From a5cab2bd8a29fd3d855948cc1fef5c119e29b3cf Mon Sep 17 00:00:00 2001 From: Herb Lewis Date: Tue, 5 May 1998 19:23:40 +0000 Subject: added definitions for "password chat debug" and "unix password sync" from the 1.9.18 tree (This used to be commit 228a2a0507494e0b13ed5c74488607811da20140) --- swat/help/parameters.html | 41 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) (limited to 'swat') diff --git a/swat/help/parameters.html b/swat/help/parameters.html index c6c1b34d0e..b1f80a17e7 100644 --- a/swat/help/parameters.html +++ b/swat/help/parameters.html @@ -1256,7 +1256,15 @@ This integer value controls what level Samba advertises itself as for browse elections. See BROWSING.txt for details.

passwd chat debug (G)

-Default: passwd chat debug = No

+This boolean specifies if the passwd chat script parameter is run +in 'debug' mode. In this mode the strings passed to and received from the +passwd chat are printed in the smbd log with a debug level of 100. This +is a dangerous option as it will allow plaintext passwords to be seen +in the smbd log. It is available to help Samba admins debug their passwd +chat scripts and should be turned off after this has been done. This parameter +is off by default.

+Example: passwd chat debug = Yes

+Default: passwd chat debug = No

passwd chat (G)

This string controls the "chat" conversation that takes places @@ -1904,6 +1912,20 @@ Windows clients.

Default: time server = No

Example: time server = Yes

+

unix password sync (G)

+This boolean parameter controlls whether Samba attempts to synchronise the +UNIX password with the SMB password when the encrypted SMB password in +the smbpasswd file is changed. If this is set to Yes the +passwd program +program is called *AS ROOT* - to allow the new UNIX password to be set +without access to the old UNIX password (as the SMB password has change +code has no access to the old password cleartext, only the new). By default +this is set to No.

+See also passwd program, +passwd chat

+Default: unix password sync = No

+Example: unix password sync = Yes

+

unix realname (G)

This boolean parameter when set causes samba to supply the real name field from the unix password file to the client. This is useful for setting up mail @@ -1912,6 +1934,23 @@ clients and WWW browsers on systems used by more than one person.

Example: unix realname = Yes

update encrypted (S)

+This boolean parameter allows a user logging on with a plaintext password to +have their encrypted (hashed) password in the smbpasswd file to be updated +automatically as they log on. This option allows a site to migrate from +plaintext password authentication (users authenticate with plaintext +password over the wire, and are checked against a UNIX account database) to +encrypted password authentication (the SMB challenge/response authentication +mechanism) without forcing all users to re-enter their passwords via smbpasswd +at the time the change is made. This is a convenience option to allow the +change over to encrypted passwords to be made over a longer period. Once all +users have encrypted representations of their passwords in the smbpasswd file \ +this parameter should be set to "No".

+In order for this parameter to work correctly the +iencrypt passwords must be set to "No" when +this parameter is set to "Yes".

+Note that even when this parameter is set a user authenticating to smbd must +still enter a valid password in order to connect correctly, and to update their +hashed (smbpasswd) passwords.

Default: update encrypted = No

use rhosts (S)

-- cgit