the parameters , , must be set to off. - This parameter writes the DOS attributes as a string into the - extended attribute named "user.DOSATTRIB". This extended attribute - is explicitly hidden from smbd clients requesting an EA list. - On Linux the filesystem must have been mounted with the mount - option user_xattr in order for extended attributes to work, also + + If this parameter is set Samba no longer attempts to map DOS attributes like SYSTEM, HIDDEN, + ARCHIVE or READ-ONLY to UNIX permission bits (such as the . + Instead, DOS attributes will be stored onto an extended attribute in the UNIX filesystem, + associated with the file or directory. For this to operate correctly, the parameters + , , + must be set to off. This parameter writes the DOS + attributes as a string into the extended attribute named "user.DOSATTRIB". This extended attribute + is explicitly hidden from smbd clients requesting an EA list.i On Linux the filesystem must have + been mounted with the mount option user_xattr in order for extended attributes to work, also extended attributes must be compiled into the Linux kernel. diff --git a/docs/smbdotconf/filename/vetofiles.xml b/docs/smbdotconf/filename/vetofiles.xml index 637e82449f..48e0c40fff 100644 --- a/docs/smbdotconf/filename/vetofiles.xml +++ b/docs/smbdotconf/filename/vetofiles.xml @@ -3,34 +3,36 @@ type="string" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This is a list of files and directories that - are neither visible nor accessible. Each entry in the list must - be separated by a '/', which allows spaces to be included - in the entry. '*' and '?' can be used to specify multiple files - or directories as in DOS wildcards. + + This is a list of files and directories that are neither visible nor accessible. Each entry in + the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?' + can be used to specify multiple files or directories as in DOS wildcards. + - Each entry must be a unix path, not a DOS path and - must not include the unix directory - separator '/'. + + Each entry must be a unix path, not a DOS path and must not include the + unix directory separator '/'. + -Note that the option - is applicable in vetoing files. + + Note that the option is applicable in vetoing files. + - One feature of the veto files parameter that it - is important to be aware of is Samba's behaviour when - trying to delete a directory. If a directory that is - to be deleted contains nothing but veto files this - deletion will fail unless you also set - the parameter to - yes. + + One feature of the veto files parameter that it is important to be aware of is Samba's behaviour when + trying to delete a directory. If a directory that is to be deleted contains nothing but veto files this + deletion will fail unless you also set the + parameter to yes. + - Setting this parameter will affect the performance - of Samba, as it will be forced to check all files and directories - for a match as they are scanned. + + Setting this parameter will affect the performance of Samba, as it will be forced to check all files + and directories for a match as they are scanned. + Examples of use include: - + ; Veto any files containing the word Security, ; any ending in .tmp, and any directory containing the ; word root. @@ -39,7 +41,7 @@ veto files = /*Security*/*.tmp/*root*/ ; Veto the Apple specific files that a NetAtalk server ; creates. veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/ - + diff --git a/docs/smbdotconf/filename/vetooplockfiles.xml b/docs/smbdotconf/filename/vetooplockfiles.xml index b5ef0df5a6..b99ab00385 100644 --- a/docs/smbdotconf/filename/vetooplockfiles.xml +++ b/docs/smbdotconf/filename/vetooplockfiles.xml @@ -3,28 +3,29 @@ type="string" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter is only valid when the - + + This parameter is only valid when the parameter is turned on for a share. It allows the Samba administrator to selectively turn off the granting of oplocks on selected files that match a wildcarded list, similar to the wildcarded list used in the - - parameter. + parameter. + - You might want to do this on files that you know will - be heavily contended for by clients. A good example of this - is in the NetBench SMB benchmark program, which causes heavy - client contention for files ending in .SEM. - To cause Samba not to grant oplocks on these files you would use - the line (either in the [global] section or in the section for - the particular NetBench share : + + You might want to do this on files that you know will be heavily contended + for by clients. A good example of this is in the NetBench SMB benchmark + program, which causes heavy client contention for files ending in + .SEM. To cause Samba not to grant + oplocks on these files you would use the line (either in the [global] + section or in the section for the particular NetBench share. + An example of use is: - + veto oplock files = /.*SEM/ - + No files are vetoed for oplock grants diff --git a/docs/smbdotconf/ldap/ldapdeletedn.xml b/docs/smbdotconf/ldap/ldapdeletedn.xml index 46f199cb52..48f5c9b65a 100644 --- a/docs/smbdotconf/ldap/ldapdeletedn.xml +++ b/docs/smbdotconf/ldap/ldapdeletedn.xml @@ -7,7 +7,7 @@ This parameter specifies whether a delete operation in the ldapsam deletes the complete entry or only the attributes specific to Samba. - + no diff --git a/docs/smbdotconf/ldap/ldapidmapsuffix.xml b/docs/smbdotconf/ldap/ldapidmapsuffix.xml index f3bbc10ade..e397138741 100644 --- a/docs/smbdotconf/ldap/ldapidmapsuffix.xml +++ b/docs/smbdotconf/ldap/ldapidmapsuffix.xml @@ -4,11 +4,11 @@ type="string" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameters specifies the suffix that is - used when storing idmap mappings. If this parameter - is unset, the value of - will be used instead. The suffix string is pre-pended to the - string so use a partial DN. + + This parameters specifies the suffix that is used when storing idmap mappings. If this parameter + is unset, the value of will be used instead. The suffix + string is pre-pended to the string so use a partial DN. + ou=Idmap diff --git a/docs/smbdotconf/ldap/ldapport.xml b/docs/smbdotconf/ldap/ldapport.xml index 8895c15c7f..ad77b78857 100644 --- a/docs/smbdotconf/ldap/ldapport.xml +++ b/docs/smbdotconf/ldap/ldapport.xml @@ -3,13 +3,15 @@ context="G" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter is only available if Samba has been - configure to include the --with-ldapsam option - at compile time. + + This parameter is only available if Samba has been configure to include the + --with-ldapsam option at compile time. + - This option is used to control the tcp port number used to contact - the . - The default is to use the stand LDAPS port 636. + + This option is used to control the tcp port number used to contact the + . The default is to use the stand LDAPS port 636. + ldap ssl 636if ldap ssl = on diff --git a/docs/smbdotconf/ldap/ldapreplicationsleep.xml b/docs/smbdotconf/ldap/ldapreplicationsleep.xml index b1a24d2af8..4710e2b3b3 100644 --- a/docs/smbdotconf/ldap/ldapreplicationsleep.xml +++ b/docs/smbdotconf/ldap/ldapreplicationsleep.xml @@ -4,20 +4,22 @@ type="integer" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - When Samba is asked to write to a read-only LDAP -replica, we are redirected to talk to the read-write master server. -This server then replicates our changes back to the 'local' server, -however the replication might take some seconds, especially over slow -links. Certain client activities, particularly domain joins, can become -confused by the 'success' that does not immediately change the LDAP -back-end's data. - This option simply causes Samba to wait a short time, to -allow the LDAP server to catch up. If you have a particularly -high-latency network, you may wish to time the LDAP replication with a -network sniffer, and increase this value accordingly. Be aware that no -checking is performed that the data has actually replicated. - The value is specified in milliseconds, the maximum -value is 5000 (5 seconds). + + When Samba is asked to write to a read-only LDAP replica, we are redirected to talk to the read-write master server. + This server then replicates our changes back to the 'local' server, however the replication might take some seconds, + especially over slow links. Certain client activities, particularly domain joins, can become confused by the 'success' + that does not immediately change the LDAP back-end's data. + + + + This option simply causes Samba to wait a short time, to allow the LDAP server to catch up. If you have a particularly + high-latency network, you may wish to time the LDAP replication with a network sniffer, and increase this value accordingly. + Be aware that no checking is performed that the data has actually replicated. + + + + The value is specified in milliseconds, the maximum value is 5000 (5 seconds). + 1000 diff --git a/docs/smbdotconf/ldap/ldaptimeout.xml b/docs/smbdotconf/ldap/ldaptimeout.xml index 73ec5f7212..cd88494903 100644 --- a/docs/smbdotconf/ldap/ldaptimeout.xml +++ b/docs/smbdotconf/ldap/ldaptimeout.xml @@ -4,12 +4,11 @@ type="integer" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - When Samba connects to an ldap server that server -may be down or unreachable. To prevent Samba from hanging whilst -waiting for the connection this parameter specifies in seconds how -long Samba should wait before failing the connect. The default is -to only wait fifteen seconds for the ldap server to respond to the -connect request. + + When Samba connects to an ldap server that servermay be down or unreachable. To prevent Samba from hanging whilst + waiting for the connection this parameter specifies in seconds how long Samba should wait before failing the + connect. The default is to only wait fifteen seconds for the ldap server to respond to the connect request. + 15 diff --git a/docs/smbdotconf/ldap/ldapusersuffix.xml b/docs/smbdotconf/ldap/ldapusersuffix.xml index b97cd07094..6b4eec378d 100644 --- a/docs/smbdotconf/ldap/ldapusersuffix.xml +++ b/docs/smbdotconf/ldap/ldapusersuffix.xml @@ -4,10 +4,11 @@ advanced="1" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter specifies where users are added to the tree. - If this parameter is unset, the value of will be used instead. The suffix string is pre-pended to the - string so use a partial DN. + + This parameter specifies where users are added to the tree. If this parameter is unset, + the value of will be used instead. The suffix + string is pre-pended to the string so use a partial DN. + diff --git a/docs/smbdotconf/locking/cscpolicy.xml b/docs/smbdotconf/locking/cscpolicy.xml index 5dd76569fa..6131e1269f 100644 --- a/docs/smbdotconf/locking/cscpolicy.xml +++ b/docs/smbdotconf/locking/cscpolicy.xml @@ -3,15 +3,19 @@ type="enum" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This stands for client-side caching - policy, and specifies how clients capable of offline - caching will cache the files in the share. The valid values - are: manual, documents, programs, disable. + + This stands for client-side caching policy, and specifies how clients capable of offline + caching will cache the files in the share. The valid values are: manual, documents, programs, disable. + - These values correspond to those used on Windows servers. + + These values correspond to those used on Windows servers. + - For example, shares containing roaming profiles can have - offline caching disabled using disable. + + For example, shares containing roaming profiles can have offline caching disabled using + disable. + manual programs diff --git a/docs/smbdotconf/locking/lockspincount.xml b/docs/smbdotconf/locking/lockspincount.xml index e7fb75a75f..92fee8806e 100644 --- a/docs/smbdotconf/locking/lockspincount.xml +++ b/docs/smbdotconf/locking/lockspincount.xml @@ -11,7 +11,7 @@ in case the lock could later be acquired. This behavior is used to support PC database formats such as MS Access and FoxPro. - + 3 diff --git a/docs/smbdotconf/locking/oplockbreakwaittime.xml b/docs/smbdotconf/locking/oplockbreakwaittime.xml index cd78f1a86d..bede040840 100644 --- a/docs/smbdotconf/locking/oplockbreakwaittime.xml +++ b/docs/smbdotconf/locking/oplockbreakwaittime.xml @@ -3,16 +3,16 @@ type="integer" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This is a tuning parameter added due to bugs in - both Windows 9x and WinNT. If Samba responds to a client too - quickly when that client issues an SMB that can cause an oplock - break request, then the network client can fail and not respond - to the break request. This tuning parameter (which is set in milliseconds) - is the amount of time Samba will wait before sending an oplock break - request to such (broken) clients. + + This is a tuning parameter added due to bugs in both Windows 9x and WinNT. If Samba responds to a client too + quickly when that client issues an SMB that can cause an oplock break request, then the network client can + fail and not respond to the break request. This tuning parameter (which is set in milliseconds) is the amount + of time Samba will wait before sending an oplock break request to such (broken) clients. + - DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND - UNDERSTOOD THE SAMBA OPLOCK CODE. - - 0 + + DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND UNDERSTOOD THE SAMBA OPLOCK CODE. + + +0 diff --git a/docs/smbdotconf/locking/oplockcontentionlimit.xml b/docs/smbdotconf/locking/oplockcontentionlimit.xml index fec5809cb4..3ee3c45eb3 100644 --- a/docs/smbdotconf/locking/oplockcontentionlimit.xml +++ b/docs/smbdotconf/locking/oplockcontentionlimit.xml @@ -3,20 +3,23 @@ type="integer" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This is a very advanced - smbd - 8 tuning option to - improve the efficiency of the granting of oplocks under multiple - client contention for the same file. + + This is a very advanced smbd + 8 tuning option to improve the efficiency of the + granting of oplocks under multiple client contention for the same file. + - In brief it specifies a number, which causes smbd - 8not to grant an oplock even when requested - if the approximate number of clients contending for an oplock on the same file goes over this + + In brief it specifies a number, which causes smbd + 8not to grant an oplock even when requested if the + approximate number of clients contending for an oplock on the same file goes over this limit. This causes smbd to behave in a similar - way to Windows NT. + way to Windows NT. + -DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ - AND UNDERSTOOD THE SAMBA OPLOCK CODE. + + DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND UNDERSTOOD THE SAMBA OPLOCK CODE. + 2 diff --git a/docs/smbdotconf/locking/oplocks.xml b/docs/smbdotconf/locking/oplocks.xml index 3ce70a7883..0c6c26927c 100644 --- a/docs/smbdotconf/locking/oplocks.xml +++ b/docs/smbdotconf/locking/oplocks.xml @@ -3,22 +3,26 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This boolean option tells smbd whether to + + This boolean option tells smbd whether to issue oplocks (opportunistic locks) to file open requests on this share. The oplock code can dramatically (approx. 30% or more) improve the speed of access to files on Samba servers. It allows the clients to aggressively cache files locally and you may want to disable this option for unreliable network environments (it is turned on by default in Windows NT Servers). For more information see the file - Speed.txt in the Samba docs/ - directory. + Speed.txt in the Samba + docs/ directory. + - Oplocks may be selectively turned off on certain files with a - share. See the parameter. On some systems + + Oplocks may be selectively turned off on certain files with a share. See + the parameter. On some systems oplocks are recognized by the underlying operating system. This allows data synchronization between all access to oplocked files, whether it be via Samba or NFS or a local UNIX process. See the - kernel oplocks parameter for details. + parameter for details. + kernel oplocks diff --git a/docs/smbdotconf/locking/posixlocking.xml b/docs/smbdotconf/locking/posixlocking.xml index badb1d1750..e5a89f59aa 100644 --- a/docs/smbdotconf/locking/posixlocking.xml +++ b/docs/smbdotconf/locking/posixlocking.xml @@ -3,14 +3,13 @@ context="S" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - The smbd - 8 - daemon maintains an database of file locks obtained by SMB clients. - The default behavior is to map this internal database to POSIX - locks. This means that file locks obtained by SMB clients are - consistent with those seen by POSIX compliant applications accessing - the files via a non-SMB method (e.g. NFS or local file access). - You should never need to disable this parameter. + + The smbd 8 + daemon maintains an database of file locks obtained by SMB clients. The default behavior is + to map this internal database to POSIX locks. This means that file locks obtained by SMB clients are + consistent with those seen by POSIX compliant applications accessing the files via a non-SMB + method (e.g. NFS or local file access). You should never need to disable this parameter. + yes diff --git a/docs/smbdotconf/locking/strictlocking.xml b/docs/smbdotconf/locking/strictlocking.xml index 6ccca332da..0394e24b28 100644 --- a/docs/smbdotconf/locking/strictlocking.xml +++ b/docs/smbdotconf/locking/strictlocking.xml @@ -3,17 +3,20 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This is a boolean that controls the handling of - file locking in the server. When this is set to yes, - the server will check every read and write access for file locks, and - deny access if locks exist. This can be slow on some systems. + + This is a boolean that controls the handling of file locking in the server. When this is set to yes, + the server will check every read and write access for file locks, and deny access if locks exist. This can be slow on + some systems. + - When strict locking is disabled, the server performs file - lock checks only when the client explicitly asks for them. + + When strict locking is disabled, the server performs file lock checks only when the client explicitly asks for them. + - Well-behaved clients always ask for lock checks when it - is important. So in the vast majority of cases, strict - locking = no is acceptable. - - yes + + Well-behaved clients always ask for lock checks when it is important. So in the vast majority of cases, + strict locking = no is acceptable. + + +yes diff --git a/docs/smbdotconf/logging/debughirestimestamp.xml b/docs/smbdotconf/logging/debughirestimestamp.xml index eef5af73f0..6f32bd593b 100644 --- a/docs/smbdotconf/logging/debughirestimestamp.xml +++ b/docs/smbdotconf/logging/debughirestimestamp.xml @@ -4,14 +4,14 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - Sometimes the timestamps in the log messages - are needed with a resolution of higher that seconds, this - boolean parameter adds microsecond resolution to the timestamp - message header when turned on. + + Sometimes the timestamps in the log messages are needed with a resolution of higher that seconds, this + boolean parameter adds microsecond resolution to the timestamp message header when turned on. + - Note that the parameter must be on for this to have an - effect. + Note that the parameter must be on for this to have an effect. + no diff --git a/docs/smbdotconf/logging/debugpid.xml b/docs/smbdotconf/logging/debugpid.xml index 0d84eb5263..017d010940 100644 --- a/docs/smbdotconf/logging/debugpid.xml +++ b/docs/smbdotconf/logging/debugpid.xml @@ -4,15 +4,16 @@ developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - When using only one log file for more then one forked - smbd - 8-process there may be hard to - follow which process outputs which message. This boolean parameter - is adds the process-id to the timestamp message headers in the - logfile when turned on. + + When using only one log file for more then one forked smbd + 8-process there may be hard to follow which process outputs which + message. This boolean parameter is adds the process-id to the timestamp message headers in the + logfile when turned on. + - Note that the parameter must be on for this to have an - effect. + + Note that the parameter must be on for this to have an effect. + no diff --git a/docs/smbdotconf/logging/debugtimestamp.xml b/docs/smbdotconf/logging/debugtimestamp.xml index ac1ce7b09e..b335eba465 100644 --- a/docs/smbdotconf/logging/debugtimestamp.xml +++ b/docs/smbdotconf/logging/debugtimestamp.xml @@ -3,12 +3,13 @@ type="boolean" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - timestamp logs +timestamp logs - Samba debug log messages are timestamped - by default. If you are running at a high these timestamps - can be distracting. This boolean parameter allows timestamping - to be turned off. + + Samba debug log messages are timestamped by default. If you are running at a high + these timestamps can be distracting. This + boolean parameter allows timestamping to be turned off. + yes diff --git a/docs/smbdotconf/logging/debuguid.xml b/docs/smbdotconf/logging/debuguid.xml index 616128a581..5cfa541a45 100644 --- a/docs/smbdotconf/logging/debuguid.xml +++ b/docs/smbdotconf/logging/debuguid.xml @@ -4,13 +4,14 @@ developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - Samba is sometimes run as root and sometime - run as the connected user, this boolean parameter inserts the - current euid, egid, uid and gid to the timestamp message headers - in the log file if turned on. + + Samba is sometimes run as root and sometime run as the connected user, this boolean parameter inserts the + current euid, egid, uid and gid to the timestamp message headers in the log file if turned on. + - Note that the parameter must be on for this to have an - effect. + + Note that the parameter must be on for this to have an effect. + no diff --git a/docs/smbdotconf/logging/logfile.xml b/docs/smbdotconf/logging/logfile.xml index 202f987891..838d302b7b 100644 --- a/docs/smbdotconf/logging/logfile.xml +++ b/docs/smbdotconf/logging/logfile.xml @@ -4,11 +4,13 @@ developer="1" advanced="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This option allows you to override the name - of the Samba log file (also known as the debug file). + + This option allows you to override the name of the Samba log file (also known as the debug file). + - This option takes the standard substitutions, allowing - you to have separate log files for each user or machine. + + This option takes the standard substitutions, allowing you to have separate log files for each user or machine. + /usr/local/samba/var/log.%m diff --git a/docs/smbdotconf/logging/loglevel.xml b/docs/smbdotconf/logging/loglevel.xml index aaf1f9e975..7abf10990c 100644 --- a/docs/smbdotconf/logging/loglevel.xml +++ b/docs/smbdotconf/logging/loglevel.xml @@ -5,15 +5,16 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> debuglevel - The value of the parameter (a astring) allows - the debug level (logging level) to be specified in the - smb.conf file. This parameter has been - extended since the 2.2.x series, now it allow to specify the debug - level for multiple debug classes. This is to give greater - flexibility in the configuration of the system. + + The value of the parameter (a astring) allows the debug level (logging level) to be specified in the + smb.conf file. This parameter has been extended since the 2.2.x + series, now it allow to specify the debug level for multiple debug classes. This is to give greater + flexibility in the configuration of the system. + - The default will be the log level specified on - the command line or level zero if none was specified. + + The default will be the log level specified on the command line or level zero if none was specified. + 3 passdb:5 auth:10 winbind:2 diff --git a/docs/smbdotconf/logging/maxlogsize.xml b/docs/smbdotconf/logging/maxlogsize.xml index 673c3ff855..686185c70a 100644 --- a/docs/smbdotconf/logging/maxlogsize.xml +++ b/docs/smbdotconf/logging/maxlogsize.xml @@ -4,12 +4,14 @@ developer="1" advanced="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This option (an integer in kilobytes) specifies - the max size the log file should grow to. Samba periodically checks - the size and if it is exceeded it will rename the file, adding - a .old extension. + + This option (an integer in kilobytes) specifies the max size the log file should grow to. + Samba periodically checks the size and if it is exceeded it will rename the file, adding + a .old extension. + -A size of 0 means no limit. + A size of 0 means no limit. + 5000 1000 diff --git a/docs/smbdotconf/logging/syslog.xml b/docs/smbdotconf/logging/syslog.xml index 1bc6bb79a0..1e968738e4 100644 --- a/docs/smbdotconf/logging/syslog.xml +++ b/docs/smbdotconf/logging/syslog.xml @@ -4,17 +4,17 @@ developer="1" advanced="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter maps how Samba debug messages - are logged onto the system syslog logging levels. Samba debug - level zero maps onto syslog LOG_ERR, debug - level one maps onto LOG_WARNING, debug level - two maps onto LOG_NOTICE, debug level three - maps onto LOG_INFO. All higher levels are mapped to - LOG_DEBUG. + + This parameter maps how Samba debug messages are logged onto the system syslog logging levels. + Samba debug level zero maps onto syslog LOG_ERR, debug level one maps onto + LOG_WARNING, debug level two maps onto LOG_NOTICE, + debug level three maps onto LOG_INFO. All higher levels are mapped to LOG_DEBUG. + - This parameter sets the threshold for sending messages - to syslog. Only messages with debug level less than this value - will be sent to syslog. + + This parameter sets the threshold for sending messages to syslog. Only messages with debug + level less than this value will be sent to syslog. + 1 diff --git a/docs/smbdotconf/logging/syslogonly.xml b/docs/smbdotconf/logging/syslogonly.xml index 1e6889d37d..e91970c6ff 100644 --- a/docs/smbdotconf/logging/syslogonly.xml +++ b/docs/smbdotconf/logging/syslogonly.xml @@ -4,9 +4,10 @@ developer="1" advanced="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - If this parameter is set then Samba debug - messages are logged into the system syslog only, and not to - the debug log files. + + If this parameter is set then Samba debug messages are logged into the system + syslog only, and not to the debug log files. + no diff --git a/docs/smbdotconf/logon/adduserscript.xml b/docs/smbdotconf/logon/adduserscript.xml index 1dd71b3867..8f50bc0a69 100644 --- a/docs/smbdotconf/logon/adduserscript.xml +++ b/docs/smbdotconf/logon/adduserscript.xml @@ -4,39 +4,45 @@ advanced="1" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This is the full pathname to a script that will - be run AS ROOT by smbd - 8 under special circumstances described below. + + This is the full pathname to a script that will be run AS ROOT by + smbd 8 + under special circumstances described below. + - Normally, a Samba server requires that UNIX users are - created for all users accessing files on this server. For sites - that use Windows NT account databases as their primary user database - creating these users and keeping the user list in sync with the - Windows NT PDC is an onerous task. This option allows smbd to create the required UNIX users - ON DEMAND when a user accesses the Samba server. + + Normally, a Samba server requires that UNIX users are created for all users accessing + files on this server. For sites that use Windows NT account databases as their primary + user database creating these users and keeping the user list in sync with the Windows + NT PDC is an onerous task. This option allows smbd to create the required UNIX users + ON DEMAND when a user accesses the Samba server. + - In order to use this option, smbd - 8 must NOT be set to security = share - and add user script - must be set to a full pathname for a script that will create a UNIX - user given one argument of %u, which expands into - the UNIX user name to create. + + In order to use this option, smbd + 8 must NOT be set to + share and + must be set to a full pathname for a script that will create a UNIX user given one argument of + %u, which expands into the UNIX user name to create. + - When the Windows user attempts to access the Samba server, - at login (session setup in the SMB protocol) time, smbd - 8 contacts the password server and - attempts to authenticate the given user with the given password. If the - authentication succeeds then smbd - attempts to find a UNIX user in the UNIX password database to map the - Windows user into. If this lookup fails, and add user script - is set then smbd will - call the specified script AS ROOT, expanding - any %u argument to be the user name to create. + + When the Windows user attempts to access the Samba server, at login (session setup in + the SMB protocol) time, smbd + 8 contacts the + and attempts to authenticate the given user with the given password. If the authentication + succeeds then smbd attempts to find a UNIX user in the UNIX + password database to map the Windows user into. If this lookup fails, and + is set then smbd will + call the specified script AS ROOT, expanding any + %u argument to be the user name to create. + - If this script successfully creates the user then smbd - will continue on as though the UNIX user - already existed. In this way, UNIX users are dynamically created to - match existing Windows NT accounts. + + If this script successfully creates the user then smbd will + continue on as though the UNIX user already existed. In this way, UNIX users are dynamically created to + match existing Windows NT accounts. + See also , , diff --git a/docs/smbdotconf/logon/addusertogroupscript.xml b/docs/smbdotconf/logon/addusertogroupscript.xml index 62ebfe5654..f7eb410024 100644 --- a/docs/smbdotconf/logon/addusertogroupscript.xml +++ b/docs/smbdotconf/logon/addusertogroupscript.xml @@ -4,16 +4,17 @@ advanced="1" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - Full path to the script that will be called when - a user is added to a group using the Windows NT domain administration - tools. It will be run by smbd - 8 AS ROOT. - Any %g will be replaced with the group name and + + Full path to the script that will be called when a user is added to a group using the Windows NT domain administration + tools. It will be run by smbd 8 + AS ROOT. Any %g will be replaced with the group name and any %u will be replaced with the user name. - Note that the adduser command used in the example below does - not support the used syntax on all systems. + + Note that the adduser command used in the example below does + not support the used syntax on all systems. + diff --git a/docs/smbdotconf/logon/logonpath.xml b/docs/smbdotconf/logon/logonpath.xml index b8dd04ee0d..f281284d70 100644 --- a/docs/smbdotconf/logon/logonpath.xml +++ b/docs/smbdotconf/logon/logonpath.xml @@ -38,18 +38,16 @@ This option takes the standard substitutions, allowing you to have separate logon scripts for each user or machine. - - - Do not quote the value. Setting this as \\%N\profile\%U - will break profile handling. Where the tdbsam or ldapsam passdb backend - is used, at the time the user account is created the value configured - for this parameter is written to the passdb backend and that value will - over-ride the parameter value present in the smb.conf file. Any error - present in the passdb backend account record must be editted using the - appropriate tool (pdbedit on the command-line, or any other locally - provided system tool. - - + + Do not quote the value. Setting this as \\%N\profile\%U + will break profile handling. Where the tdbsam or ldapsam passdb backend + is used, at the time the user account is created the value configured + for this parameter is written to the passdb backend and that value will + over-ride the parameter value present in the smb.conf file. Any error + present in the passdb backend account record must be editted using the + appropriate tool (pdbedit on the command-line, or any other locally + provided system tool. + Note that this option is only useful if Samba is set up as a domain controller. @@ -63,9 +61,9 @@ An example of use is: - + logon path = \\PROFILESERVER\PROFILE\%U - + \\%N\%U\profile diff --git a/docs/smbdotconf/logon/logonscript.xml b/docs/smbdotconf/logon/logonscript.xml index 13ce9a0c03..5b304514d0 100644 --- a/docs/smbdotconf/logon/logonscript.xml +++ b/docs/smbdotconf/logon/logonscript.xml @@ -15,17 +15,20 @@ service specifies a of /usr/local/samba/netlogon, and STARTUP.BAT, then the file that will be downloaded is: - + /usr/local/samba/netlogon/STARTUP.BAT - + The contents of the batch file are entirely your choice. A suggested command would be to add NET TIME \\SERVER /SET /YES, to force every machine to synchronize clocks with the same time server. Another use would be to add NET USE U: \\SERVER\UTILS - for commonly used utilities, or NET USE Q: \\SERVER\ISO9001_QA for - example. + for commonly used utilities, or + +NET USE Q: \\SERVER\ISO9001_QA + + for example. diff --git a/docs/smbdotconf/logon/shutdownscript.xml b/docs/smbdotconf/logon/shutdownscript.xml index 00edf7e4b7..6183540c3f 100644 --- a/docs/smbdotconf/logon/shutdownscript.xml +++ b/docs/smbdotconf/logon/shutdownscript.xml @@ -49,8 +49,9 @@ let "time++" /sbin/shutdown $3 $4 +$time $1 & -Shutdown does not return so we need to launch it in background. - + Shutdown does not return so we need to launch it in background. + + abort shutdown script diff --git a/docs/smbdotconf/misc/afsshare.xml b/docs/smbdotconf/misc/afsshare.xml index 9dfa69bbcb..67d42d491f 100644 --- a/docs/smbdotconf/misc/afsshare.xml +++ b/docs/smbdotconf/misc/afsshare.xml @@ -9,7 +9,7 @@ the path parameter is a local AFS import. The special AFS features include the attempt to hand-craft an AFS token if you enabled --with-fake-kaserver in configure. - + no diff --git a/docs/smbdotconf/misc/dfreecommand.xml b/docs/smbdotconf/misc/dfreecommand.xml index 1c058d2918..4a9de5c84d 100644 --- a/docs/smbdotconf/misc/dfreecommand.xml +++ b/docs/smbdotconf/misc/dfreecommand.xml @@ -28,21 +28,23 @@ Note: Your script should NOT be setuid or setgid and should be owned by (and writeable only by) root! - Where the script dfree (which must be made executable) could be: - - + Where the script dfree (which must be made executable) could be: + #!/bin/sh df $1 | tail -1 | awk '{print $2" "$4}' - - - or perhaps (on Sys V based systems): + + - + or perhaps (on Sys V based systems): + #!/bin/sh /usr/bin/df -k $1 | tail -1 | awk '{print $3" "$5}' - + + - Note that you may have to replace the command names with full path names on some systems. + + Note that you may have to replace the command names with full path names on some systems. + By default internal routines for diff --git a/docs/smbdotconf/misc/followsymlinks.xml b/docs/smbdotconf/misc/followsymlinks.xml index d3113d658a..c0fd920bf9 100644 --- a/docs/smbdotconf/misc/followsymlinks.xml +++ b/docs/smbdotconf/misc/followsymlinks.xml @@ -3,19 +3,18 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter allows the Samba administrator - to stop smbd - 8 from following symbolic - links in a particular share. Setting this - parameter to no prevents any file or directory - that is a symbolic link from being followed (the user will get an - error). This option is very useful to stop users from adding a - symbolic link to /etc/passwd in their home - directory for instance. However it will slow filename lookups - down slightly. + + This parameter allows the Samba administrator to stop smbd + 8 from following symbolic links in a particular share. Setting this + parameter to no prevents any file or directory that is a symbolic link from being + followed (the user will get an error). This option is very useful to stop users from adding a symbolic + link to /etc/passwd in their home directory for instance. However + it will slow filename lookups down slightly. + - This option is enabled (i.e. smbd will - follow symbolic links) by default. + + This option is enabled (i.e. smbd will follow symbolic links) by default. + yes diff --git a/docs/smbdotconf/misc/fstype.xml b/docs/smbdotconf/misc/fstype.xml index 3c1da17633..c7df18c38b 100644 --- a/docs/smbdotconf/misc/fstype.xml +++ b/docs/smbdotconf/misc/fstype.xml @@ -3,14 +3,13 @@ type="string" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter allows the administrator to - configure the string that specifies the type of filesystem a share - is using that is reported by smbd - 8 when a client queries the filesystem type - for a share. The default type is NTFS for - compatibility with Windows NT but this can be changed to other - strings such as Samba or FAT - if required. + + This parameter allows the administrator to configure the string that specifies the type of filesystem a share + is using that is reported by smbd 8 + when a client queries the filesystem type for a share. The default type is NTFS for compatibility + with Windows NT but this can be changed to other strings such as Samba or FAT + if required. + NTFS Samba diff --git a/docs/smbdotconf/misc/homedirmap.xml b/docs/smbdotconf/misc/homedirmap.xml index 3459928b58..37b46ee0b6 100644 --- a/docs/smbdotconf/misc/homedirmap.xml +++ b/docs/smbdotconf/misc/homedirmap.xml @@ -4,23 +4,21 @@ advanced="1" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - If is yes, - and smbd - 8 is also acting - as a Win95/98 logon server then this parameter - specifies the NIS (or YP) map from which the server for the user's - home directory should be extracted. At present, only the Sun - auto.home map format is understood. The form of the map is: - - username server:/some/file/system - - and the program will extract the servername from before - the first ':'. There should probably be a better parsing system - that copes with different map formats and also Amd (another - automounter) maps. + + If is yes, and smbd + 8 is also acting as a Win95/98 logon server + then this parameter specifies the NIS (or YP) map from which the server for the user's home directory should be extracted. + At present, only the Sun auto.home map format is understood. The form of the map is: + +username server:/some/file/system + + and the program will extract the servername from before the first ':'. There should probably be a better parsing system + that copes with different map formats and also Amd (another automounter) maps. + - A working NIS client is required on - the system for this option to work. + + A working NIS client is required on the system for this option to work. + nis homedir domain logons diff --git a/docs/smbdotconf/misc/include.xml b/docs/smbdotconf/misc/include.xml index 409c9aff3c..17ccea33c0 100644 --- a/docs/smbdotconf/misc/include.xml +++ b/docs/smbdotconf/misc/include.xml @@ -4,13 +4,15 @@ hide="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This allows you to include one config file - inside another. The file is included literally, as though typed - in place. + + This allows you to include one config file inside another. The file is included literally, as though typed + in place. + - It takes the standard substitutions, except %u - , %P and %S. - + + It takes the standard substitutions, except %u, + %P and %S. + diff --git a/docs/smbdotconf/misc/magicoutput.xml b/docs/smbdotconf/misc/magicoutput.xml index ed0cb0b21c..47e514fdce 100644 --- a/docs/smbdotconf/misc/magicoutput.xml +++ b/docs/smbdotconf/misc/magicoutput.xml @@ -4,14 +4,13 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter specifies the name of a file - which will contain output created by a magic script (see the + This parameter specifies the name of a file which will contain output created by a magic script (see the parameter below). -If two clients use the same magic script - in the same directory the output file content - is undefined. + If two clients use the same magic script + in the same directory the output file content is undefined. + <magic script name>.out diff --git a/docs/smbdotconf/misc/messagecommand.xml b/docs/smbdotconf/misc/messagecommand.xml index 117600cf1d..91df58ab5d 100644 --- a/docs/smbdotconf/misc/messagecommand.xml +++ b/docs/smbdotconf/misc/messagecommand.xml @@ -11,9 +11,10 @@ deliver the message somehow. How this is to be done is up to your imagination. - An example is: - - message command = csh -c 'xedit %s;rm %s' & + An example is: + +message command = csh -c 'xedit %s;rm %s' & + This delivers the message using xedit, then @@ -52,10 +53,12 @@ takes your fancy. Please let us know of any really interesting ideas you have. - Here's a way of sending the messages as mail to root: - - message command = /bin/mail -s 'message from %f on - %m' root < %s; rm %s + + Here's a way of sending the messages as mail to root: + +message command = /bin/mail -s 'message from %f on %m' root < %s; rm %s + + If you don't have a message command then the message won't be delivered and Samba will tell the sender there was @@ -63,9 +66,13 @@ and carries on regardless, saying that the message was delivered. - If you want to silently delete it then try: - - message command = rm %s + + If you want to silently delete it then try: + +message command = rm %s + + + csh -c 'xedit %s; rm %s' & diff --git a/docs/smbdotconf/misc/panicaction.xml b/docs/smbdotconf/misc/panicaction.xml index 85edad84e4..78f89fed99 100644 --- a/docs/smbdotconf/misc/panicaction.xml +++ b/docs/smbdotconf/misc/panicaction.xml @@ -8,7 +8,8 @@ system command to be called when either smbd 8 or smbd 8 crashes. This is usually used to -draw attention to the fact that a problem occurred. + draw attention to the fact that a problem occurred. + diff --git a/docs/smbdotconf/misc/piddirectory.xml b/docs/smbdotconf/misc/piddirectory.xml index c4c3a2bf7d..c9f05338ac 100644 --- a/docs/smbdotconf/misc/piddirectory.xml +++ b/docs/smbdotconf/misc/piddirectory.xml @@ -4,8 +4,9 @@ advanced="1" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This option specifies the directory where pid - files will be placed. + + This option specifies the directory where pid files will be placed. + ${prefix}/var/locks diff --git a/docs/smbdotconf/misc/preexecclose.xml b/docs/smbdotconf/misc/preexecclose.xml index c616ad7f07..7a477e16fe 100644 --- a/docs/smbdotconf/misc/preexecclose.xml +++ b/docs/smbdotconf/misc/preexecclose.xml @@ -4,8 +4,10 @@ advanced="1" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This boolean option controls whether a non-zero - return code from should close the service being connected to. + + This boolean option controls whether a non-zero return code from + should close the service being connected to. + no diff --git a/docs/smbdotconf/misc/remoteannounce.xml b/docs/smbdotconf/misc/remoteannounce.xml index fc46a46e89..f4fe1d9538 100644 --- a/docs/smbdotconf/misc/remoteannounce.xml +++ b/docs/smbdotconf/misc/remoteannounce.xml @@ -4,28 +4,34 @@ type="list" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This option allows you to setup nmbd + + This option allows you to setup nmbd 8to periodically announce itself - to arbitrary IP addresses with an arbitrary workgroup name. + to arbitrary IP addresses with an arbitrary workgroup name. + - This is useful if you want your Samba server to appear - in a remote workgroup for which the normal browse propagation - rules don't work. The remote workgroup can be anywhere that you - can send IP packets to. + + This is useful if you want your Samba server to appear in a remote workgroup for + which the normal browse propagation rules don't work. The remote workgroup can be + anywhere that you can send IP packets to. + - For example: + + For example: + +remote announce = 192.168.2.255/SERVERS 192.168.4.255/STAFF + + the above line would cause nmbd to announce itself + to the two given IP addresses using the given workgroup names. If you leave out the + workgroup name then the one given in the parameter + is used instead. + - remote announce = 192.168.2.255/SERVERS - 192.168.4.255/STAFF - - the above line would cause nmbd to announce itself - to the two given IP addresses using the given workgroup names. - If you leave out the workgroup name then the one given in - the parameter is used instead. - - The IP addresses you choose would normally be the broadcast - addresses of the remote networks, but can also be the IP addresses - of known browse masters if your network config is that stable. + + The IP addresses you choose would normally be the broadcast addresses of the remote + networks, but can also be the IP addresses of known browse masters if your network + config is that stable. + See . diff --git a/docs/smbdotconf/misc/remotebrowsesync.xml b/docs/smbdotconf/misc/remotebrowsesync.xml index ea25cf48c8..508ec3ab2e 100644 --- a/docs/smbdotconf/misc/remotebrowsesync.xml +++ b/docs/smbdotconf/misc/remotebrowsesync.xml @@ -4,32 +4,40 @@ type="list" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This option allows you to setup nmbd + + This option allows you to setup nmbd 8 to periodically request synchronization of browse lists with the master browser of a Samba server that is on a remote segment. This option will allow you to gain browse lists for multiple workgroups across routed networks. This - is done in a manner that does not work with any non-Samba servers. + is done in a manner that does not work with any non-Samba servers. + - This is useful if you want your Samba server and all local + + This is useful if you want your Samba server and all local clients to appear in a remote workgroup for which the normal browse propagation rules don't work. The remote workgroup can be anywhere - that you can send IP packets to. + that you can send IP packets to. + - For example: - - remote browse sync = 192.168.2.255 192.168.4.255 - - the above line would cause nmbd to request + + For example: + +remote browse sync = 192.168.2.255 192.168.4.255 + + the above line would cause nmbd to request the master browser on the specified subnets or addresses to - synchronize their browse lists with the local server. + synchronize their browse lists with the local server. + - The IP addresses you choose would normally be the broadcast + + The IP addresses you choose would normally be the broadcast addresses of the remote networks, but can also be the IP addresses of known browse masters if your network config is that stable. If a machine IP address is given Samba makes NO attempt to validate that the remote machine is available, is listening, nor that it - is in fact the browse master on its segment. + is in fact the browse master on its segment. + diff --git a/docs/smbdotconf/misc/rootpostexec.xml b/docs/smbdotconf/misc/rootpostexec.xml index 6fa003f085..4aff4f0334 100644 --- a/docs/smbdotconf/misc/rootpostexec.xml +++ b/docs/smbdotconf/misc/rootpostexec.xml @@ -4,10 +4,11 @@ advanced="1" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This is the same as the postexec - parameter except that the command is run as root. This - is useful for unmounting filesystems - (such as CDROMs) after a connection is closed. + + This is the same as the postexec + parameter except that the command is run as root. This is useful for + unmounting filesystems (such as CDROMs) after a connection is closed. + postexec diff --git a/docs/smbdotconf/misc/rootpreexec.xml b/docs/smbdotconf/misc/rootpreexec.xml index 9f84b9f04d..89d10ec53b 100644 --- a/docs/smbdotconf/misc/rootpreexec.xml +++ b/docs/smbdotconf/misc/rootpreexec.xml @@ -4,10 +4,11 @@ advanced="1" wizard="1" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This is the same as the preexec - parameter except that the command is run as root. This - is useful for mounting filesystems (such as CDROMs) when a - connection is opened. + + This is the same as the preexec + parameter except that the command is run as root. This is useful for + mounting filesystems (such as CDROMs) when a connection is opened. + preexec diff --git a/docs/smbdotconf/misc/setdirectory.xml b/docs/smbdotconf/misc/setdirectory.xml index 5859dddcbb..5e7b379a04 100644 --- a/docs/smbdotconf/misc/setdirectory.xml +++ b/docs/smbdotconf/misc/setdirectory.xml @@ -3,13 +3,16 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - If set directory = no, then - users of the service may not use the setdir command to change - directory. + + If set directory = no, then users of the + service may not use the setdir command to change directory. + - The setdir command is only implemented + + The setdir command is only implemented in the Digital Pathworks client. See the Pathworks documentation - for details. + for details. + no diff --git a/docs/smbdotconf/misc/utmp.xml b/docs/smbdotconf/misc/utmp.xml index f50b0794c7..d60a6e5bec 100644 --- a/docs/smbdotconf/misc/utmp.xml +++ b/docs/smbdotconf/misc/utmp.xml @@ -3,19 +3,20 @@ type="boolean" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - - This boolean parameter is only available if - Samba has been configured and compiled with the option - --with-utmp. If set to yes then Samba will attempt - to add utmp or utmpx records (depending on the UNIX system) whenever a - connection is made to a Samba server. Sites may use this to record the - user connecting to a Samba share. + + + This boolean parameter is only available if Samba has been configured and compiled + with the option --with-utmp. If set to + yes then Samba will attempt to add utmp or utmpx records + (depending on the UNIX system) whenever a connection is made to a Samba server. + Sites may use this to record the user connecting to a Samba share. + - Due to the requirements of the utmp record, we - are required to create a unique identifier for the - incoming user. Enabling this option creates an n^2 - algorithm to find this number. This may impede - performance on large installations. + + Due to the requirements of the utmp record, we are required to create a unique + identifier for the incoming user. Enabling this option creates an n^2 algorithm + to find this number. This may impede performance on large installations. + utmp directory diff --git a/docs/smbdotconf/misc/wtmpdirectory.xml b/docs/smbdotconf/misc/wtmpdirectory.xml index de7321d080..f58b522573 100644 --- a/docs/smbdotconf/misc/wtmpdirectory.xml +++ b/docs/smbdotconf/misc/wtmpdirectory.xml @@ -4,19 +4,17 @@ advanced="1" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter is only available if Samba has - been configured and compiled with the option - --with-utmp. It specifies a directory pathname that is - used to store the wtmp or wtmpx files (depending on the UNIX system) that - record user connections to a Samba server. The difference with - the utmp directory is the fact that user info is kept after a user - has logged out. + + This parameter is only available if Samba has been configured and compiled with the option + --with-utmp. It specifies a directory pathname that is used to store the wtmp or wtmpx files (depending on + the UNIX system) that record user connections to a Samba server. The difference with the utmp directory is the fact + that user info is kept after a user has logged out. + - - By default this is - not set, meaning the system will use whatever utmp file the - native system is set to use (usually - /var/run/wtmp on Linux). + + By default this is not set, meaning the system will use whatever utmp file the native system is set to use (usually + /var/run/wtmp on Linux). + utmp diff --git a/docs/smbdotconf/printing/cupsoptions.xml b/docs/smbdotconf/printing/cupsoptions.xml index 6bb3782dc3..180c52bf7d 100644 --- a/docs/smbdotconf/printing/cupsoptions.xml +++ b/docs/smbdotconf/printing/cupsoptions.xml @@ -5,17 +5,20 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter is only applicable if is + This parameter is only applicable if is set to cups. Its value is a free form string of options passed directly to the cups library. - You can pass any generic print option known to CUPS (as listed + + You can pass any generic print option known to CUPS (as listed in the CUPS "Software Users' Manual"). You can also pass any printer specific option (as listed in "lpoptions -d printername -l") - valid for the target queue. + valid for the target queue. + - You should set this parameter to raw if your CUPS server + + You should set this parameter to raw if your CUPS server error_log file contains messages such as "Unsupported format 'application/octet-stream'" when printing from a Windows client through Samba. It is no longer necessary to enable diff --git a/docs/smbdotconf/printing/cupsserver.xml b/docs/smbdotconf/printing/cupsserver.xml index 045d260277..e00707c824 100644 --- a/docs/smbdotconf/printing/cupsserver.xml +++ b/docs/smbdotconf/printing/cupsserver.xml @@ -4,12 +4,14 @@ print="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter is only applicable if is set to cups. + + This parameter is only applicable if is set to cups. - If set, this option overrides the ServerName option in the CUPS - client.conf. This is necessary if you have virtual - samba servers that connect to different CUPS daemons. + + If set, this option overrides the ServerName option in the CUPS client.conf. This is + necessary if you have virtual samba servers that connect to different CUPS daemons. + "" diff --git a/docs/smbdotconf/printing/deleteprintercommand.xml b/docs/smbdotconf/printing/deleteprintercommand.xml index 5fc01edc57..b48ab5700d 100644 --- a/docs/smbdotconf/printing/deleteprintercommand.xml +++ b/docs/smbdotconf/printing/deleteprintercommand.xml @@ -24,7 +24,7 @@ been executed, smbd will reparse the smb.conf to associated printer no longer exists. If the sharename is still valid, then smbd - will return an ACCESS_DENIED error to the client. + will return an ACCESS_DENIED error to the client. addprinter command diff --git a/docs/smbdotconf/printing/enumportscommand.xml b/docs/smbdotconf/printing/enumportscommand.xml index 0a5178ea03..41db739544 100644 --- a/docs/smbdotconf/printing/enumportscommand.xml +++ b/docs/smbdotconf/printing/enumportscommand.xml @@ -17,7 +17,7 @@ can define enumports command to point to a program which should generate a list of ports, one per line, to standard output. This listing will then be used in response - to the level 1 and 2 EnumPorts() RPC. + to the level 1 and 2 EnumPorts() RPC. diff --git a/docs/smbdotconf/printing/loadprinters.xml b/docs/smbdotconf/printing/loadprinters.xml index b136505009..7e40ebee18 100644 --- a/docs/smbdotconf/printing/loadprinters.xml +++ b/docs/smbdotconf/printing/loadprinters.xml @@ -7,7 +7,7 @@ A boolean variable that controls whether all printers in the printcap will be loaded for browsing by default. See the section for - more details. + more details. yes diff --git a/docs/smbdotconf/printing/lppausecommand.xml b/docs/smbdotconf/printing/lppausecommand.xml index f42f4cc4b2..0bb66226f2 100644 --- a/docs/smbdotconf/printing/lppausecommand.xml +++ b/docs/smbdotconf/printing/lppausecommand.xml @@ -29,7 +29,11 @@ printing Currently no default value is given to - this string, unless the value of the printing - parameter is SYSV, in which case the default is : lp -i %p-%j -H hold or if the value of the printing parameter is SOFTQ, then the default is: qstat -s -j%j -h. + this string, unless the value of the + parameter is SYSV, in which case the default is : + lp -i %p-%j -H hold or if the value of the + printing parameter is + SOFTQ, then the default is: + qstat -s -j%j -h. /usr/bin/lpalt %p-%j -p0 diff --git a/docs/smbdotconf/printing/lpresumecommand.xml b/docs/smbdotconf/printing/lpresumecommand.xml index dc807f1f71..97f556e2ca 100644 --- a/docs/smbdotconf/printing/lpresumecommand.xml +++ b/docs/smbdotconf/printing/lpresumecommand.xml @@ -29,7 +29,7 @@ lp -i %p-%j -H resume or if the value of the printing parameter - is SOFTQ, then the default is: + is SOFTQ, then the default is: qstat -s -j%j -r diff --git a/docs/smbdotconf/printing/lprmcommand.xml b/docs/smbdotconf/printing/lprmcommand.xml index f98825348a..0b8375f94d 100644 --- a/docs/smbdotconf/printing/lprmcommand.xml +++ b/docs/smbdotconf/printing/lprmcommand.xml @@ -20,13 +20,13 @@ Examples of use are: - + lprm command = /usr/bin/lprm -P%p %j or lprm command = /usr/bin/cancel %p-%j - + diff --git a/docs/smbdotconf/printing/maxreportedprintjobs.xml b/docs/smbdotconf/printing/maxreportedprintjobs.xml index 78639670d7..34a5eb71c1 100644 --- a/docs/smbdotconf/printing/maxreportedprintjobs.xml +++ b/docs/smbdotconf/printing/maxreportedprintjobs.xml @@ -4,11 +4,12 @@ print="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This parameter limits the maximum number of - jobs displayed in a port monitor for Samba printer queue at any given - moment. If this number is exceeded, the excess jobs will not be shown. - A value of zero means there is no limit on the number of print - jobs reported. + + This parameter limits the maximum number of jobs displayed in a port monitor for + Samba printer queue at any given moment. If this number is exceeded, the excess + jobs will not be shown. A value of zero means there is no limit on the number of + print jobs reported. + max print jobs diff --git a/docs/smbdotconf/printing/os2drivermap.xml b/docs/smbdotconf/printing/os2drivermap.xml index a7e59b786b..4243ecab15 100644 --- a/docs/smbdotconf/printing/os2drivermap.xml +++ b/docs/smbdotconf/printing/os2drivermap.xml @@ -15,10 +15,10 @@ LaserJet 5L. - The need for the file is due to the printer driver namespace problem described in the chapter on Classical Printing in the book Samba3-HOWTO. For more - details on OS/2 clients, please refer to . - + The need for the file is due to the printer driver namespace problem described in the chapter on Classical Printing in the book Samba3-HOWTO. For more + details on OS/2 clients, please refer to . + diff --git a/docs/smbdotconf/protocol/profileacls.xml b/docs/smbdotconf/protocol/profileacls.xml index 10e5070d31..1c6f0c9ebf 100644 --- a/docs/smbdotconf/protocol/profileacls.xml +++ b/docs/smbdotconf/protocol/profileacls.xml @@ -11,9 +11,10 @@ packs do security ACL checking on the owner and ability to write of the profile directory stored on a local workstation when copied from a Samba share. - + -When not in domain mode with winbindd then the security info copied + + When not in domain mode with winbindd then the security info copied onto the local workstation has no meaning to the logged in user (SID) on that workstation so the profile storing fails. Adding this parameter onto a share used for profile storage changes two things about the @@ -22,16 +23,18 @@ BUILTIN\\Users respectively (SIDs S-1-5-32-544, S-1-5-32-545). Secondly it adds an ACE entry of "Full Control" to the SID BUILTIN\\Users to every returned ACL. This will allow any Windows 2000 or XP workstation - user to access the profile. + user to access the profile. + - Note that if you have multiple users logging + + Note that if you have multiple users logging on to a workstation then in order to prevent them from being able to access each others profiles you must remove the "Bypass traverse checking" advanced user right. This will prevent access to other users profile directories as the top level profile directory (named after the user) is created by the workstation profile code and has an ACL restricting entry to the directory tree to the owning user. - + no diff --git a/docs/smbdotconf/security/allowtrusteddomains.xml b/docs/smbdotconf/security/allowtrusteddomains.xml index 7bc5554550..924e41e793 100644 --- a/docs/smbdotconf/security/allowtrusteddomains.xml +++ b/docs/smbdotconf/security/allowtrusteddomains.xml @@ -5,7 +5,7 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This option only takes effect when the option is set to + This option only takes effect when the option is set to server,domain or ads. If it is set to no, then attempts to connect to a resource from a domain or workgroup other than the one which smbd is running diff --git a/docs/smbdotconf/security/authmethods.xml b/docs/smbdotconf/security/authmethods.xml index 6e6b88c519..39d211dbd3 100644 --- a/docs/smbdotconf/security/authmethods.xml +++ b/docs/smbdotconf/security/authmethods.xml @@ -4,25 +4,30 @@ basic="1" advanced="1" wizard="1" developer="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> + - This option allows the administrator to chose what authentication methods smbd will use when authenticating a user. This option defaults to sensible values - based on . This should be considered a developer option and used only in rare - circumstances. In the majority (if not all) of production servers, the default setting should be adequate. - + This option allows the administrator to chose what authentication methods smbd + will use when authenticating a user. This option defaults to sensible values based on . + This should be considered a developer option and used only in rare circumstances. In the majority (if not all) + of production servers, the default setting should be adequate. + - Each entry in the list attempts to authenticate the user in turn, until + + Each entry in the list attempts to authenticate the user in turn, until the user authenticates. In practice only one method will ever actually be able to complete the authentication. - Possible options include guest (anonymous access), + + Possible options include guest (anonymous access), sam (lookups in local list of accounts based on netbios name or domain name), winbind (relay authentication requests for remote users through winbindd), ntdomain (pre-winbindd method of authentication for remote domain users; deprecated in favour of winbind method), trustdomain (authenticate trusted users by contacting the - remote DC directly from smbd; deprecated in favour of winbind method). + remote DC directly from smbd; deprecated in favour of winbind method). + + guest sam winbind diff --git a/docs/smbdotconf/security/clientschannel.xml b/docs/smbdotconf/security/clientschannel.xml index 7530849260..e229182f97 100644 --- a/docs/smbdotconf/security/clientschannel.xml +++ b/docs/smbdotconf/security/clientschannel.xml @@ -5,14 +5,13 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This controls whether the client offers or even - demands the use of the netlogon schannel. - client schannel = no does not - offer the schannel, client schannel = - auto offers the schannel but does not - enforce it, and client schannel = - yes denies access if the server is not - able to speak netlogon schannel. + + This controls whether the client offers or even demands the use of the netlogon schannel. + no does not offer the schannel, + auto offers the schannel but does not + enforce it, and yes denies access + if the server is not able to speak netlogon schannel. + auto yes diff --git a/docs/smbdotconf/security/forceunknownacluser.xml b/docs/smbdotconf/security/forceunknownacluser.xml index c1708bab75..4c0949f052 100644 --- a/docs/smbdotconf/security/forceunknownacluser.xml +++ b/docs/smbdotconf/security/forceunknownacluser.xml @@ -4,23 +4,23 @@ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - If this parameter is set, a Windows NT ACL that contains an unknown - SID (security descriptor, or representation of a user or group - id) as the owner or group owner of the file will be silently - mapped into the current UNIX uid or gid of the currently - connected user. + + If this parameter is set, a Windows NT ACL that contains an unknown SID (security descriptor, or + representation of a user or group id) as the owner or group owner of the file will be silently + mapped into the current UNIX uid or gid of the currently connected user. + - This is designed to allow Windows NT clients to copy files and - folders containing ACLs that were created locally on the client - machine and contain users local to that machine only (no domain - users) to be copied to a Samba server (usually with XCOPY /O) - and have the unknown userid and groupid of the file owner map to - the current connected user. This can only be fixed correctly - when winbindd allows arbitrary mapping from any Windows NT SID - to a UNIX uid or gid. + + This is designed to allow Windows NT clients to copy files and folders containing ACLs that were + created locally on the client machine and contain users local to that machine only (no domain + users) to be copied to a Samba server (usually with XCOPY /O) and have the unknown userid and + groupid of the file owner map to the current connected user. This can only be fixed correctly + when winbindd allows arbitrary mapping from any Windows NT SID to a UNIX uid or gid. + - Try using this parameter when XCOPY /O gives an ACCESS_DENIED - error. + + Try using this parameter when XCOPY /O gives an ACCESS_DENIED error. + no diff --git a/docs/smbdotconf/security/passdbbackend.xml b/docs/smbdotconf/security/passdbbackend.xml index bbe1d13106..1a4baa5c08 100644 --- a/docs/smbdotconf/security/passdbbackend.xml +++ b/docs/smbdotconf/security/passdbbackend.xml @@ -65,7 +65,7 @@ Examples of use are: - + passdb backend = tdbsam:/etc/samba/private/passdb.tdb \ smbpasswd:/etc/samba/smbpasswd @@ -81,7 +81,7 @@ passdb backend = ldapsam:"ldap://ldap-1.example.com \ or passdb backend = mysql:my_plugin_args tdbsam - + smbpasswd diff --git a/docs/smbdotconf/security/restrictanonymous.xml b/docs/smbdotconf/security/restrictanonymous.xml index 2a45ef1561..1fbf983d54 100644 --- a/docs/smbdotconf/security/restrictanonymous.xml +++ b/docs/smbdotconf/security/restrictanonymous.xml @@ -7,10 +7,10 @@ The setting of this parameter determines whether user and group list information is returned for an anonymous connection. and mirrors the effects of the - + HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\LSA\RestrictAnonymous - + registry key in Windows 2000 and Windows NT. When set to 0, user and group list information is returned to anyone who asks. When set to 1, only an authenticated user can retrive user and diff --git a/docs/smbdotconf/security/smbpasswdfile.xml b/docs/smbdotconf/security/smbpasswdfile.xml index b21da8e1ae..209fa74422 100644 --- a/docs/smbdotconf/security/smbpasswdfile.xml +++ b/docs/smbdotconf/security/smbpasswdfile.xml @@ -7,12 +7,12 @@ This option sets the path to the encrypted smbpasswd file. By default the path to the smbpasswd file is compiled into Samba. - - An example of use is: - + + An example of use is: + smb passwd file = /etc/samba/smbpasswd - - + + ${prefix}/private/smbpasswd diff --git a/docs/smbdotconf/security/usernamemap.xml b/docs/smbdotconf/security/usernamemap.xml index 7b939f6956..c30e2327c5 100644 --- a/docs/smbdotconf/security/usernamemap.xml +++ b/docs/smbdotconf/security/usernamemap.xml @@ -76,15 +76,17 @@ guest = * - Note that the remapping is applied to all occurrences + + Note that the remapping is applied to all occurrences of usernames. Thus if you connect to \\server\fred and fred is remapped to mary then you will actually be connecting to \\server\mary and will need to supply a password suitable for mary not fred. The only exception to this is the - username passed to the (if you have one). The password - server will receive whatever username the client supplies without - modification. + username passed to the + (if you have one). The password server will receive whatever + username the client supplies without modification. + Also note that no reverse mapping is done. The main effect this has is with printing. Users who have been mapped may have @@ -117,12 +119,12 @@ guest = * after the user has been successfully authenticated. - - An example of use is: - + + An example of use is: + username map = /usr/local/samba/lib/users.map - - + + no username map diff --git a/docs/smbdotconf/security/validusers.xml b/docs/smbdotconf/security/validusers.xml index 49536a724d..313739d7c1 100644 --- a/docs/smbdotconf/security/validusers.xml +++ b/docs/smbdotconf/security/validusers.xml @@ -3,17 +3,22 @@ type="list" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This is a list of users that should be allowed - to login to this service. Names starting with '@', '+' and '&' - are interpreted using the same rules as described in the - invalid users parameter. + + This is a list of users that should be allowed to login to this service. Names starting with + '@', '+' and '&' are interpreted using the same rules as described in the + invalid users parameter. + - If this is empty (the default) then any user can login. - If a username is in both this list and the invalid - users list then access is denied for that user. + + If this is empty (the default) then any user can login. If a username is in both this list + and the invalid users list then access is denied + for that user. + - The current servicename is substituted for %S - . This is useful in the [homes] section. + + The current servicename is substituted for %S. + This is useful in the [homes] section. + invalid users diff --git a/docs/smbdotconf/security/writelist.xml b/docs/smbdotconf/security/writelist.xml index 3476b311bf..60db3f19f0 100644 --- a/docs/smbdotconf/security/writelist.xml +++ b/docs/smbdotconf/security/writelist.xml @@ -3,17 +3,22 @@ type="list" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - This is a list of users that are given read-write - access to a service. If the connecting user is in this list then - they will be given write access, no matter what the - option is set to. The list can include group names using the - @group syntax. + + This is a list of users that are given read-write access to a service. If the + connecting user is in this list then they will be given write access, no matter + what the option is set to. The list can + include group names using the @group syntax. + - Note that if a user is in both the read list and the - write list then they will be given write access. + + Note that if a user is in both the read list and the write list then they will be + given write access. + -This parameter will not work with the share in - Samba 3.0. This is by design. + + By design, this parameter will not work with the + share in Samba 3.0. + diff --git a/docs/smbdotconf/tuning/usesendfile.xml b/docs/smbdotconf/tuning/usesendfile.xml index 5f4fd844ed..2632c9ad93 100644 --- a/docs/smbdotconf/tuning/usesendfile.xml +++ b/docs/smbdotconf/tuning/usesendfile.xml @@ -3,8 +3,9 @@ type="boolean" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> - If this parameter is yes, and the sendfile() system call is supported by the underlying operating system, then some SMB read calls (mainly ReadAndX - and ReadRaw) will use the more efficient sendfile system call for files that + If this parameter is yes, and the sendfile() + system call is supported by the underlying operating system, then some SMB read calls + (mainly ReadAndX and ReadRaw) will use the more efficient sendfile system call for files that are exclusively oplocked. This may make more efficient use of the system CPU's and cause Samba to be faster. Samba automatically turns this off for clients that use protocol levels lower than NT LM 0.12 and when it detects a client is -- cgit