diff options
Diffstat (limited to 'docs/htmldocs/smb.conf.5.html')
| -rw-r--r-- | docs/htmldocs/smb.conf.5.html | 259 |
1 files changed, 221 insertions, 38 deletions
diff --git a/docs/htmldocs/smb.conf.5.html b/docs/htmldocs/smb.conf.5.html index 5663fa89446..2d7358330f4 100644 --- a/docs/htmldocs/smb.conf.5.html +++ b/docs/htmldocs/smb.conf.5.html @@ -590,6 +590,9 @@ CLASS="VARIABLELIST" >the NetBIOS name of the server. This allows you to change your config based on what the client calls you. Your server can have a "dual personality".</P +><P +>Note that this paramater is not available when Samba listens + on port 445, as clients no longer send this information </P ></DD ><DT >%M</DT @@ -686,7 +689,7 @@ CLASS="REPLACEABLE" ><DIV CLASS="REFSECT1" ><A -NAME="AEN202" +NAME="AEN203" ></A ><H2 >NAME MANGLING</H2 @@ -709,6 +712,23 @@ NAME="AEN202" CLASS="VARIABLELIST" ><DL ><DT +>mangling method</DT +><DD +><P +> controls the algorithm used for the generating + the mangled names. Can take two different values, "hash" and + "hash2". "hash" is the default and is the algorithm that has been + used in Samba for many years. "hash2" is a newer and considered + a better algorithm (generates less collisions) in the names. + However, many Win32 applications store the + mangled names and so changing to the new algorithm must not be done + lightly as these applications may break unless reinstalled. + New installations of Samba may set the default to hash2. + Default <EM +>hash</EM +>.</P +></DD +><DT >mangle case = yes/no</DT ><DD ><P @@ -771,7 +791,7 @@ CLASS="VARIABLELIST" ><DIV CLASS="REFSECT1" ><A -NAME="AEN235" +NAME="AEN241" ></A ><H2 >NOTE ABOUT USERNAME/PASSWORD VALIDATION</H2 @@ -849,7 +869,7 @@ CLASS="FILENAME" ><DIV CLASS="REFSECT1" ><A -NAME="AEN254" +NAME="AEN260" ></A ><H2 >COMPLETE LIST OF GLOBAL PARAMETERS</H2 @@ -1726,6 +1746,18 @@ CLASS="PARAMETER" ><LI ><P ><A +HREF="#MANGLINGMETHOD" +><TT +CLASS="PARAMETER" +><I +>mangling method</I +></TT +></A +></P +></LI +><LI +><P +><A HREF="#MAPTOGUEST" ><TT CLASS="PARAMETER" @@ -3036,7 +3068,7 @@ CLASS="PARAMETER" ><DIV CLASS="REFSECT1" ><A -NAME="AEN982" +NAME="AEN992" ></A ><H2 >COMPLETE LIST OF SERVICE PARAMETERS</H2 @@ -3469,6 +3501,18 @@ CLASS="PARAMETER" ><LI ><P ><A +HREF="#FORCEUNKNOWNACLUSER" +><TT +CLASS="PARAMETER" +><I +>force unknown acl user</I +></TT +></A +></P +></LI +><LI +><P +><A HREF="#FORCEUSER" ><TT CLASS="PARAMETER" @@ -4515,7 +4559,7 @@ CLASS="PARAMETER" ><DIV CLASS="REFSECT1" ><A -NAME="AEN1474" +NAME="AEN1488" ></A ><H2 >EXPLANATION OF EACH PARAMETER</H2 @@ -5107,7 +5151,7 @@ NAME="ANNOUNCEVERSION" ><P >This specifies the major and minor version numbers that nmbd will use when announcing itself as a server. The default - is 4.2. Do not change this parameter unless you have a specific + is 4.5. Do not change this parameter unless you have a specific need to set a Samba server to be a downlevel server.</P ><P >Default: <B @@ -5480,7 +5524,7 @@ NAME="CASESENSITIVE" ><DD ><P >See the discussion in the section <A -HREF="#AEN202" +HREF="#AEN203" >NAME MANGLING</A >.</P ><P @@ -6609,7 +6653,7 @@ NAME="DEFAULTCASE" ><DD ><P >See the section on <A -HREF="#AEN202" +HREF="#AEN203" > NAME MANGLING</A >. Also note the <A HREF="#SHORTPRESERVECASE" @@ -8563,6 +8607,49 @@ CLASS="COMMAND" ></DD ><DT ><A +NAME="FORCEUNKNOWNACLUSER" +></A +>force unknown acl user (S)</DT +><DD +><P +>If this parameter is set, a Windows NT ACL that contains + an unknown SID (security descriptor, or representation of a user or group id) + as the owner or group owner of the file will be silently mapped into the + current UNIX uid or gid of the currently connected user.</P +><P +>This is designed to allow Windows NT clients to copy files and + folders containing ACLs that were created locally on the client machine + and contain users local to that machine only (no domain users) to be + copied to a Samba server (usually with XCOPY /O) and have the unknown + userid and groupid of the file owner map to the current connected user. + This can only be fixed correctly when winbindd allows arbitrary mapping + from any Windows NT SID to a UNIX uid or gid.</P +><P +>Try using this parameter when XCOPY /O gives an ACCESS_DENIED error. + </P +><P +>See also <A +HREF="#FORCEGROUP" +><TT +CLASS="PARAMETER" +><I +>force group + </I +></TT +></A +></P +><P +>Default: <EM +>False</EM +></P +><P +>Example: <B +CLASS="COMMAND" +>force unknown acl user = yes</B +></P +></DD +><DT +><A NAME="FORCEUSER" ></A >force user (S)</DT @@ -9881,7 +9968,12 @@ HREF="#LDAPSSL" ><P >Default : <B CLASS="COMMAND" ->ldap port = 636</B +>ldap port = 636 ; if ldap ssl = on</B +></P +><P +>Default : <B +CLASS="COMMAND" +>ldap port = 389 ; if ldap ssl = off</B ></P ></DD ><DT @@ -11304,7 +11396,7 @@ NAME="MANGLECASE" ><DD ><P >See the section on <A -HREF="#AEN202" +HREF="#AEN203" > NAME MANGLING</A ></P ><P @@ -11376,11 +11468,11 @@ NAME="MANGLEDNAMES" or whether non-DOS names should simply be ignored.</P ><P >See the section on <A -HREF="#AEN202" +HREF="#AEN203" > NAME MANGLING</A > for details on how to control the mangling process.</P ><P ->If mangling is used then the mangling algorithm is as follows:</P +>If mangling algorithm "hash" is used then the mangling algorithm is as follows:</P ><P ></P ><UL @@ -11438,6 +11530,60 @@ CLASS="PARAMETER" in a directory share the same first five alphanumeric characters. The probability of such a clash is 1/1300.</P ><P +>If mangling algorithm "hash2" is used then the mangling algorithm is as follows:</P +><P +></P +><UL +><LI +><P +>The first alphanumeric character + before the rightmost dot of the filename is preserved, forced + to upper case, and appears as the first character of the mangled name. + </P +></LI +><LI +><P +>A base63 hash of 5 characters is generated and the + first 4 characters of that hash are appended to the first character. + </P +></LI +><LI +><P +>A tilde "~" is appended to the first part of the mangled + name, followed by the final character of the base36 hash of the name. + </P +><P +>Note that the character to use may be specified using + the <A +HREF="#MANGLINGCHAR" +><TT +CLASS="PARAMETER" +><I +>mangling char</I +></TT +> + </A +> option, if you don't like '~'.</P +></LI +><LI +><P +>The first three alphanumeric characters of the final + extension are preserved, forced to upper case and appear as the + extension of the mangled name. The final extension is defined as that + part of the original filename after the rightmost dot. If there are no + dots in the filename, the mangled name will have no extension (except + in the case of "hidden files" - see below).</P +></LI +><LI +><P +>Files whose UNIX name begins with a dot will be + presented as DOS hidden files. The mangled name will be created as + for other filenames, but with the leading dot removed and "___" as + its extension regardless of actual original extension (that's three + underscores).</P +></LI +></UL +><P >The name mangling (if enabled) allows a file to be copied between UNIX directories from Windows/DOS while retaining the long UNIX filename. UNIX files can be renamed to a new extension @@ -11497,7 +11643,7 @@ NAME="MANGLINGCHAR" the <EM >magic</EM > character in <A -HREF="#AEN202" +HREF="#AEN203" >name mangling</A >. The default is a '~' but this may interfere with some software. Use this option to set @@ -11515,6 +11661,33 @@ CLASS="COMMAND" ></DD ><DT ><A +NAME="MANGLINGMETHOD" +></A +>mangling mathod(G)</DT +><DD +><P +> controls the algorithm used for the generating + the mangled names. Can take two different values, "hash" and + "hash2". "hash" is the default and is the algorithm that has been + used in Samba for many years. "hash2" is a newer and considered + a better algorithm (generates less collisions) in the names. + However, many Win32 applications store the mangled names and so + changing to the new algorithm must not be done + lightly as these applications may break unless reinstalled. + New installations of Samba may set the default to hash2.</P +><P +>Default: <B +CLASS="COMMAND" +>mangling method = hash</B +></P +><P +>Example: <B +CLASS="COMMAND" +>mangling method = hash2</B +></P +></DD +><DT +><A NAME="MAPARCHIVE" ></A >map archive (S)</DT @@ -14227,7 +14400,7 @@ CLASS="COMMAND" ></P ><P >See the section on <A -HREF="#AEN202" +HREF="#AEN203" >NAME MANGLING</A > for a fuller discussion.</P @@ -15869,7 +16042,7 @@ CLASS="PARAMETER" be used in granting access.</P ><P >See also the section <A -HREF="#AEN235" +HREF="#AEN241" > NOTE ABOUT USERNAME/PASSWORD VALIDATION</A >.</P ><P @@ -15950,7 +16123,7 @@ CLASS="PARAMETER" > parameter for details on doing this.</P ><P >See also the section <A -HREF="#AEN235" +HREF="#AEN241" > NOTE ABOUT USERNAME/PASSWORD VALIDATION</A >.</P ><P @@ -16026,7 +16199,7 @@ CLASS="PARAMETER" > parameter for details on doing this.</P ><P >See also the section <A -HREF="#AEN235" +HREF="#AEN241" > NOTE ABOUT USERNAME/PASSWORD VALIDATION</A >.</P ><P @@ -16141,7 +16314,7 @@ CLASS="COMMAND" Domain Controller. This issue will be addressed in a future release.</P ><P >See also the section <A -HREF="#AEN235" +HREF="#AEN241" > NOTE ABOUT USERNAME/PASSWORD VALIDATION</A >.</P ><P @@ -16405,7 +16578,7 @@ CLASS="COMMAND" names are lowered. </P ><P >See the section on <A -HREF="#AEN202" +HREF="#AEN203" > NAME MANGLING</A >.</P ><P @@ -17497,9 +17670,11 @@ NAME="STRIPDOT" >strip dot (G)</DT ><DD ><P ->This is a boolean that controls whether to - strip trailing dots off UNIX filenames. This helps with some - CDROMs that have filenames ending in a single dot.</P +>This parameter is now unused in Samba (2.2.5 and above). + It used strip trailing dots off UNIX filenames but was not correctly implmented. + In Samba 2.2.5 and above UNIX filenames ending in a dot are invalid Windows long + filenames (as they are in Windows NT and above) and are mangled to 8.3 before + being returned to a client.</P ><P >Default: <B CLASS="COMMAND" @@ -18114,7 +18289,7 @@ CLASS="PARAMETER" search.</P ><P >See the section <A -HREF="#AEN235" +HREF="#AEN241" >NOTE ABOUT USERNAME/PASSWORD VALIDATION</A > for more information on how @@ -19019,24 +19194,32 @@ CLASS="COMMAND" ></P ></DD ><DT -><A +>winbind use default domain, <A NAME="WINBINDUSEDEFAULTDOMAIN" ></A ->winbind use default domain (G)</DT +>winbind use default domain</DT ><DD ><P ->This option controls whether or not smbd - should lookup 'username' as 'DOMAIN\username' when winbindd is - running on a system. This is most useful when used in conjunction - with pam_winbind.so to prevent a Windows user from having to enter - commands like "ssh 'DOMAIN\username@hostname'". This option is disabled - by default, thus requiring that the DOMAIN\username format be used.</P +>This parameter specifies whether the <A +HREF="winbindd.8.html" +TARGET="_top" +> winbindd(8)</A +> + daemon should operate on users without domain component in their username. + Users without a domain component are treated as is part of the winbindd server's + own domain. While this does not benifit Windows users, it makes SSH, FTP and e-mail + function in a way much closer to the way they would in a native unix system.</P ><P >Default: <B CLASS="COMMAND" ->winbind use default domain = no</B -> - </P +>winbind use default domain = <falseg> + </B +></P +><P +>Example: <B +CLASS="COMMAND" +>winbind use default domain = true</B +></P ></DD ><DT ><A @@ -19407,7 +19590,7 @@ CLASS="COMMAND" ><DIV CLASS="REFSECT1" ><A -NAME="AEN6134" +NAME="AEN6192" ></A ><H2 >WARNINGS</H2 @@ -19437,7 +19620,7 @@ TARGET="_top" ><DIV CLASS="REFSECT1" ><A -NAME="AEN6140" +NAME="AEN6198" ></A ><H2 >VERSION</H2 @@ -19448,7 +19631,7 @@ NAME="AEN6140" ><DIV CLASS="REFSECT1" ><A -NAME="AEN6143" +NAME="AEN6201" ></A ><H2 >SEE ALSO</H2 @@ -19527,7 +19710,7 @@ CLASS="COMMAND" ><DIV CLASS="REFSECT1" ><A -NAME="AEN6163" +NAME="AEN6221" ></A ><H2 >AUTHOR</H2 |