clarify the [add|delete] user script parameters.

3 files changed, 36 insertions, 79 deletions

diff --git a/docs/docbook/manpages/smb.conf.5.sgml b/docs/docbook/manpages/smb.conf.5.sgml
index ddb8a7ec9b4..f1aca54df7b 100644
--- a/docs/docbook/manpages/smb.conf.5.sgml
+++ b/docs/docbook/manpages/smb.conf.5.sgml
@@ -1071,8 +1071,8 @@
 		<emphasis>ON DEMAND</emphasis> when a user accesses the Samba server.</para>
 
 		<para>In order to use this option, <ulink url="smbd.8.html">smbd</ulink> 
-		must be set to <parameter>security = server</parameter> or <parameter>
-		security = domain</parameter> and <parameter>add user script</parameter>
+		must <emphasis>NOT</emphasis> be set to <parameter>security = share</parameter>
+		and <parameter>add user script</parameter>
 		must be set to a full pathname for a script that will create a UNIX 
 		user given one argument of <parameter>%u</parameter>, which expands into 
 		the UNIX user name to create.</para>
@@ -2049,19 +2049,11 @@
 		Windows NT user no longer exists.</para>
 		
 		<para>In order to use this option, <command>smbd</command> must be 
-		set to <parameter>security = domain</parameter> and <parameter>delete 
-		user script</parameter> must be set to a full pathname for a script 
-		that will delete a UNIX user given one argument of <parameter>%u
-		</parameter>, which expands into the UNIX user name to delete.
-		<emphasis>NOTE</emphasis> that this is different to the <link
-		linkend="ADDUSERSCRIPT"><parameter>add user script</parameter></link>
-		which will work with the <parameter>security = server</parameter> option 
-		as well as <parameter>security = domain</parameter>. The reason for this
-		is only when Samba is a domain member does it get the information
-		on an attempted user logon that a user no longer exists. In the
-		<parameter>security = server</parameter> mode a missing user
-		is treated the same as an invalid password logon attempt. Deleting
-		the user in this circumstance would not be a good idea.</para>
+		set to <parameter>security = domain</parameter> or <parameter>security =
+		user</parameter> and <parameter>delete user script</parameter> 
+		must be set to a full pathname for a script 
+		that will delete a UNIX user given one argument of <parameter>%u</parameter>, 
+		which expands into the UNIX user name to delete.</para>
 
 		<para>When the Windows user attempts to access the Samba server, 
 		at <emphasis>login</emphasis> (session setup in the SMB protocol) 
diff --git a/docs/htmldocs/smb.conf.5.html b/docs/htmldocs/smb.conf.5.html
index 9efb92963c0..d7d8fcbd842 100644
--- a/docs/htmldocs/smb.conf.5.html
+++ b/docs/htmldocs/smb.conf.5.html
@@ -4889,17 +4889,15 @@ HREF="smbd.8.html"
 TARGET="_top"
 >smbd</A
 > 
-		must be set to <TT
-CLASS="PARAMETER"
-><I
->security = server</I
-></TT
-> or <TT
+		must <EM
+>NOT</EM
+> be set to <TT
 CLASS="PARAMETER"
 ><I
->		security = domain</I
+>security = share</I
 ></TT
-> and <TT
+>
+		and <TT
 CLASS="PARAMETER"
 ><I
 >add user script</I
@@ -7012,53 +7010,26 @@ CLASS="PARAMETER"
 ><I
 >security = domain</I
 ></TT
-> and <TT
-CLASS="PARAMETER"
-><I
->delete 
-		user script</I
-></TT
-> must be set to a full pathname for a script 
-		that will delete a UNIX user given one argument of <TT
-CLASS="PARAMETER"
-><I
->%u
-		</I
-></TT
->, which expands into the UNIX user name to delete.
-		<EM
->NOTE</EM
-> that this is different to the <A
-HREF="#ADDUSERSCRIPT"
-><TT
-CLASS="PARAMETER"
-><I
->add user script</I
-></TT
-></A
->
-		which will work with the <TT
+> or <TT
 CLASS="PARAMETER"
 ><I
->security = server</I
+>security =
+		user</I
 ></TT
-> option 
-		as well as <TT
+> and <TT
 CLASS="PARAMETER"
 ><I
->security = domain</I
+>delete user script</I
 ></TT
->. The reason for this
-		is only when Samba is a domain member does it get the information
-		on an attempted user logon that a user no longer exists. In the
-		<TT
+> 
+		must be set to a full pathname for a script 
+		that will delete a UNIX user given one argument of <TT
 CLASS="PARAMETER"
 ><I
->security = server</I
+>%u</I
 ></TT
-> mode a missing user
-		is treated the same as an invalid password logon attempt. Deleting
-		the user in this circumstance would not be a good idea.</P
+>, 
+		which expands into the UNIX user name to delete.</P
 ><P
 >When the Windows user attempts to access the Samba server, 
 		at <EM
@@ -19357,7 +19328,7 @@ CLASS="COMMAND"
 ><DIV
 CLASS="REFSECT1"
 ><A
-NAME="AEN6105"
+NAME="AEN6100"
 ></A
 ><H2
 >WARNINGS</H2
@@ -19387,7 +19358,7 @@ TARGET="_top"
 ><DIV
 CLASS="REFSECT1"
 ><A
-NAME="AEN6111"
+NAME="AEN6106"
 ></A
 ><H2
 >VERSION</H2
@@ -19398,7 +19369,7 @@ NAME="AEN6111"
 ><DIV
 CLASS="REFSECT1"
 ><A
-NAME="AEN6114"
+NAME="AEN6109"
 ></A
 ><H2
 >SEE ALSO</H2
@@ -19477,7 +19448,7 @@ CLASS="COMMAND"
 ><DIV
 CLASS="REFSECT1"
 ><A
-NAME="AEN6134"
+NAME="AEN6129"
 ></A
 ><H2
 >AUTHOR</H2
diff --git a/docs/manpages/smb.conf.5 b/docs/manpages/smb.conf.5
index 5e97da3317a..cae8f965799 100644
--- a/docs/manpages/smb.conf.5
+++ b/docs/manpages/smb.conf.5
@@ -3,7 +3,7 @@
 .\" <http://shell.ipoline.com/~elmert/hacks/docbook2X/> 
 .\" Please send any bug reports, improvements, comments, patches, 
 .\" etc. to Steve Cheng <steve@ggi-project.org>.
-.TH "SMB.CONF" "5" "06 February 2002" "" ""
+.TH "SMB.CONF" "5" "19 February 2002" "" ""
 .SH NAME
 smb.conf \- The configuration file for the Samba suite
 .SH "SYNOPSIS"
@@ -1554,7 +1554,8 @@ Windows NT PDC is an onerous task. This option allows smbdto create the required
 \fBON DEMAND\fR when a user accesses the Samba server.
 
 In order to use this option, smbd
-must be set to \fIsecurity = server\fR or \fI security = domain\fR and \fIadd user script\fR
+must \fBNOT\fR be set to \fIsecurity = share\fR
+and \fIadd user script\fR
 must be set to a full pathname for a script that will create a UNIX 
 user given one argument of \fI%u\fR, which expands into 
 the UNIX user name to create.
@@ -2332,18 +2333,11 @@ DEMAND\fR when a user accesses the Samba server and the
 Windows NT user no longer exists.
 
 In order to use this option, \fBsmbd\fR must be 
-set to \fIsecurity = domain\fR and \fIdelete 
-user script\fR must be set to a full pathname for a script 
-that will delete a UNIX user given one argument of \fI%u
-\fR, which expands into the UNIX user name to delete.
-\fBNOTE\fR that this is different to the \fIadd user script\fR
-which will work with the \fIsecurity = server\fR option 
-as well as \fIsecurity = domain\fR. The reason for this
-is only when Samba is a domain member does it get the information
-on an attempted user logon that a user no longer exists. In the
-\fIsecurity = server\fR mode a missing user
-is treated the same as an invalid password logon attempt. Deleting
-the user in this circumstance would not be a good idea.
+set to \fIsecurity = domain\fR or \fIsecurity =
+user\fR and \fIdelete user script\fR 
+must be set to a full pathname for a script 
+that will delete a UNIX user given one argument of \fI%u\fR, 
+which expands into the UNIX user name to delete.
 
 When the Windows user attempts to access the Samba server, 
 at \fBlogin\fR (session setup in the SMB protocol)