summaryrefslogtreecommitdiff
path: root/docs/docbook/smbdotconf/security/obeypamrestrictions.xml
blob: 92a6bce22d2972d7a8f97db371623b9222d7a64f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
<samba:parameter xmlns:samba="http://samba.org/common">
		<term><anchor id="OBEYPAMRESTRICTIONS"/>obey pam restrictions (G)</term>
		<listitem><para>When Samba 2.2 is configured to enable PAM support
		(i.e. --with-pam), this parameter will control whether or not Samba
		should obey PAM's account and session management directives.  The 
		default behavior is to use PAM for clear text authentication only
		and to ignore any account or session management.  Note that Samba
		always ignores PAM for authentication in the case of <link linkend="ENCRYPTPASSWORDS"><parameter moreinfo="none">encrypt passwords = yes</parameter>
		</link>.  The reason is that PAM modules cannot support the challenge/response
		authentication mechanism needed in the presence of SMB password encryption.
		</para>

		<para>Default: <command moreinfo="none">obey pam restrictions = no</command></para>
		</listitem>
		</samba:parameter>