summaryrefslogtreecommitdiff
path: root/docs/smbdotconf/security/obeypamrestrictions.xml
blob: fd12e456b6a5e88ff9a3f8ce98632b9cbe358b6d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
<samba:parameter name="obey pam restrictions"
                 context="G"
				 type="boolean"
                 advanced="1" developer="1"
		 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
    <para>When Samba 3.0 is configured to enable PAM support
    (i.e. --with-pam), this parameter will control whether or not Samba
    should obey PAM's account and session management directives.  The 
    default behavior is to use PAM for clear text authentication only
    and to ignore any account or session management.  Note that Samba
    always ignores PAM for authentication in the case of <link linkend="ENCRYPTPASSWORDS">
    <parameter moreinfo="none">encrypt passwords = yes</parameter></link>.  The reason 
    is that PAM modules cannot support the challenge/response
    authentication mechanism needed in the presence of SMB password encryption.
</para>
</description>

<value type="default">no</value>
</samba:parameter>