diff options
| author | Gerald Carter <jerry@samba.org> | 2001-04-25 02:58:36 +0000 |
|---|---|---|
| committer | Gerald Carter <jerry@samba.org> | 2001-04-25 02:58:36 +0000 |
| commit | b002791dad01d3a2474580887dae3b0162fff98a (patch) | |
| tree | 5c2c0a95b299eabcb2b597ba959a3b1e2461fa4d /docs/htmldocs | |
| parent | b343c1cd2b1f98c8430a4395206fb0e0dd7cf4ce (diff) | |
| download | samba-b002791dad01d3a2474580887dae3b0162fff98a.tar.gz samba-b002791dad01d3a2474580887dae3b0162fff98a.tar.xz samba-b002791dad01d3a2474580887dae3b0162fff98a.zip | |
added 'obey pam restrictions'; removed 'ole lock compatibility';
added placeholders for '[add|change|delete] share command'
Diffstat (limited to 'docs/htmldocs')
| -rw-r--r-- | docs/htmldocs/smb.conf.5.html | 650 |
1 files changed, 366 insertions, 284 deletions
diff --git a/docs/htmldocs/smb.conf.5.html b/docs/htmldocs/smb.conf.5.html index 0f8a83a9396..e01e69c94fd 100644 --- a/docs/htmldocs/smb.conf.5.html +++ b/docs/htmldocs/smb.conf.5.html @@ -859,11 +859,11 @@ NAME="AEN253" ><LI ><P ><A -HREF="#ADDUSERSCRIPT" +HREF="#ADDPRINTERCOMMAND" ><TT CLASS="PARAMETER" ><I ->add user script</I +>add printer command</I ></TT ></A ></P @@ -871,11 +871,23 @@ CLASS="PARAMETER" ><LI ><P ><A -HREF="#ADDPRINTERCOMMAND" +HREF="#ADDSHARECOMMAND" ><TT CLASS="PARAMETER" ><I ->addprinter command</I +>add share command</I +></TT +></A +></P +></LI +><LI +><P +><A +HREF="#ADDUSERSCRIPT" +><TT +CLASS="PARAMETER" +><I +>add user script</I ></TT ></A ></P @@ -967,6 +979,18 @@ CLASS="PARAMETER" ><LI ><P ><A +HREF="#CHANGESHARECOMMAND" +><TT +CLASS="PARAMETER" +><I +>change share command</I +></TT +></A +></P +></LI +><LI +><P +><A HREF="#CHARACTERSET" ><TT CLASS="PARAMETER" @@ -1123,11 +1147,11 @@ CLASS="PARAMETER" ><LI ><P ><A -HREF="#DELETEUSERSCRIPT" +HREF="#DELETEPRINTERCOMMAND" ><TT CLASS="PARAMETER" ><I ->delete user script</I +>delete printer command</I ></TT ></A ></P @@ -1135,11 +1159,23 @@ CLASS="PARAMETER" ><LI ><P ><A -HREF="#DELETEPRINTERCOMMAND" +HREF="#DELETESHARECOMMAND" ><TT CLASS="PARAMETER" ><I ->deleteprinter command</I +>delete share command</I +></TT +></A +></P +></LI +><LI +><P +><A +HREF="#DELETEUSERSCRIPT" +><TT +CLASS="PARAMETER" +><I +>delete user script</I ></TT ></A ></P @@ -1867,6 +1903,18 @@ CLASS="PARAMETER" ><LI ><P ><A +HREF="#OBEYPAMRESTRICTIONS" +><TT +CLASS="PARAMETER" +><I +>obey pam restrictions</I +></TT +></A +></P +></LI +><LI +><P +><A HREF="#OPLOCKBREAKWAITTIME" ><TT CLASS="PARAMETER" @@ -2757,7 +2805,7 @@ CLASS="PARAMETER" ><DIV CLASS="REFSECT1" ><A -NAME="AEN889" +NAME="AEN905" ></A ><H2 >COMPLETE LIST OF SERVICE PARAMETERS</H2 @@ -4176,7 +4224,7 @@ CLASS="PARAMETER" ><DIV CLASS="REFSECT1" ><A -NAME="AEN1361" +NAME="AEN1377" ></A ><H2 >EXPLANATION OF EACH PARAMETER</H2 @@ -4187,154 +4235,9 @@ CLASS="VARIABLELIST" ><DL ><DT ><A -NAME="ADDUSERSCRIPT" -></A ->add user script (G)</DT -><DD -><P ->This is the full pathname to a script that will - be run <EM ->AS ROOT</EM -> by <A -HREF="smbd.8.html" -TARGET="_top" ->smbd(8) - </A -> under special circumstances described below.</P -><P ->Normally, a Samba server requires that UNIX users are - created for all users accessing files on this server. For sites - that use Windows NT account databases as their primary user database - creating these users and keeping the user list in sync with the - Windows NT PDC is an onerous task. This option allows <A -HREF="smbd.8.html" -TARGET="_top" ->smbd</A -> to create the required UNIX users - <EM ->ON DEMAND</EM -> when a user accesses the Samba server.</P -><P ->In order to use this option, <A -HREF="smbd.8.html" -TARGET="_top" ->smbd</A -> - must be set to <TT -CLASS="PARAMETER" -><I ->security=server</I -></TT -> or <TT -CLASS="PARAMETER" -><I -> security=domain</I -></TT -> and <TT -CLASS="PARAMETER" -><I ->add user script</I -></TT -> - must be set to a full pathname for a script that will create a UNIX - user given one argument of <TT -CLASS="PARAMETER" -><I ->%u</I -></TT ->, which expands into - the UNIX user name to create.</P -><P ->When the Windows user attempts to access the Samba server, - at login (session setup in the SMB protocol) time, <A -HREF="smbd.8.html" -TARGET="_top" -> smbd</A -> contacts the <TT -CLASS="PARAMETER" -><I ->password server</I -></TT -> and - attempts to authenticate the given user with the given password. If the - authentication succeeds then <B -CLASS="COMMAND" ->smbd</B -> - attempts to find a UNIX user in the UNIX password database to map the - Windows user into. If this lookup fails, and <TT -CLASS="PARAMETER" -><I ->add user script - </I -></TT -> is set then <B -CLASS="COMMAND" ->smbd</B -> will - call the specified script <EM ->AS ROOT</EM ->, expanding - any <TT -CLASS="PARAMETER" -><I ->%u</I -></TT -> argument to be the user name to create.</P -><P ->If this script successfully creates the user then <B -CLASS="COMMAND" ->smbd - </B -> will continue on as though the UNIX user - already existed. In this way, UNIX users are dynamically created to - match existing Windows NT accounts.</P -><P ->See also <A -HREF="#SECURITY" -><TT -CLASS="PARAMETER" -><I -> security</I -></TT -></A ->, <A -HREF="#PASSWORDSERVER" -> <TT -CLASS="PARAMETER" -><I ->password server</I -></TT -></A ->, - <A -HREF="#DELETEUSERSCRIPT" -><TT -CLASS="PARAMETER" -><I ->delete user - script</I -></TT -></A ->.</P -><P ->Default: <B -CLASS="COMMAND" ->add user script = <empty string> - </B -></P -><P ->Example: <B -CLASS="COMMAND" ->add user script = /usr/local/samba/bin/add_user - %u</B -></P -></DD -><DT -><A NAME="ADDPRINTERCOMMAND" ></A ->addprinter command (G)</DT +>add printer command (G)</DT ><DD ><P >With the introduction of MS-RPC based printing @@ -4348,7 +4251,8 @@ NAME="ADDPRINTERCOMMAND" physically added to underlying printing system. The <TT CLASS="PARAMETER" ><I -> addprinter command</I +>add + printer command</I ></TT > defines a script to be run which will perform the necessary operations for adding the printer @@ -4370,7 +4274,7 @@ CLASS="COMMAND" >The <TT CLASS="PARAMETER" ><I ->addprinter command</I +>add printer command</I ></TT > is automatically invoked with the following parameter (in @@ -4444,7 +4348,7 @@ CLASS="PARAMETER" >Once the <TT CLASS="PARAMETER" ><I ->addprinter command</I +>add printer command</I ></TT > has been executed, <B @@ -4465,7 +4369,7 @@ HREF="#DELETEPRINTERCOMMAND" ><TT CLASS="PARAMETER" ><I -> deleteprinter command</I +> delete printer command</I ></TT ></A >, <A @@ -4500,6 +4404,160 @@ CLASS="COMMAND" ></DD ><DT ><A +NAME="ADDSHARECOMMAND" +></A +>add share command (G)</DT +><DD +><P +> </P +></DD +><DT +><A +NAME="ADDUSERSCRIPT" +></A +>add user script (G)</DT +><DD +><P +>This is the full pathname to a script that will + be run <EM +>AS ROOT</EM +> by <A +HREF="smbd.8.html" +TARGET="_top" +>smbd(8) + </A +> under special circumstances described below.</P +><P +>Normally, a Samba server requires that UNIX users are + created for all users accessing files on this server. For sites + that use Windows NT account databases as their primary user database + creating these users and keeping the user list in sync with the + Windows NT PDC is an onerous task. This option allows <A +HREF="smbd.8.html" +TARGET="_top" +>smbd</A +> to create the required UNIX users + <EM +>ON DEMAND</EM +> when a user accesses the Samba server.</P +><P +>In order to use this option, <A +HREF="smbd.8.html" +TARGET="_top" +>smbd</A +> + must be set to <TT +CLASS="PARAMETER" +><I +>security=server</I +></TT +> or <TT +CLASS="PARAMETER" +><I +> security=domain</I +></TT +> and <TT +CLASS="PARAMETER" +><I +>add user script</I +></TT +> + must be set to a full pathname for a script that will create a UNIX + user given one argument of <TT +CLASS="PARAMETER" +><I +>%u</I +></TT +>, which expands into + the UNIX user name to create.</P +><P +>When the Windows user attempts to access the Samba server, + at login (session setup in the SMB protocol) time, <A +HREF="smbd.8.html" +TARGET="_top" +> smbd</A +> contacts the <TT +CLASS="PARAMETER" +><I +>password server</I +></TT +> and + attempts to authenticate the given user with the given password. If the + authentication succeeds then <B +CLASS="COMMAND" +>smbd</B +> + attempts to find a UNIX user in the UNIX password database to map the + Windows user into. If this lookup fails, and <TT +CLASS="PARAMETER" +><I +>add user script + </I +></TT +> is set then <B +CLASS="COMMAND" +>smbd</B +> will + call the specified script <EM +>AS ROOT</EM +>, expanding + any <TT +CLASS="PARAMETER" +><I +>%u</I +></TT +> argument to be the user name to create.</P +><P +>If this script successfully creates the user then <B +CLASS="COMMAND" +>smbd + </B +> will continue on as though the UNIX user + already existed. In this way, UNIX users are dynamically created to + match existing Windows NT accounts.</P +><P +>See also <A +HREF="#SECURITY" +><TT +CLASS="PARAMETER" +><I +> security</I +></TT +></A +>, <A +HREF="#PASSWORDSERVER" +> <TT +CLASS="PARAMETER" +><I +>password server</I +></TT +></A +>, + <A +HREF="#DELETEUSERSCRIPT" +><TT +CLASS="PARAMETER" +><I +>delete user + script</I +></TT +></A +>.</P +><P +>Default: <B +CLASS="COMMAND" +>add user script = <empty string> + </B +></P +><P +>Example: <B +CLASS="COMMAND" +>add user script = /usr/local/samba/bin/add_user + %u</B +></P +></DD +><DT +><A NAME="ADMINUSERS" ></A >admin users (S)</DT @@ -5061,6 +5119,15 @@ CLASS="COMMAND" ></DD ><DT ><A +NAME="CHANGESHARECOMMAND" +></A +>change share command (G)</DT +><DD +><P +> </P +></DD +><DT +><A NAME="CHARACTERSET" ></A >character set (G)</DT @@ -6040,6 +6107,102 @@ CLASS="PROGRAMLISTING" ></DD ><DT ><A +NAME="DELETEPRINTERCOMMAND" +></A +>delete printer command (G)</DT +><DD +><P +>With the introduction of MS-RPC based printer + support for Windows NT/2000 clients in Samba 2.2, it is now + possible to delete printer at run time by issuing the + DeletePrinter() RPC call.</P +><P +>For a Samba host this means that the printer must be + physically deleted from underlying printing system. The <TT +CLASS="PARAMETER" +><I +> deleteprinter command</I +></TT +> defines a script to be run which + will perform the necessary operations for removing the printer + from the print system and from <TT +CLASS="FILENAME" +>smb.conf</TT +>. + </P +><P +>The <TT +CLASS="PARAMETER" +><I +>delete printer command</I +></TT +> is + automatically called with only one parameter: <TT +CLASS="PARAMETER" +><I +> "printer name"</I +></TT +>.</P +><P +>Once the <TT +CLASS="PARAMETER" +><I +>delete printer command</I +></TT +> has + been executed, <B +CLASS="COMMAND" +>smbd</B +> will reparse the <TT +CLASS="FILENAME" +> smb.conf</TT +> to associated printer no longer exists. + If the sharename is still valid, then <B +CLASS="COMMAND" +>smbd + </B +> will return an ACCESS_DENIED error to the client.</P +><P +>See also <A +HREF="#ADDPRINTERCOMMAND" +><TT +CLASS="PARAMETER" +><I +> add printer command</I +></TT +></A +>, <A +HREF="#PRINTING" +><TT +CLASS="PARAMETER" +><I +>printing</I +></TT +></A +>, + <A +HREF="#SHOWADDPRINTERWIZARD" +><TT +CLASS="PARAMETER" +><I +>show add + printer wizard</I +></TT +></A +></P +><P +>Default: <EM +>none</EM +></P +><P +>Example: <B +CLASS="COMMAND" +>deleteprinter command = /usr/bin/removeprinter + </B +></P +></DD +><DT +><A NAME="DELETEREADONLY" ></A >delete readonly (S)</DT @@ -6059,6 +6222,15 @@ CLASS="COMMAND" ></DD ><DT ><A +NAME="DELETESHARECOMMAND" +></A +>delete share command (G)</DT +><DD +><P +> </P +></DD +><DT +><A NAME="DELETEUSERSCRIPT" ></A >delete user script (G)</DT @@ -6232,102 +6404,6 @@ CLASS="COMMAND" ></DD ><DT ><A -NAME="DELETEPRINTERCOMMAND" -></A ->deleteprinter command (G)</DT -><DD -><P ->With the introduction of MS-RPC based printer - support for Windows NT/2000 clients in Samba 2.2, it is now - possible to delete printer at run time by issuing the - DeletePrinter() RPC call.</P -><P ->For a Samba host this means that the printer must be - physically deleted from underlying printing system. The <TT -CLASS="PARAMETER" -><I -> deleteprinter command</I -></TT -> defines a script to be run which - will perform the necessary operations for removing the printer - from the print system and from <TT -CLASS="FILENAME" ->smb.conf</TT ->. - </P -><P ->The <TT -CLASS="PARAMETER" -><I ->deleteprinter command</I -></TT -> is - automatically called with only one parameter: <TT -CLASS="PARAMETER" -><I -> "printer name"</I -></TT ->.</P -><P ->Once the <TT -CLASS="PARAMETER" -><I ->deleteprinter command</I -></TT -> has - been executed, <B -CLASS="COMMAND" ->smbd</B -> will reparse the <TT -CLASS="FILENAME" -> smb.conf</TT -> to associated printer no longer exists. - If the sharename is still valid, then <B -CLASS="COMMAND" ->smbd - </B -> will return an ACCESS_DENIED error to the client.</P -><P ->See also <A -HREF="#ADDPRINTERCOMMAND" -><TT -CLASS="PARAMETER" -><I -> addprinter command</I -></TT -></A ->, <A -HREF="#PRINTING" -><TT -CLASS="PARAMETER" -><I ->printing</I -></TT -></A ->, - <A -HREF="#SHOWADDPRINTERWIZARD" -><TT -CLASS="PARAMETER" -><I ->show add - printer wizard</I -></TT -></A -></P -><P ->Default: <EM ->none</EM -></P -><P ->Example: <B -CLASS="COMMAND" ->deleteprinter command = /usr/bin/removeprinter - </B -></P -></DD -><DT -><A NAME="DELETEVETOFILES" ></A >delete veto files (S)</DT @@ -11634,6 +11710,36 @@ CLASS="COMMAND" ></DD ><DT ><A +NAME="OBEYPAMRESTRICTIONS" +></A +>obey pam restrictions (G)</DT +><DD +><P +>When Samba 2.2 is configure to enable PAM support + (i.e. --with-pam), this parameter will control whether or not Samba + should obey PAM's account and session management directives. The + default behavior is to use PAM for clear text authentication only + and to ignore any account or session management. Note that Samba + always ignores PAM for authentication in the case of <A +HREF="#ENCRYPTPASSWORDS" +><TT +CLASS="PARAMETER" +><I +>encrypt passwords = yes</I +></TT +> + </A +>. The reason is that PAM modules cannot support the challenge/response + authentication mechanism needed in the presence of SMB password encryption. + </P +><P +>Default: <B +CLASS="COMMAND" +>obey pam restrictions = no</B +></P +></DD +><DT +><A NAME="ONLYUSER" ></A >only user (S)</DT @@ -11694,30 +11800,6 @@ CLASS="COMMAND" ></DD ><DT ><A -NAME="OLELOCKINGCOMPATIBILITY" -></A ->ole locking compatibility (G)</DT -><DD -><P ->This parameter allows an administrator to turn - off the byte range lock manipulation that is done within Samba to - give compatibility for OLE applications. Windows OLE applications - use byte range locking as a form of inter-process communication, by - locking ranges of bytes around the 2^32 region of a file range. This - can cause certain UNIX lock managers to crash or otherwise cause - problems. Setting this parameter to <TT -CLASS="CONSTANT" ->no</TT -> means you - trust your UNIX lock manager to handle such cases correctly.</P -><P ->Default: <B -CLASS="COMMAND" ->ole locking compatibility = yes</B -></P -></DD -><DT -><A NAME="ONLYGUEST" ></A >only guest (S)</DT @@ -17781,7 +17863,7 @@ CLASS="COMMAND" ><DIV CLASS="REFSECT1" ><A -NAME="AEN5643" +NAME="AEN5675" ></A ><H2 >WARNINGS</H2 @@ -17811,7 +17893,7 @@ TARGET="_top" ><DIV CLASS="REFSECT1" ><A -NAME="AEN5649" +NAME="AEN5681" ></A ><H2 >VERSION</H2 @@ -17822,7 +17904,7 @@ NAME="AEN5649" ><DIV CLASS="REFSECT1" ><A -NAME="AEN5652" +NAME="AEN5684" ></A ><H2 >SEE ALSO</H2 @@ -17901,7 +17983,7 @@ CLASS="COMMAND" ><DIV CLASS="REFSECT1" ><A -NAME="AEN5672" +NAME="AEN5704" ></A ><H2 >AUTHOR</H2 |