1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

Formatting and other fixes to man pages.

(This used to be commit 411025ed0d)
This commit is contained in:
John Terpstra 2005-08-25 16:49:40 +00:00 committed by Gerald W. Carter
parent cf596ff9a0
commit 6c2e58987b
89 changed files with 690 additions and 654 deletions

View File

@ -1788,7 +1788,7 @@ hosts: wins
</screen>
The next step is to make certain that Samba is running using <command>ps ax | grep mbd</command>.
The <command>nmbd</command> daemon will provide the WINS name resolution service when the
&smmb.conf; file <smbconfsection>[global]</smbconfsection> parameter <smbconfoption name="wins
&smb.conf; file <smbconfsection>[global]</smbconfsection> parameter <smbconfoption name="wins
support">Yes</smbconfoption> has been specified. Having validated that Samba is operational,
excute the following:
<screen>

View File

@ -1,84 +0,0 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
<refentry id="editreg.1">
<refmeta>
<refentrytitle>editreg</refentrytitle>
<manvolnum>1</manvolnum>
</refmeta>
<refnamediv>
<refname>editreg</refname>
<refpurpose>A utility for printing and editing NT4 registry files
</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>editreg</command>
<arg choice="opt">-v</arg>
<arg choice="opt">-c file</arg>
<arg choice="req">file</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>DESCRIPTION</title>
<para>This tool is part of the <citerefentry><refentrytitle>samba</refentrytitle>
<manvolnum>7</manvolnum></citerefentry> suite.</para>
<para><command>editreg</command> is a utility that
can visualize windows registry files (currently only NT4) and apply
so-called commandfiles to them.
</para>
</refsect1>
<refsect1>
<title>OPTIONS</title>
<variablelist>
<varlistentry>
<term>registry_file</term>
<listitem><para>Registry file to view or edit. </para></listitem>
</varlistentry>
<varlistentry>
<term>-v,--verbose</term>
<listitem><para>Increases verbosity of messages.
</para></listitem>
</varlistentry>
<varlistentry>
<term>-c commandfile</term>
<listitem><para>Read commands to execute on <filename>registry_file</filename> from <filename>commandfile</filename>. Currently not yet supported!
</para></listitem>
</varlistentry>
&stdarg.help;
</variablelist>
</refsect1>
<refsect1>
<title>VERSION</title>
<para>This man page is correct for version 3.0 of the Samba
suite.</para>
</refsect1>
<refsect1>
<title>AUTHOR</title>
<para>The original Samba software and related utilities
were created by Andrew Tridgell. Samba is now developed
by the Samba Team as an Open Source project similar
to the way the Linux kernel is developed.</para>
<para>The editreg man page was written by Jelmer Vernooij. </para>
</refsect1>
</refentry>

View File

@ -94,7 +94,7 @@
without <constant>-r</constant> option set would yield output similar
to the following</para>
<screen>
<programlisting>
IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION
---------------------------------------------------------------------
192.168.35.10 MINESET-TEST1 [DMVENGR]
@ -107,7 +107,7 @@ IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION
192.168.35.88 SCNT2 +[MVENGR] [Windows NT 4.0] [NT LAN Manager 4.0]
192.168.35.93 FROGSTAR-PC [MVENGR] [Windows 5.0] [Windows 2000 LAN Manager]
192.168.35.97 HERBNT1 *[HERB-NT] [Windows NT 4.0] [NT LAN Manager 4.0]
</screen>
</programlisting>
</refsect1>

View File

@ -53,16 +53,16 @@
</listitem>
</itemizedlist>
<para>An example follows:</para>
<programlisting>
<para>An example follows:
<programlisting>
#
# Sample Samba lmhosts file.
#
192.9.200.1 TESTPC
192.9.200.20 NTSERVER#20
192.9.200.21 SAMBASERVER
</programlisting>
</programlisting>
</para>
<para>Contains three IP to NetBIOS name mappings. The first
and third will be returned for any queries for the names "TESTPC"

View File

@ -86,15 +86,15 @@
<para>Extract all network traffic from all samba log files:</para>
<para><screen>
<para><programlisting>
<prompt>$</prompt> log2pcap &lt; /var/log/* &gt; trace.pcap
</screen></para>
</programlisting></para>
<para>Convert to pcap using text2pcap:</para>
<para><screen>
<para><programlisting>
<prompt>$</prompt> log2pcap -h samba.log | text2pcap -T 139,139 - trace.pcap
</screen></para>
</programlisting></para>
</refsect1>
<refsect1>

View File

@ -620,10 +620,10 @@ Parameters take the for "parameter=value". Common options include:</para>
<para>
Add a new group mapping entry:
<screen>
<programlisting>
net groupmap add {rid=int|sid=string} unixgroup=string \
[type={domain|local}] [ntgroup=string] [comment=string]
</screen>
</programlisting>
</para>
</refsect3>
@ -643,10 +643,10 @@ net groupmap add {rid=int|sid=string} unixgroup=string \
<para>Update en existing group entry</para>
<para>
<screen>
<programlisting>
net groupmap modify {ntgroup=string|sid=SID} [unixgroup=string] \
[comment=string] [type={domain|local}]
</screen>
</programlisting>
</para>
</refsect3>

View File

@ -70,10 +70,10 @@
This option prints a list of user/uid pairs separated by
the ':' character.</para>
<para>Example: <command>pdbedit -L</command></para>
<para><screen>
<para><programlisting>
sorce:500:Simo Sorce
samba:45:Test User
</screen></para>
</programlisting></para>
</listitem>
</varlistentry>
@ -86,7 +86,7 @@ samba:45:Test User
out the account fields in a descriptive format.</para>
<para>Example: <command>pdbedit -L -v</command></para>
<para><screen>
<para><programlisting>
---------------
username: sorce
user ID/Group: 500/500
@ -105,7 +105,7 @@ Home Directory: \\BERSERKER\samba
HomeDir Drive:
Logon Script:
Profile Path: \\BERSERKER\profile
</screen></para>
</programlisting></para>
</listitem>
</varlistentry>
@ -121,14 +121,14 @@ Profile Path: \\BERSERKER\profile
<manvolnum>5</manvolnum></citerefentry> for details)</para>
<para>Example: <command>pdbedit -L -w</command></para>
<screen>
<programlisting>
sorce:500:508818B733CE64BEAAD3B435B51404EE:
D2A2418EFC466A8A0F6B1DBB5C3DB80C:
[UX ]:LCT-00000000:
samba:45:0F2B255F7B67A7A9AAD3B435B51404EE:
BC281CE3F53B6A5146629CD4751D3490:
[UX ]:LCT-3BFA1E8D:
</screen>
</programlisting>
</listitem>
</varlistentry>

View File

@ -30,9 +30,9 @@
<para>
The file consists of sections and parameters. A section begins with the name of the section in square brackets
and continues until the next section begins. Sections contain parameters of the form:
<screen>
<programlisting>
<replaceable>name</replaceable> = <replaceable>value </replaceable>
</screen>
</programlisting>
</para>
<para>
@ -179,9 +179,9 @@
<para>
If you decide to use a <emphasis>path =</emphasis> line in your [homes] section, it may be useful
to use the %S macro. For example:
<screen>
<programlisting>
<userinput moreinfo="none">path = /data/pchome/%S</userinput>
</screen>
</programlisting>
is useful if you have different home directories for your PCs than for UNIX access.
</para>
@ -273,10 +273,10 @@
All aliases given for a printer in the printcap file are legitimate printer names as far as the server is concerned.
If your printing subsystem doesn't work like that, you will have to set up a pseudo-printcap. This is a file
consisting of one or more lines like this:
<screen>
<programlisting>
alias|alias|alias|alias...
</screen>
</para>
</programlisting>
</para>
<para>
Each alias should be an acceptable printer name for your printing subsystem. In the [global] section,

View File

@ -3,18 +3,20 @@
type="integer"
advanced="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>If a Samba server is a member of a Windows
NT Domain (see the <smbconfoption name="security">domain</smbconfoption>
parameter) then periodically a running smbd
process will try and change the MACHINE ACCOUNT
PASSWORD stored in the TDB called <filename moreinfo="none">private/secrets.tdb
</filename>. This parameter specifies how often this password
will be changed, in seconds. The default is one week (expressed in
seconds), the same as a Windows NT Domain member server.</para>
<description>
<para>See also <citerefentry><refentrytitle>smbpasswd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry>, and the <smbconfoption name="security">domain</smbconfoption> parameter.</para>
<para>
If a Samba server is a member of a Windows NT Domain (see the <smbconfoption
name="security">domain</smbconfoption> parameter) then periodically a running smbd process will try and change
the MACHINE ACCOUNT PASSWORD stored in the TDB called <filename moreinfo="none">private/secrets.tdb
</filename>. This parameter specifies how often this password will be changed, in seconds. The default is one
week (expressed in seconds), the same as a Windows NT Domain member server.
</para>
<para>
See also <citerefentry><refentrytitle>smbpasswd</refentrytitle> <manvolnum>8</manvolnum></citerefentry>,
and the <smbconfoption name="security">domain</smbconfoption> parameter.
</para>
</description>
<value type="default">604800</value>

View File

@ -17,7 +17,7 @@
directories you might normally veto DOS/Windows users from seeing
(e.g. <filename moreinfo="none">.AppleDouble</filename>)</para>
<para>Setting <smbconfoption name="delete veto files">yes</smbconfoption> allows these
<para>Setting <smbconfoption name="delete veto files">yes</smbconfoption> allows these
directories to be transparently deleted when the parent directory
is deleted (so long as the user has permissions to do so).</para>
</description>

View File

@ -31,9 +31,9 @@
<para>
An example of us of this parameter is:
<screen>
<programlisting>
hide files = /.*/DesktopFolderDB/TrashFor%m/resource.frk/
</screen>
</programlisting>
</para>
</description>

View File

@ -3,10 +3,12 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter prevents clients from seeing
special files such as sockets, devices and fifo's in directory
listings.
</para>
<para>
This parameter prevents clients from seeing special files such as sockets, devices and
fifo's in directory listings.
</para>
</description>
<value type="default">no</value>
</samba:parameter>

View File

@ -3,10 +3,10 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter prevents clients from seeing
the existance of files that cannot be written to. Defaults to off.
Note that unwriteable directories are shown as usual.
</para>
<para>
This parameter prevents clients from seeing the existance of files that cannot be written to.
Defaults to off. Note that unwriteable directories are shown as usual.
</para>
</description>
<value type="default">no</value>
</samba:parameter>

View File

@ -3,22 +3,29 @@
context="S"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This is for those who want to directly map UNIX
file names which cannot be represented on Windows/DOS. The mangling
of names is not always what is needed. In particular you may have
<para>
This is for those who want to directly map UNIX file names which cannot be represented on
Windows/DOS. The mangling of names is not always what is needed. In particular you may have
documents with file extensions that differ between DOS and UNIX.
For example, under UNIX it is common to use <filename moreinfo="none">.html</filename>
for HTML files, whereas under Windows/DOS <filename moreinfo="none">.htm</filename>
is more commonly used.</para>
is more commonly used.
</para>
<para>So to map <filename moreinfo="none">html</filename> to <filename moreinfo="none">htm</filename>
you would use:</para>
<para>
So to map <filename moreinfo="none">html</filename> to <filename moreinfo="none">htm</filename>
you would use:
</para>
<para><smbconfoption name="mangled map">(*.html *.htm)</smbconfoption>.</para>
<para>
<smbconfoption name="mangled map">(*.html *.htm)</smbconfoption>.
</para>
<para>One very useful case is to remove the annoying <filename moreinfo="none">;1
</filename> off the ends of filenames on some CDROMs (only visible
under some UNIXes). To do this use a map of (*;1 *;).</para>
<para>
One very useful case is to remove the annoying <filename moreinfo="none">;1</filename> off
the ends of filenames on some CDROMs (only visible under some UNIXes). To do this use a map of
(*;1 *;).
</para>
</description>
<value type="default"><comment>no mangled map</comment></value>

View File

@ -7,7 +7,7 @@
should be mapped to DOS-compatible names (&quot;mangled&quot;) and made visible,
or whether non-DOS names should simply be ignored.</para>
<para>See the section on <smbconfoption name="name mangling"/> for
<para>See the section on <smbconfoption name="name mangling"/> for
details on how to control the mangling process.</para>
<para>If mangling is used then the mangling algorithm is as follows:</para>

View File

@ -3,16 +3,20 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This controls whether the DOS archive attribute
<para>
This controls whether the DOS archive attribute
should be mapped to the UNIX owner execute bit. The DOS archive bit
is set when a file has been modified since its last backup. One
motivation for this option it to keep Samba/your PC from making
any file it touches from becoming executable under UNIX. This can
be quite annoying for shared source code, documents, etc...</para>
be quite annoying for shared source code, documents, etc...
</para>
<para>Note that this requires the <smbconfoption name="create mask"/>
parameter to be set such that owner execute bit is not masked out
(i.e. it must include 100). See the parameter <smbconfoption name="create mask"/> for details.</para>
<para>
Note that this requires the <smbconfoption name="create mask"/> parameter to be set such that owner
execute bit is not masked out (i.e. it must include 100). See the parameter
<smbconfoption name="create mask"/> for details.
</para>
</description>
<value type="default">yes</value>

View File

@ -3,12 +3,15 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This controls whether DOS style hidden files
should be mapped to the UNIX world execute bit.</para>
<para>
This controls whether DOS style hidden files should be mapped to the UNIX world execute bit.
</para>
<para>Note that this requires the <smbconfoption name="create mask"/>
to be set such that the world execute bit is not masked out (i.e.
it must include 001). See the parameter <smbconfoption name="create mask"/> for details.</para>
<para>
Note that this requires the <smbconfoption name="create mask"/> to be set such that the world execute
bit is not masked out (i.e. it must include 001). See the parameter <smbconfoption name="create mask"/>
for details.
</para>
</description>
<value type="boolean">no</value>

View File

@ -3,13 +3,15 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This controls whether DOS style system files
should be mapped to the UNIX group execute bit.</para>
<para>
This controls whether DOS style system files should be mapped to the UNIX group execute bit.
</para>
<para>Note that this requires the <smbconfoption name="create mask"/>
to be set such that the group execute bit is not masked out (i.e.
it must include 010). See the parameter <smbconfoption name="create mask"/>
for details.</para>
</description>
<value type="default">no</value>
<para>
Note that this requires the <smbconfoption name="create mask"/> to be set such that the group
execute bit is not masked out (i.e. it must include 010). See the parameter
<smbconfoption name="create mask"/> for details.
</para>
</description>
<value type="default">no</value>
</samba:parameter>

View File

@ -3,10 +3,14 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para> This controls if new filenames are created
with the case that the client passes, or if they are forced to
be the <smbconfoption name="default case"/>.</para>
<para>See the section on <link linkend="NAMEMANGLINGSECT">NAME MANGLING</link> for a fuller discussion.</para>
<para>
This controls if new filenames are created with the case that the client passes, or if
they are forced to be the <smbconfoption name="default case"/>.
</para>
<para>
See the section on <link linkend="NAMEMANGLINGSECT">NAME MANGLING</link> for a fuller discussion.
</para>
</description>
<value type="default">yes</value>

View File

@ -3,16 +3,16 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>If this parameter is set Samba no longer attempts to
map DOS attributes like SYSTEM, HIDDEN, ARCHIVE or READ-ONLY
to UNIX permission bits (such as the <smbconfoption name="map hidden"/>. Instead, DOS attributes will be stored onto an extended
attribute in the UNIX filesystem, associated with the file or directory.
For this to operate correctly, the parameters <smbconfoption name="map hidden"/>, <smbconfoption name="map system"/>, <smbconfoption name="map archive"/> must be set to off.
This parameter writes the DOS attributes as a string into the
extended attribute named "user.DOSATTRIB". This extended attribute
is explicitly hidden from smbd clients requesting an EA list.
On Linux the filesystem must have been mounted with the mount
option user_xattr in order for extended attributes to work, also
<para>
If this parameter is set Samba no longer attempts to map DOS attributes like SYSTEM, HIDDEN,
ARCHIVE or READ-ONLY to UNIX permission bits (such as the <smbconfoption name="map hidden"/>.
Instead, DOS attributes will be stored onto an extended attribute in the UNIX filesystem,
associated with the file or directory. For this to operate correctly, the parameters
<smbconfoption name="map hidden"/>, <smbconfoption name="map system"/>,
<smbconfoption name="map archive"/> must be set to off. This parameter writes the DOS
attributes as a string into the extended attribute named "user.DOSATTRIB". This extended attribute
is explicitly hidden from smbd clients requesting an EA list.i On Linux the filesystem must have
been mounted with the mount option user_xattr in order for extended attributes to work, also
extended attributes must be compiled into the Linux kernel.
</para>
</description>

View File

@ -3,34 +3,36 @@
type="string"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This is a list of files and directories that
are neither visible nor accessible. Each entry in the list must
be separated by a '/', which allows spaces to be included
in the entry. '*' and '?' can be used to specify multiple files
or directories as in DOS wildcards.</para>
<para>
This is a list of files and directories that are neither visible nor accessible. Each entry in
the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?'
can be used to specify multiple files or directories as in DOS wildcards.
</para>
<para>Each entry must be a unix path, not a DOS path and
must <emphasis>not</emphasis> include the unix directory
separator '/'.</para>
<para>
Each entry must be a unix path, not a DOS path and must <emphasis>not</emphasis> include the
unix directory separator '/'.
</para>
<para>Note that the <smbconfoption name="case sensitive"/> option
is applicable in vetoing files.</para>
<para>
Note that the <smbconfoption name="case sensitive"/> option is applicable in vetoing files.
</para>
<para>One feature of the veto files parameter that it
is important to be aware of is Samba's behaviour when
trying to delete a directory. If a directory that is
to be deleted contains nothing but veto files this
deletion will <emphasis>fail</emphasis> unless you also set
the <smbconfoption name="delete veto files"/> parameter to
<parameter moreinfo="none">yes</parameter>.</para>
<para>
One feature of the veto files parameter that it is important to be aware of is Samba's behaviour when
trying to delete a directory. If a directory that is to be deleted contains nothing but veto files this
deletion will <emphasis>fail</emphasis> unless you also set the <smbconfoption name="delete veto files"/>
parameter to <parameter moreinfo="none">yes</parameter>.
</para>
<para>Setting this parameter will affect the performance
of Samba, as it will be forced to check all files and directories
for a match as they are scanned.</para>
<para>
Setting this parameter will affect the performance of Samba, as it will be forced to check all files
and directories for a match as they are scanned.
</para>
<para>
Examples of use include:
<screen>
<programlisting>
; Veto any files containing the word Security,
; any ending in .tmp, and any directory containing the
; word root.
@ -39,7 +41,7 @@ veto files = /*Security*/*.tmp/*root*/
; Veto the Apple specific files that a NetAtalk server
; creates.
veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
</screen>
</programlisting>
</para>
</description>

View File

@ -3,28 +3,29 @@
type="string"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter is only valid when the
<smbconfoption name="oplocks"/>
<para>
This parameter is only valid when the <smbconfoption name="oplocks"/>
parameter is turned on for a share. It allows the Samba administrator
to selectively turn off the granting of oplocks on selected files that
match a wildcarded list, similar to the wildcarded list used in the
<smbconfoption name="veto files"/>
parameter.</para>
<smbconfoption name="veto files"/> parameter.
</para>
<para>You might want to do this on files that you know will
be heavily contended for by clients. A good example of this
is in the NetBench SMB benchmark program, which causes heavy
client contention for files ending in <filename moreinfo="none">.SEM</filename>.
To cause Samba not to grant oplocks on these files you would use
the line (either in the [global] section or in the section for
the particular NetBench share :</para>
<para>
You might want to do this on files that you know will be heavily contended
for by clients. A good example of this is in the NetBench SMB benchmark
program, which causes heavy client contention for files ending in
<filename moreinfo="none">.SEM</filename>. To cause Samba not to grant
oplocks on these files you would use the line (either in the [global]
section or in the section for the particular NetBench share.
</para>
<para>
An example of use is:
<screen>
<programlisting>
veto oplock files = /.*SEM/
</screen>
</programlisting>
</para>
</description>
<value type="default"><comment>No files are vetoed for oplock grants</comment></value>

View File

@ -7,7 +7,7 @@
<para> This parameter specifies whether a delete
operation in the ldapsam deletes the complete entry or only the attributes
specific to Samba.
</para>
</para>
</description>
<value type="default">no</value>

View File

@ -4,11 +4,11 @@
type="string"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameters specifies the suffix that is
used when storing idmap mappings. If this parameter
is unset, the value of <smbconfoption name="ldap suffix"/>
will be used instead. The suffix string is pre-pended to the
<smbconfoption name="ldap suffix"/> string so use a partial DN.</para>
<para>
This parameters specifies the suffix that is used when storing idmap mappings. If this parameter
is unset, the value of <smbconfoption name="ldap suffix"/> will be used instead. The suffix
string is pre-pended to the <smbconfoption name="ldap suffix"/> string so use a partial DN.
</para>
</description>
<value type="default"></value>
<value type="example">ou=Idmap</value>

View File

@ -3,13 +3,15 @@
context="G"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter is only available if Samba has been
configure to include the <command moreinfo="none">--with-ldapsam</command> option
at compile time.</para>
<para>
This parameter is only available if Samba has been configure to include the
<command moreinfo="none">--with-ldapsam</command> option at compile time.
</para>
<para>This option is used to control the tcp port number used to contact
the <smbconfoption name="ldap server"/>.
The default is to use the stand LDAPS port 636.</para>
<para>
This option is used to control the tcp port number used to contact the
<smbconfoption name="ldap server"/>. The default is to use the stand LDAPS port 636.
</para>
</description>
<related>ldap ssl</related>
<value type="default">636<comment>if ldap ssl = on</comment></value>

View File

@ -4,20 +4,22 @@
type="integer"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>When Samba is asked to write to a read-only LDAP
replica, we are redirected to talk to the read-write master server.
This server then replicates our changes back to the 'local' server,
however the replication might take some seconds, especially over slow
links. Certain client activities, particularly domain joins, can become
confused by the 'success' that does not immediately change the LDAP
back-end's data. </para>
<para>This option simply causes Samba to wait a short time, to
allow the LDAP server to catch up. If you have a particularly
high-latency network, you may wish to time the LDAP replication with a
network sniffer, and increase this value accordingly. Be aware that no
checking is performed that the data has actually replicated.</para>
<para>The value is specified in milliseconds, the maximum
value is 5000 (5 seconds).</para>
<para>
When Samba is asked to write to a read-only LDAP replica, we are redirected to talk to the read-write master server.
This server then replicates our changes back to the 'local' server, however the replication might take some seconds,
especially over slow links. Certain client activities, particularly domain joins, can become confused by the 'success'
that does not immediately change the LDAP back-end's data.
</para>
<para>
This option simply causes Samba to wait a short time, to allow the LDAP server to catch up. If you have a particularly
high-latency network, you may wish to time the LDAP replication with a network sniffer, and increase this value accordingly.
Be aware that no checking is performed that the data has actually replicated.
</para>
<para>
The value is specified in milliseconds, the maximum value is 5000 (5 seconds).
</para>
</description>
<value type="default">1000</value>
</samba:parameter>

View File

@ -4,12 +4,11 @@
type="integer"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>When Samba connects to an ldap server that server
may be down or unreachable. To prevent Samba from hanging whilst
waiting for the connection this parameter specifies in seconds how
long Samba should wait before failing the connect. The default is
to only wait fifteen seconds for the ldap server to respond to the
connect request.</para>
<para>
When Samba connects to an ldap server that servermay be down or unreachable. To prevent Samba from hanging whilst
waiting for the connection this parameter specifies in seconds how long Samba should wait before failing the
connect. The default is to only wait fifteen seconds for the ldap server to respond to the connect request.
</para>
</description>
<value type="default">15</value>
</samba:parameter>

View File

@ -4,10 +4,11 @@
advanced="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter specifies where users are added to the tree.
If this parameter is unset, the value of <smbconfoption
name="ldap suffix"/> will be used instead. The suffix string is pre-pended to the
<smbconfoption name="ldap suffix"/> string so use a partial DN.</para>
<para>
This parameter specifies where users are added to the tree. If this parameter is unset,
the value of <smbconfoption name="ldap suffix"/> will be used instead. The suffix
string is pre-pended to the <smbconfoption name="ldap suffix"/> string so use a partial DN.
</para>
</description>
<value type="default"/>

View File

@ -3,15 +3,19 @@
type="enum"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This stands for <emphasis>client-side caching
policy</emphasis>, and specifies how clients capable of offline
caching will cache the files in the share. The valid values
are: manual, documents, programs, disable.</para>
<para>
This stands for <emphasis>client-side caching policy</emphasis>, and specifies how clients capable of offline
caching will cache the files in the share. The valid values are: manual, documents, programs, disable.
</para>
<para>These values correspond to those used on Windows servers.</para>
<para>
These values correspond to those used on Windows servers.
</para>
<para>For example, shares containing roaming profiles can have
offline caching disabled using <smbconfoption name="csc policy">disable</smbconfoption>.</para>
<para>
For example, shares containing roaming profiles can have offline caching disabled using
<smbconfoption name="csc policy">disable</smbconfoption>.
</para>
</description>
<value type="default">manual</value>
<value type="example">programs</value>

View File

@ -11,7 +11,7 @@
in case the lock could later be acquired. This behavior
is used to support PC database formats such as MS Access
and FoxPro.
</para>
</para>
</description>
<value type="default">3</value>
</samba:parameter>

View File

@ -3,16 +3,16 @@
type="integer"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This is a tuning parameter added due to bugs in
both Windows 9x and WinNT. If Samba responds to a client too
quickly when that client issues an SMB that can cause an oplock
break request, then the network client can fail and not respond
to the break request. This tuning parameter (which is set in milliseconds)
is the amount of time Samba will wait before sending an oplock break
request to such (broken) clients.</para>
<para>
This is a tuning parameter added due to bugs in both Windows 9x and WinNT. If Samba responds to a client too
quickly when that client issues an SMB that can cause an oplock break request, then the network client can
fail and not respond to the break request. This tuning parameter (which is set in milliseconds) is the amount
of time Samba will wait before sending an oplock break request to such (broken) clients.
</para>
<warning><para>DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND
UNDERSTOOD THE SAMBA OPLOCK CODE.</para></warning>
</description>
<value type="default">0</value>
<warning><para>
DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND UNDERSTOOD THE SAMBA OPLOCK CODE.
</para></warning>
</description>
<value type="default">0</value>
</samba:parameter>

View File

@ -3,20 +3,23 @@
type="integer"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This is a <emphasis>very</emphasis> advanced
<citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> tuning option to
improve the efficiency of the granting of oplocks under multiple
client contention for the same file.</para>
<para>
This is a <emphasis>very</emphasis> advanced <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> tuning option to improve the efficiency of the
granting of oplocks under multiple client contention for the same file.
</para>
<para>In brief it specifies a number, which causes <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry>not to grant an oplock even when requested
if the approximate number of clients contending for an oplock on the same file goes over this
<para>
In brief it specifies a number, which causes <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry>not to grant an oplock even when requested if the
approximate number of clients contending for an oplock on the same file goes over this
limit. This causes <command moreinfo="none">smbd</command> to behave in a similar
way to Windows NT.</para>
way to Windows NT.
</para>
<warning><para>DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ
AND UNDERSTOOD THE SAMBA OPLOCK CODE.</para></warning>
<warning><para>
DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND UNDERSTOOD THE SAMBA OPLOCK CODE.
</para></warning>
</description>
<value type="default">2</value>

View File

@ -3,22 +3,26 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This boolean option tells <command moreinfo="none">smbd</command> whether to
<para>
This boolean option tells <command moreinfo="none">smbd</command> whether to
issue oplocks (opportunistic locks) to file open requests on this
share. The oplock code can dramatically (approx. 30% or more) improve
the speed of access to files on Samba servers. It allows the clients
to aggressively cache files locally and you may want to disable this
option for unreliable network environments (it is turned on by
default in Windows NT Servers). For more information see the file
<filename moreinfo="none">Speed.txt</filename> in the Samba <filename moreinfo="none">docs/</filename>
directory.</para>
<filename moreinfo="none">Speed.txt</filename> in the Samba
<filename moreinfo="none">docs/</filename> directory.
</para>
<para>Oplocks may be selectively turned off on certain files with a
share. See the <smbconfoption name="veto oplock files"/> parameter. On some systems
<para>
Oplocks may be selectively turned off on certain files with a share. See
the <smbconfoption name="veto oplock files"/> parameter. On some systems
oplocks are recognized by the underlying operating system. This
allows data synchronization between all access to oplocked files,
whether it be via Samba or NFS or a local UNIX process. See the
<parameter moreinfo="none">kernel oplocks</parameter> parameter for details.</para>
<smbconfoption name="kernel oplocks"/> parameter for details.
</para>
</description>
<related>kernel oplocks</related>

View File

@ -3,14 +3,13 @@
context="S"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>The <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry>
daemon maintains an database of file locks obtained by SMB clients.
The default behavior is to map this internal database to POSIX
locks. This means that file locks obtained by SMB clients are
consistent with those seen by POSIX compliant applications accessing
the files via a non-SMB method (e.g. NFS or local file access).
You should never need to disable this parameter.</para>
<para>
The <citerefentry><refentrytitle>smbd</refentrytitle> <manvolnum>8</manvolnum></citerefentry>
daemon maintains an database of file locks obtained by SMB clients. The default behavior is
to map this internal database to POSIX locks. This means that file locks obtained by SMB clients are
consistent with those seen by POSIX compliant applications accessing the files via a non-SMB
method (e.g. NFS or local file access). You should never need to disable this parameter.
</para>
</description>
<value type="default">yes</value>
</samba:parameter>

View File

@ -3,17 +3,20 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This is a boolean that controls the handling of
file locking in the server. When this is set to <constant>yes</constant>,
the server will check every read and write access for file locks, and
deny access if locks exist. This can be slow on some systems.</para>
<para>
This is a boolean that controls the handling of file locking in the server. When this is set to <constant>yes</constant>,
the server will check every read and write access for file locks, and deny access if locks exist. This can be slow on
some systems.
</para>
<para>When strict locking is disabled, the server performs file
lock checks only when the client explicitly asks for them.</para>
<para>
When strict locking is disabled, the server performs file lock checks only when the client explicitly asks for them.
</para>
<para>Well-behaved clients always ask for lock checks when it
is important. So in the vast majority of cases, <command moreinfo="none">strict
locking = no</command> is acceptable.</para>
</description>
<value type="default">yes</value>
<para>
Well-behaved clients always ask for lock checks when it is important. So in the vast majority of cases,
<command moreinfo="none">strict locking = no</command> is acceptable.
</para>
</description>
<value type="default">yes</value>
</samba:parameter>

View File

@ -4,14 +4,14 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>Sometimes the timestamps in the log messages
are needed with a resolution of higher that seconds, this
boolean parameter adds microsecond resolution to the timestamp
message header when turned on.</para>
<para>
Sometimes the timestamps in the log messages are needed with a resolution of higher that seconds, this
boolean parameter adds microsecond resolution to the timestamp message header when turned on.
</para>
<para>
Note that the parameter <smbconfoption name="debug timestamp"/> must be on for this to have an
effect.</para>
Note that the parameter <smbconfoption name="debug timestamp"/> must be on for this to have an effect.
</para>
</description>
<value type="default">no</value>

View File

@ -4,15 +4,16 @@
developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>When using only one log file for more then one forked
<citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry>-process there may be hard to
follow which process outputs which message. This boolean parameter
is adds the process-id to the timestamp message headers in the
logfile when turned on.</para>
<para>
When using only one log file for more then one forked <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry>-process there may be hard to follow which process outputs which
message. This boolean parameter is adds the process-id to the timestamp message headers in the
logfile when turned on.
</para>
<para>Note that the parameter <smbconfoption name="debug timestamp"/> must be on for this to have an
effect.</para>
<para>
Note that the parameter <smbconfoption name="debug timestamp"/> must be on for this to have an effect.
</para>
</description>
<value type="default">no</value>
</samba:parameter>

View File

@ -3,12 +3,13 @@
type="boolean"
developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<synonym>timestamp logs</synonym>
<synonym>timestamp logs</synonym>
<description>
<para>Samba debug log messages are timestamped
by default. If you are running at a high <smbconfoption name="debug level"/> these timestamps
can be distracting. This boolean parameter allows timestamping
to be turned off.</para>
<para>
Samba debug log messages are timestamped by default. If you are running at a high
<smbconfoption name="debug level"/> these timestamps can be distracting. This
boolean parameter allows timestamping to be turned off.
</para>
</description>
<value type="default">yes</value>
</samba:parameter>

View File

@ -4,13 +4,14 @@
developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>Samba is sometimes run as root and sometime
run as the connected user, this boolean parameter inserts the
current euid, egid, uid and gid to the timestamp message headers
in the log file if turned on.</para>
<para>
Samba is sometimes run as root and sometime run as the connected user, this boolean parameter inserts the
current euid, egid, uid and gid to the timestamp message headers in the log file if turned on.
</para>
<para>Note that the parameter <smbconfoption name="debug timestamp"/> must be on for this to have an
effect.</para>
<para>
Note that the parameter <smbconfoption name="debug timestamp"/> must be on for this to have an effect.
</para>
</description>
<value type="default">no</value>
</samba:parameter>

View File

@ -4,11 +4,13 @@
developer="1" advanced="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This option allows you to override the name
of the Samba log file (also known as the debug file).</para>
<para>
This option allows you to override the name of the Samba log file (also known as the debug file).
</para>
<para>This option takes the standard substitutions, allowing
you to have separate log files for each user or machine.</para>
<para>
This option takes the standard substitutions, allowing you to have separate log files for each user or machine.
</para>
</description>
<value type="example">/usr/local/samba/var/log.%m</value>
</samba:parameter>

View File

@ -5,15 +5,16 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<synonym>debuglevel</synonym>
<description>
<para>The value of the parameter (a astring) allows
the debug level (logging level) to be specified in the
<filename moreinfo="none">smb.conf</filename> file. This parameter has been
extended since the 2.2.x series, now it allow to specify the debug
level for multiple debug classes. This is to give greater
flexibility in the configuration of the system.</para>
<para>
The value of the parameter (a astring) allows the debug level (logging level) to be specified in the
<filename moreinfo="none">smb.conf</filename> file. This parameter has been extended since the 2.2.x
series, now it allow to specify the debug level for multiple debug classes. This is to give greater
flexibility in the configuration of the system.
</para>
<para>The default will be the log level specified on
the command line or level zero if none was specified.</para>
<para>
The default will be the log level specified on the command line or level zero if none was specified.
</para>
</description>
<value type="example">3 passdb:5 auth:10 winbind:2</value>

View File

@ -4,12 +4,14 @@
developer="1" advanced="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This option (an integer in kilobytes) specifies
the max size the log file should grow to. Samba periodically checks
the size and if it is exceeded it will rename the file, adding
a <filename moreinfo="none">.old</filename> extension.</para>
<para>
This option (an integer in kilobytes) specifies the max size the log file should grow to.
Samba periodically checks the size and if it is exceeded it will rename the file, adding
a <filename moreinfo="none">.old</filename> extension.
</para>
<para>A size of 0 means no limit.</para>
<para>A size of 0 means no limit.
</para>
</description>
<value type="default">5000</value>
<value type="default">1000</value>

View File

@ -4,17 +4,17 @@
developer="1" advanced="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter maps how Samba debug messages
are logged onto the system syslog logging levels. Samba debug
level zero maps onto syslog <constant>LOG_ERR</constant>, debug
level one maps onto <constant>LOG_WARNING</constant>, debug level
two maps onto <constant>LOG_NOTICE</constant>, debug level three
maps onto LOG_INFO. All higher levels are mapped to <constant>
LOG_DEBUG</constant>.</para>
<para>
This parameter maps how Samba debug messages are logged onto the system syslog logging levels.
Samba debug level zero maps onto syslog <constant>LOG_ERR</constant>, debug level one maps onto
<constant>LOG_WARNING</constant>, debug level two maps onto <constant>LOG_NOTICE</constant>,
debug level three maps onto LOG_INFO. All higher levels are mapped to <constant>LOG_DEBUG</constant>.
</para>
<para>This parameter sets the threshold for sending messages
to syslog. Only messages with debug level less than this value
will be sent to syslog.</para>
<para>
This parameter sets the threshold for sending messages to syslog. Only messages with debug
level less than this value will be sent to syslog.
</para>
</description>
<value type="default">1</value>
</samba:parameter>

View File

@ -4,9 +4,10 @@
developer="1" advanced="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>If this parameter is set then Samba debug
messages are logged into the system syslog only, and not to
the debug log files.</para>
<para>
If this parameter is set then Samba debug messages are logged into the system
syslog only, and not to the debug log files.
</para>
</description>
<value type="default">no</value>
</samba:parameter>

View File

@ -4,39 +4,45 @@
advanced="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This is the full pathname to a script that will
be run <emphasis>AS ROOT</emphasis> by <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> under special circumstances described below.</para>
<para>
This is the full pathname to a script that will be run <emphasis>AS ROOT</emphasis> by
<citerefentry><refentrytitle>smbd</refentrytitle> <manvolnum>8</manvolnum></citerefentry>
under special circumstances described below.
</para>
<para>Normally, a Samba server requires that UNIX users are
created for all users accessing files on this server. For sites
that use Windows NT account databases as their primary user database
creating these users and keeping the user list in sync with the
Windows NT PDC is an onerous task. This option allows smbd to create the required UNIX users
<emphasis>ON DEMAND</emphasis> when a user accesses the Samba server.</para>
<para>
Normally, a Samba server requires that UNIX users are created for all users accessing
files on this server. For sites that use Windows NT account databases as their primary
user database creating these users and keeping the user list in sync with the Windows
NT PDC is an onerous task. This option allows smbd to create the required UNIX users
<emphasis>ON DEMAND</emphasis> when a user accesses the Samba server.
</para>
<para>In order to use this option, <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> must <emphasis>NOT</emphasis> be set to <parameter moreinfo="none">security = share</parameter>
and <parameter moreinfo="none">add user script</parameter>
must be set to a full pathname for a script that will create a UNIX
user given one argument of <parameter moreinfo="none">%u</parameter>, which expands into
the UNIX user name to create.</para>
<para>
In order to use this option, <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> must <emphasis>NOT</emphasis> be set to
<smbconfoption name="security">share</smbconfoption> and <smbconfoption name="add user script"/>
must be set to a full pathname for a script that will create a UNIX user given one argument of
<parameter moreinfo="none">%u</parameter>, which expands into the UNIX user name to create.
</para>
<para>When the Windows user attempts to access the Samba server,
at login (session setup in the SMB protocol) time, <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> contacts the <parameter moreinfo="none">password server</parameter> and
attempts to authenticate the given user with the given password. If the
authentication succeeds then <command moreinfo="none">smbd</command>
attempts to find a UNIX user in the UNIX password database to map the
Windows user into. If this lookup fails, and <parameter moreinfo="none">add user script
</parameter> is set then <command moreinfo="none">smbd</command> will
call the specified script <emphasis>AS ROOT</emphasis>, expanding
any <parameter moreinfo="none">%u</parameter> argument to be the user name to create.</para>
<para>
When the Windows user attempts to access the Samba server, at login (session setup in
the SMB protocol) time, <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> contacts the <smbconfoption name="password server"/>
and attempts to authenticate the given user with the given password. If the authentication
succeeds then <command moreinfo="none">smbd</command> attempts to find a UNIX user in the UNIX
password database to map the Windows user into. If this lookup fails, and
<smbconfoption name="add user script"/> is set then <command moreinfo="none">smbd</command> will
call the specified script <emphasis>AS ROOT</emphasis>, expanding any
<parameter moreinfo="none">%u</parameter> argument to be the user name to create.
</para>
<para>If this script successfully creates the user then <command moreinfo="none">smbd
</command> will continue on as though the UNIX user
already existed. In this way, UNIX users are dynamically created to
match existing Windows NT accounts.</para>
<para>
If this script successfully creates the user then <command moreinfo="none">smbd</command> will
continue on as though the UNIX user already existed. In this way, UNIX users are dynamically created to
match existing Windows NT accounts.
</para>
<para>
See also <smbconfoption name="security"/>, <smbconfoption name="password server"/>,

View File

@ -4,16 +4,17 @@
advanced="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>Full path to the script that will be called when
a user is added to a group using the Windows NT domain administration
tools. It will be run by <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> <emphasis>AS ROOT</emphasis>.
Any <parameter moreinfo="none">%g</parameter> will be replaced with the group name and
<para>
Full path to the script that will be called when a user is added to a group using the Windows NT domain administration
tools. It will be run by <citerefentry><refentrytitle>smbd</refentrytitle> <manvolnum>8</manvolnum></citerefentry>
<emphasis>AS ROOT</emphasis>. Any <parameter moreinfo="none">%g</parameter> will be replaced with the group name and
any <parameter moreinfo="none">%u</parameter> will be replaced with the user name.
</para>
<para>Note that the <command>adduser</command> command used in the example below does
not support the used syntax on all systems. </para>
<para>
Note that the <command>adduser</command> command used in the example below does
not support the used syntax on all systems.
</para>
</description>
<value type="default"></value>

View File

@ -38,18 +38,16 @@
This option takes the standard substitutions, allowing you to have separate logon scripts for each user or machine.
</para>
<warning>
<para>
Do not quote the value. Setting this as <quote>\\%N\profile\%U</quote>
will break profile handling. Where the tdbsam or ldapsam passdb backend
is used, at the time the user account is created the value configured
for this parameter is written to the passdb backend and that value will
over-ride the parameter value present in the smb.conf file. Any error
present in the passdb backend account record must be editted using the
appropriate tool (pdbedit on the command-line, or any other locally
provided system tool.
</para>
</warning>
<warning><para>
Do not quote the value. Setting this as <quote>\\%N\profile\%U</quote>
will break profile handling. Where the tdbsam or ldapsam passdb backend
is used, at the time the user account is created the value configured
for this parameter is written to the passdb backend and that value will
over-ride the parameter value present in the smb.conf file. Any error
present in the passdb backend account record must be editted using the
appropriate tool (pdbedit on the command-line, or any other locally
provided system tool.
</para></warning>
<para>Note that this option is only useful if Samba is set up as a domain controller.</para>
@ -63,9 +61,9 @@
<para>
An example of use is:
<screen>
<programlisting>
logon path = \\PROFILESERVER\PROFILE\%U
</screen>
</programlisting>
</para>
</description>
<value type="default">\\%N\%U\profile</value>

View File

@ -15,17 +15,20 @@
service specifies a <smbconfoption name="path"/> of <filename
moreinfo="none">/usr/local/samba/netlogon</filename>, and <smbconfoption name="logon
script">STARTUP.BAT</smbconfoption>, then the file that will be downloaded is:
<screen>
<programlisting>
/usr/local/samba/netlogon/STARTUP.BAT
</screen>
</programlisting>
</para>
<para>
The contents of the batch file are entirely your choice. A suggested command would be to add <command
moreinfo="none">NET TIME \\SERVER /SET /YES</command>, to force every machine to synchronize clocks with the
same time server. Another use would be to add <command moreinfo="none">NET USE U: \\SERVER\UTILS</command>
for commonly used utilities, or <screen> <userinput>NET USE Q: \\SERVER\ISO9001_QA</userinput></screen> for
example.
for commonly used utilities, or
<programlisting>
<userinput>NET USE Q: \\SERVER\ISO9001_QA</userinput>
</programlisting>
for example.
</para>
<para>

View File

@ -49,8 +49,9 @@ let &quot;time++&quot;
/sbin/shutdown $3 $4 +$time $1 &amp;
</programlisting>
Shutdown does not return so we need to launch it in background.
</para>
Shutdown does not return so we need to launch it in background.
</para>
</description>
<related>abort shutdown script</related>
<value type="default"></value>

View File

@ -9,7 +9,7 @@
the <parameter>path</parameter> parameter is a local AFS import. The
special AFS features include the attempt to hand-craft an AFS token
if you enabled --with-fake-kaserver in configure.
</para>
</para>
</description>
<value type="default">no</value>

View File

@ -28,21 +28,23 @@
<para>Note: Your script should <emphasis>NOT</emphasis> be setuid or
setgid and should be owned by (and writeable only by) root!</para>
<para>Where the script dfree (which must be made executable) could be:</para>
<para><programlisting format="linespecific">
<para>Where the script dfree (which must be made executable) could be:
<programlisting format="linespecific">
#!/bin/sh
df $1 | tail -1 | awk '{print $2&quot; &quot;$4}'
</programlisting></para>
</programlisting>
</para>
<para>or perhaps (on Sys V based systems):</para>
<para><programlisting format="linespecific">
<para>or perhaps (on Sys V based systems):
<programlisting format="linespecific">
#!/bin/sh
/usr/bin/df -k $1 | tail -1 | awk '{print $3&quot; &quot;$5}'
</programlisting></para>
</programlisting>
</para>
<para>Note that you may have to replace the command names with full path names on some systems.</para>
<para>
Note that you may have to replace the command names with full path names on some systems.
</para>
</description>
<value type="default"><comment>By default internal routines for

View File

@ -3,19 +3,18 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter allows the Samba administrator
to stop <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> from following symbolic
links in a particular share. Setting this
parameter to <constant>no</constant> prevents any file or directory
that is a symbolic link from being followed (the user will get an
error). This option is very useful to stop users from adding a
symbolic link to <filename moreinfo="none">/etc/passwd</filename> in their home
directory for instance. However it will slow filename lookups
down slightly.</para>
<para>
This parameter allows the Samba administrator to stop <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> from following symbolic links in a particular share. Setting this
parameter to <constant>no</constant> prevents any file or directory that is a symbolic link from being
followed (the user will get an error). This option is very useful to stop users from adding a symbolic
link to <filename moreinfo="none">/etc/passwd</filename> in their home directory for instance. However
it will slow filename lookups down slightly.
</para>
<para>This option is enabled (i.e. <command moreinfo="none">smbd</command> will
follow symbolic links) by default.</para>
<para>
This option is enabled (i.e. <command moreinfo="none">smbd</command> will follow symbolic links) by default.
</para>
</description>
<value type="default">yes</value>
</samba:parameter>

View File

@ -3,14 +3,13 @@
type="string"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter allows the administrator to
configure the string that specifies the type of filesystem a share
is using that is reported by <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> when a client queries the filesystem type
for a share. The default type is <constant>NTFS</constant> for
compatibility with Windows NT but this can be changed to other
strings such as <constant>Samba</constant> or <constant>FAT
</constant> if required.</para>
<para>
This parameter allows the administrator to configure the string that specifies the type of filesystem a share
is using that is reported by <citerefentry><refentrytitle>smbd</refentrytitle> <manvolnum>8</manvolnum></citerefentry>
when a client queries the filesystem type for a share. The default type is <constant>NTFS</constant> for compatibility
with Windows NT but this can be changed to other strings such as <constant>Samba</constant> or <constant>FAT</constant>
if required.
</para>
</description>
<value type="default">NTFS</value>
<value type="example">Samba</value>

View File

@ -4,23 +4,21 @@
advanced="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>If <smbconfoption name="nis homedir"/> is <constant>yes</constant>,
and <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> is also acting
as a Win95/98 <parameter moreinfo="none">logon server</parameter> then this parameter
specifies the NIS (or YP) map from which the server for the user's
home directory should be extracted. At present, only the Sun
auto.home map format is understood. The form of the map is:</para>
<para><command moreinfo="none">username server:/some/file/system</command></para>
<para>and the program will extract the servername from before
the first ':'. There should probably be a better parsing system
that copes with different map formats and also Amd (another
automounter) maps.</para>
<para>
If <smbconfoption name="nis homedir"/> is <constant>yes</constant>, and <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> is also acting as a Win95/98 <parameter moreinfo="none">logon server</parameter>
then this parameter specifies the NIS (or YP) map from which the server for the user's home directory should be extracted.
At present, only the Sun auto.home map format is understood. The form of the map is:
<programlisting>
<command moreinfo="none">username server:/some/file/system</command>
</programlisting>
and the program will extract the servername from before the first ':'. There should probably be a better parsing system
that copes with different map formats and also Amd (another automounter) maps.
</para>
<note><para>A working NIS client is required on
the system for this option to work.</para></note>
<note><para>
A working NIS client is required on the system for this option to work.
</para></note>
</description>
<related>nis homedir</related>
<related>domain logons</related>

View File

@ -4,13 +4,15 @@
hide="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This allows you to include one config file
inside another. The file is included literally, as though typed
in place.</para>
<para>
This allows you to include one config file inside another. The file is included literally, as though typed
in place.
</para>
<para>It takes the standard substitutions, except <parameter moreinfo="none">%u
</parameter>, <parameter moreinfo="none">%P</parameter> and <parameter moreinfo="none">%S</parameter>.
</para>
<para>
It takes the standard substitutions, except <parameter moreinfo="none">%u</parameter>,
<parameter moreinfo="none">%P</parameter> and <parameter moreinfo="none">%S</parameter>.
</para>
</description>
<value type="default"></value>

View File

@ -4,14 +4,13 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
This parameter specifies the name of a file
which will contain output created by a magic script (see the
This parameter specifies the name of a file which will contain output created by a magic script (see the
<smbconfoption name="magic script"/> parameter below).
</para>
<warning><para>If two clients use the same <parameter moreinfo="none">magic script
</parameter> in the same directory the output file content
is undefined.</para></warning>
<warning><para>If two clients use the same <parameter moreinfo="none">magic script
</parameter> in the same directory the output file content is undefined.
</para></warning>
</description>
<value type="default">&lt;magic script name&gt;.out</value>

View File

@ -11,9 +11,10 @@
deliver the message somehow. How this is to be done is
up to your imagination.</para>
<para>An example is:</para>
<para><command moreinfo="none">message command = csh -c 'xedit %s;rm %s' &amp;</command>
<para>An example is:
<programlisting>
<command moreinfo="none">message command = csh -c 'xedit %s;rm %s' &amp;</command>
</programlisting>
</para>
<para>This delivers the message using <command moreinfo="none">xedit</command>, then
@ -52,10 +53,12 @@
takes your fancy. Please let us know of any really interesting
ideas you have.</para>
<para>Here's a way of sending the messages as mail to root:</para>
<para><command moreinfo="none">message command = /bin/mail -s 'message from %f on
%m' root &lt; %s; rm %s</command></para>
<para>
Here's a way of sending the messages as mail to root:
<programlisting>
<command moreinfo="none">message command = /bin/mail -s 'message from %f on %m' root &lt; %s; rm %s</command>
</programlisting>
</para>
<para>If you don't have a message command then the message
won't be delivered and Samba will tell the sender there was
@ -63,9 +66,13 @@
and carries on regardless, saying that the message was delivered.
</para>
<para>If you want to silently delete it then try:</para>
<para><command moreinfo="none">message command = rm %s</command></para>
<para>
If you want to silently delete it then try:
<programlisting>
<command moreinfo="none">message command = rm %s</command>
</programlisting>
</para>
</description>
<value type="default"></value>
<value type="example">csh -c 'xedit %s; rm %s' &amp;</value>

View File

@ -8,7 +8,8 @@
system command to be called when either <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> or <citerefentry><refentrytitle>smbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> crashes. This is usually used to
draw attention to the fact that a problem occurred.</para>
draw attention to the fact that a problem occurred.
</para>
</description>
<value type="default"></value>

View File

@ -4,8 +4,9 @@
advanced="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This option specifies the directory where pid
files will be placed. </para>
<para>
This option specifies the directory where pid files will be placed.
</para>
</description>
<value type="default">${prefix}/var/locks</value>

View File

@ -4,8 +4,10 @@
advanced="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This boolean option controls whether a non-zero
return code from <smbconfoption name="preexec"/> should close the service being connected to.</para>
<para>
This boolean option controls whether a non-zero return code from <smbconfoption name="preexec"/>
should close the service being connected to.
</para>
</description>
<value type="default">no</value>

View File

@ -4,28 +4,34 @@
type="list"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
<para>
This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry>to periodically announce itself
to arbitrary IP addresses with an arbitrary workgroup name.</para>
to arbitrary IP addresses with an arbitrary workgroup name.
</para>
<para>This is useful if you want your Samba server to appear
in a remote workgroup for which the normal browse propagation
rules don't work. The remote workgroup can be anywhere that you
can send IP packets to.</para>
<para>
This is useful if you want your Samba server to appear in a remote workgroup for
which the normal browse propagation rules don't work. The remote workgroup can be
anywhere that you can send IP packets to.
</para>
<para>For example:</para>
<para>
For example:
<programlisting>
<command moreinfo="none">remote announce = 192.168.2.255/SERVERS 192.168.4.255/STAFF</command>
</programlisting>
the above line would cause <command moreinfo="none">nmbd</command> to announce itself
to the two given IP addresses using the given workgroup names. If you leave out the
workgroup name then the one given in the <smbconfoption name="workgroup"/> parameter
is used instead.
</para>
<para><command moreinfo="none">remote announce = 192.168.2.255/SERVERS
192.168.4.255/STAFF</command></para>
<para>the above line would cause <command moreinfo="none">nmbd</command> to announce itself
to the two given IP addresses using the given workgroup names.
If you leave out the workgroup name then the one given in
the <smbconfoption name="workgroup"/> parameter is used instead.</para>
<para>The IP addresses you choose would normally be the broadcast
addresses of the remote networks, but can also be the IP addresses
of known browse masters if your network config is that stable.</para>
<para>
The IP addresses you choose would normally be the broadcast addresses of the remote
networks, but can also be the IP addresses of known browse masters if your network
config is that stable.
</para>
<para>See <smbconfoption name="NetworkBrowsing"/>.</para>
</description>

View File

@ -4,32 +4,40 @@
type="list"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
<para>
This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
<manvolnum>8</manvolnum></citerefentry> to periodically request
synchronization of browse lists with the master browser of a Samba
server that is on a remote segment. This option will allow you to
gain browse lists for multiple workgroups across routed networks. This
is done in a manner that does not work with any non-Samba servers.</para>
is done in a manner that does not work with any non-Samba servers.
</para>
<para>This is useful if you want your Samba server and all local
<para>
This is useful if you want your Samba server and all local
clients to appear in a remote workgroup for which the normal browse
propagation rules don't work. The remote workgroup can be anywhere
that you can send IP packets to.</para>
that you can send IP packets to.
</para>
<para>For example:</para>
<para><command moreinfo="none">remote browse sync = 192.168.2.255 192.168.4.255</command></para>
<para>the above line would cause <command moreinfo="none">nmbd</command> to request
<para>
For example:
<programlisting>
<command moreinfo="none">remote browse sync = 192.168.2.255 192.168.4.255</command>
</programlisting>
the above line would cause <command moreinfo="none">nmbd</command> to request
the master browser on the specified subnets or addresses to
synchronize their browse lists with the local server.</para>
synchronize their browse lists with the local server.
</para>
<para>The IP addresses you choose would normally be the broadcast
<para>
The IP addresses you choose would normally be the broadcast
addresses of the remote networks, but can also be the IP addresses
of known browse masters if your network config is that stable. If
a machine IP address is given Samba makes NO attempt to validate
that the remote machine is available, is listening, nor that it
is in fact the browse master on its segment.</para>
is in fact the browse master on its segment.
</para>
</description>
<value type="default"></value>

View File

@ -4,10 +4,11 @@
advanced="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This is the same as the <parameter moreinfo="none">postexec</parameter>
parameter except that the command is run as root. This
is useful for unmounting filesystems
(such as CDROMs) after a connection is closed.</para>
<para>
This is the same as the <parameter moreinfo="none">postexec</parameter>
parameter except that the command is run as root. This is useful for
unmounting filesystems (such as CDROMs) after a connection is closed.
</para>
</description>
<related>postexec</related>

View File

@ -4,10 +4,11 @@
advanced="1" wizard="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This is the same as the <parameter moreinfo="none">preexec</parameter>
parameter except that the command is run as root. This
is useful for mounting filesystems (such as CDROMs) when a
connection is opened.</para>
<para>
This is the same as the <parameter moreinfo="none">preexec</parameter>
parameter except that the command is run as root. This is useful for
mounting filesystems (such as CDROMs) when a connection is opened.
</para>
</description>
<related>preexec</related>

View File

@ -3,13 +3,16 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>If <command moreinfo="none">set directory = no</command>, then
users of the service may not use the setdir command to change
directory.</para>
<para>
If <command moreinfo="none">set directory = no</command>, then users of the
service may not use the setdir command to change directory.
</para>
<para>The <command moreinfo="none">setdir</command> command is only implemented
<para>
The <command moreinfo="none">setdir</command> command is only implemented
in the Digital Pathworks client. See the Pathworks documentation
for details.</para>
for details.
</para>
</description>
<value type="default">no</value>

View File

@ -3,19 +3,20 @@
type="boolean"
developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This boolean parameter is only available if
Samba has been configured and compiled with the option <command moreinfo="none">
--with-utmp</command>. If set to <constant>yes</constant> then Samba will attempt
to add utmp or utmpx records (depending on the UNIX system) whenever a
connection is made to a Samba server. Sites may use this to record the
user connecting to a Samba share.</para>
<description>
<para>
This boolean parameter is only available if Samba has been configured and compiled
with the option <command moreinfo="none">--with-utmp</command>. If set to
<constant>yes</constant> then Samba will attempt to add utmp or utmpx records
(depending on the UNIX system) whenever a connection is made to a Samba server.
Sites may use this to record the user connecting to a Samba share.
</para>
<para>Due to the requirements of the utmp record, we
are required to create a unique identifier for the
incoming user. Enabling this option creates an n^2
algorithm to find this number. This may impede
performance on large installations. </para>
<para>
Due to the requirements of the utmp record, we are required to create a unique
identifier for the incoming user. Enabling this option creates an n^2 algorithm
to find this number. This may impede performance on large installations.
</para>
</description>
<related>utmp directory</related>

View File

@ -4,19 +4,17 @@
advanced="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter is only available if Samba has
been configured and compiled with the option <command moreinfo="none">
--with-utmp</command>. It specifies a directory pathname that is
used to store the wtmp or wtmpx files (depending on the UNIX system) that
record user connections to a Samba server. The difference with
the utmp directory is the fact that user info is kept after a user
has logged out.</para>
<para>
This parameter is only available if Samba has been configured and compiled with the option <command moreinfo="none">
--with-utmp</command>. It specifies a directory pathname that is used to store the wtmp or wtmpx files (depending on
the UNIX system) that record user connections to a Samba server. The difference with the utmp directory is the fact
that user info is kept after a user has logged out.
</para>
<para>
By default this is
not set, meaning the system will use whatever utmp file the
native system is set to use (usually
<filename moreinfo="none">/var/run/wtmp</filename> on Linux).</para>
<para>
By default this is not set, meaning the system will use whatever utmp file the native system is set to use (usually
<filename moreinfo="none">/var/run/wtmp</filename> on Linux).
</para>
</description>
<related>utmp</related>

View File

@ -5,17 +5,20 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
This parameter is only applicable if <smbconfoption name="printing"/> is
This parameter is only applicable if <smbconfoption name="printing"/> is
set to <constant>cups</constant>. Its value is a free form string of options
passed directly to the cups library.
</para>
<para>You can pass any generic print option known to CUPS (as listed
<para>
You can pass any generic print option known to CUPS (as listed
in the CUPS "Software Users' Manual"). You can also pass any printer
specific option (as listed in "lpoptions -d printername -l")
valid for the target queue.</para>
valid for the target queue.
</para>
<para>You should set this parameter to <constant>raw</constant> if your CUPS server
<para>
You should set this parameter to <constant>raw</constant> if your CUPS server
<filename>error_log</filename> file contains messages such as
"Unsupported format 'application/octet-stream'" when printing from a Windows client
through Samba. It is no longer necessary to enable

View File

@ -4,12 +4,14 @@
print="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter is only applicable if <smbconfoption name="printing"/> is set to <constant>cups</constant>.
<para>
This parameter is only applicable if <smbconfoption name="printing"/> is set to <constant>cups</constant>.
</para>
<para>If set, this option overrides the ServerName option in the CUPS
<filename>client.conf</filename>. This is necessary if you have virtual
samba servers that connect to different CUPS daemons.</para>
<para>
If set, this option overrides the ServerName option in the CUPS <filename>client.conf</filename>. This is
necessary if you have virtual samba servers that connect to different CUPS daemons.
</para>
</description>
<value type="default">""</value>

View File

@ -24,7 +24,7 @@
been executed, <command moreinfo="none">smbd</command> will reparse the <filename moreinfo="none">
smb.conf</filename> to associated printer no longer exists.
If the sharename is still valid, then <command moreinfo="none">smbd
</command> will return an ACCESS_DENIED error to the client.</para>
</command> will return an ACCESS_DENIED error to the client.</para>
</description>
<related>addprinter command</related>

View File

@ -17,7 +17,7 @@
can define <parameter moreinfo="none">enumports command</parameter> to point to
a program which should generate a list of ports, one per line,
to standard output. This listing will then be used in response
to the level 1 and 2 EnumPorts() RPC.</para>
to the level 1 and 2 EnumPorts() RPC.</para>
</description>
<value type="default"></value>

View File

@ -7,7 +7,7 @@
<para>A boolean variable that controls whether all
printers in the printcap will be loaded for browsing by default.
See the <smbconfoption name="printers"/> section for
more details.</para>
more details.</para>
</description>
<value type="default">yes</value>

View File

@ -29,7 +29,11 @@
<related>printing</related>
<value type="default"><comment>Currently no default value is given to
this string, unless the value of the <parameter moreinfo="none">printing</parameter>
parameter is <constant>SYSV</constant>, in which case the default is : <command moreinfo="none">lp -i %p-%j -H hold</command> or if the value of the <parameter moreinfo="none">printing</parameter> parameter is <constant>SOFTQ</constant>, then the default is: <command moreinfo="none">qstat -s -j%j -h</command>. </comment></value>
this string, unless the value of the <smbconfoption name="printing"/>
parameter is <constant>SYSV</constant>, in which case the default is :
<command moreinfo="none">lp -i %p-%j -H hold</command> or if the value of the
<parameter moreinfo="none">printing</parameter> parameter is
<constant>SOFTQ</constant>, then the default is:
<command moreinfo="none">qstat -s -j%j -h</command>. </comment></value>
<value type="example">/usr/bin/lpalt %p-%j -p0</value>
</samba:parameter>

View File

@ -29,7 +29,7 @@
<para><command moreinfo="none">lp -i %p-%j -H resume</command></para>
<para>or if the value of the <parameter moreinfo="none">printing</parameter> parameter
is <constant>SOFTQ</constant>, then the default is:</para>
is <constant>SOFTQ</constant>, then the default is:</para>
<para><command moreinfo="none">qstat -s -j%j -r</command></para>
</description>

View File

@ -20,13 +20,13 @@
<para>
Examples of use are:
<screen>
<programlisting>
lprm command = /usr/bin/lprm -P%p %j
or
lprm command = /usr/bin/cancel %p-%j
</screen>
</programlisting>
</para>
</description>

View File

@ -4,11 +4,12 @@
print="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This parameter limits the maximum number of
jobs displayed in a port monitor for Samba printer queue at any given
moment. If this number is exceeded, the excess jobs will not be shown.
A value of zero means there is no limit on the number of print
jobs reported.</para>
<para>
This parameter limits the maximum number of jobs displayed in a port monitor for
Samba printer queue at any given moment. If this number is exceeded, the excess
jobs will not be shown. A value of zero means there is no limit on the number of
print jobs reported.
</para>
</description>
<related>max print jobs</related>

View File

@ -15,10 +15,10 @@
LaserJet 5L</command>.</para>
<para>
The need for the file is due to the printer driver namespace problem described in <link
linkend="classicalprinting">the chapter on Classical Printing in the book Samba3-HOWTO</link>. For more
details on OS/2 clients, please refer to <link linkend="Other-Clients"/>.
</para>
The need for the file is due to the printer driver namespace problem described in <link
linkend="classicalprinting">the chapter on Classical Printing in the book Samba3-HOWTO</link>. For more
details on OS/2 clients, please refer to <link linkend="Other-Clients"/>.
</para>
</description>
<value type="default"/>
</samba:parameter>

View File

@ -11,9 +11,10 @@
packs do security ACL checking on the owner and ability to write of the
profile directory stored on a local workstation when copied from a Samba
share.
</para>
</para>
<para>When not in domain mode with winbindd then the security info copied
<para>
When not in domain mode with winbindd then the security info copied
onto the local workstation has no meaning to the logged in user (SID) on
that workstation so the profile storing fails. Adding this parameter
onto a share used for profile storage changes two things about the
@ -22,16 +23,18 @@
BUILTIN\\Users respectively (SIDs S-1-5-32-544, S-1-5-32-545). Secondly
it adds an ACE entry of "Full Control" to the SID BUILTIN\\Users to
every returned ACL. This will allow any Windows 2000 or XP workstation
user to access the profile.</para>
user to access the profile.
</para>
<para>Note that if you have multiple users logging
<para>
Note that if you have multiple users logging
on to a workstation then in order to prevent them from being able to access
each others profiles you must remove the "Bypass traverse checking" advanced
user right. This will prevent access to other users profile directories as
the top level profile directory (named after the user) is created by the
workstation profile code and has an ACL restricting entry to the directory
tree to the owning user.
</para>
</para>
</description>
<value type="default">no</value>

View File

@ -5,7 +5,7 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
This option only takes effect when the <smbconfoption name="security"/> option is set to
This option only takes effect when the <smbconfoption name="security"/> option is set to
<constant>server</constant>,<constant>domain</constant> or <constant>ads</constant>.
If it is set to no, then attempts to connect to a resource from
a domain or workgroup other than the one which smbd is running

View File

@ -4,25 +4,30 @@
basic="1" advanced="1" wizard="1" developer="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>
This option allows the administrator to chose what authentication methods <command
moreinfo="none">smbd</command> will use when authenticating a user. This option defaults to sensible values
based on <smbconfoption name="security"/>. This should be considered a developer option and used only in rare
circumstances. In the majority (if not all) of production servers, the default setting should be adequate.
</para>
<para>Each entry in the list attempts to authenticate the user in turn, until
<para>
This option allows the administrator to chose what authentication methods <command moreinfo="none">smbd</command>
will use when authenticating a user. This option defaults to sensible values based on <smbconfoption name="security"/>.
This should be considered a developer option and used only in rare circumstances. In the majority (if not all)
of production servers, the default setting should be adequate.
</para>
<para>
Each entry in the list attempts to authenticate the user in turn, until
the user authenticates. In practice only one method will ever actually
be able to complete the authentication.
</para>
<para>Possible options include <constant>guest</constant> (anonymous access),
<para>
Possible options include <constant>guest</constant> (anonymous access),
<constant>sam</constant> (lookups in local list of accounts based on netbios
name or domain name), <constant>winbind</constant> (relay authentication requests
for remote users through winbindd), <constant>ntdomain</constant> (pre-winbindd
method of authentication for remote domain users; deprecated in favour of winbind method),
<constant>trustdomain</constant> (authenticate trusted users by contacting the
remote DC directly from smbd; deprecated in favour of winbind method).</para>
remote DC directly from smbd; deprecated in favour of winbind method).
</para>
</description>
<value type="default"/>
<value type="example">guest sam winbind</value>

View File

@ -5,14 +5,13 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This controls whether the client offers or even
demands the use of the netlogon schannel.
<parameter>client schannel = no</parameter> does not
offer the schannel, <parameter>client schannel =
auto</parameter> offers the schannel but does not
enforce it, and <parameter>client schannel =
yes</parameter> denies access if the server is not
able to speak netlogon schannel. </para>
<para>
This controls whether the client offers or even demands the use of the netlogon schannel.
<smbconfoption name="client schannel">no</smbconfoption> does not offer the schannel,
<smbconfoption name="client schannel">auto</smbconfoption> offers the schannel but does not
enforce it, and <smbconfoption name="client schannel">yes</smbconfoption> denies access
if the server is not able to speak netlogon schannel.
</para>
</description>
<value type="default">auto</value>
<value type="example">yes</value>

View File

@ -4,23 +4,23 @@
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>If this parameter is set, a Windows NT ACL that contains an unknown
SID (security descriptor, or representation of a user or group
id) as the owner or group owner of the file will be silently
mapped into the current UNIX uid or gid of the currently
connected user.</para>
<para>
If this parameter is set, a Windows NT ACL that contains an unknown SID (security descriptor, or
representation of a user or group id) as the owner or group owner of the file will be silently
mapped into the current UNIX uid or gid of the currently connected user.
</para>
<para>This is designed to allow Windows NT clients to copy files and
folders containing ACLs that were created locally on the client
machine and contain users local to that machine only (no domain
users) to be copied to a Samba server (usually with XCOPY /O)
and have the unknown userid and groupid of the file owner map to
the current connected user. This can only be fixed correctly
when winbindd allows arbitrary mapping from any Windows NT SID
to a UNIX uid or gid.</para>
<para>
This is designed to allow Windows NT clients to copy files and folders containing ACLs that were
created locally on the client machine and contain users local to that machine only (no domain
users) to be copied to a Samba server (usually with XCOPY /O) and have the unknown userid and
groupid of the file owner map to the current connected user. This can only be fixed correctly
when winbindd allows arbitrary mapping from any Windows NT SID to a UNIX uid or gid.
</para>
<para>Try using this parameter when XCOPY /O gives an ACCESS_DENIED
error.</para>
<para>
Try using this parameter when XCOPY /O gives an ACCESS_DENIED error.
</para>
</description>
<value type="default">no</value>

View File

@ -65,7 +65,7 @@
</para>
Examples of use are:
<screen>
<programlisting>
passdb backend = tdbsam:/etc/samba/private/passdb.tdb \
smbpasswd:/etc/samba/smbpasswd
@ -81,7 +81,7 @@ passdb backend = ldapsam:"ldap://ldap-1.example.com \
or
passdb backend = mysql:my_plugin_args tdbsam
</screen>
</programlisting>
</description>
<value type="default">smbpasswd</value>

View File

@ -7,10 +7,10 @@
<para>The setting of this parameter determines whether user and
group list information is returned for an anonymous connection.
and mirrors the effects of the
<screen>
<programlisting>
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Control\LSA\RestrictAnonymous
</screen>
</programlisting>
registry key in Windows 2000 and Windows NT. When set to 0, user
and group list information is returned to anyone who asks. When set
to 1, only an authenticated user can retrive user and

View File

@ -7,12 +7,12 @@
<para>This option sets the path to the encrypted smbpasswd file. By
default the path to the smbpasswd file is compiled into Samba.</para>
<para>
An example of use is:
<screen>
<para>
An example of use is:
<programlisting>
smb passwd file = /etc/samba/smbpasswd
</screen>
</para>
</programlisting>
</para>
</description>
<value type="default">${prefix}/private/smbpasswd</value>

View File

@ -76,15 +76,17 @@
guest = *
</programlisting></para>
<para>Note that the remapping is applied to all occurrences
<para>
Note that the remapping is applied to all occurrences
of usernames. Thus if you connect to \\server\fred and <constant>
fred</constant> is remapped to <constant>mary</constant> then you
will actually be connecting to \\server\mary and will need to
supply a password suitable for <constant>mary</constant> not
<constant>fred</constant>. The only exception to this is the
username passed to the <smbconfoption name="password server"/> (if you have one). The password
server will receive whatever username the client supplies without
modification.</para>
username passed to the <smbconfoption name="password server"/>
(if you have one). The password server will receive whatever
username the client supplies without modification.
</para>
<para>Also note that no reverse mapping is done. The main effect
this has is with printing. Users who have been mapped may have
@ -117,12 +119,12 @@ guest = *
after the user has been successfully authenticated.
</para>
<para>
An example of use is:
<screen>
<para>
An example of use is:
<programlisting>
username map = /usr/local/samba/lib/users.map
</screen>
</para>
</programlisting>
</para>
</description>
<value type="default"><comment>no username map</comment></value>

View File

@ -3,17 +3,22 @@
type="list"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This is a list of users that should be allowed
to login to this service. Names starting with '@', '+' and '&amp;'
are interpreted using the same rules as described in the
<parameter moreinfo="none">invalid users</parameter> parameter.</para>
<para>
This is a list of users that should be allowed to login to this service. Names starting with
'@', '+' and '&amp;' are interpreted using the same rules as described in the
<parameter moreinfo="none">invalid users</parameter> parameter.
</para>
<para>If this is empty (the default) then any user can login.
If a username is in both this list and the <parameter moreinfo="none">invalid
users</parameter> list then access is denied for that user.</para>
<para>
If this is empty (the default) then any user can login. If a username is in both this list
and the <parameter moreinfo="none">invalid users</parameter> list then access is denied
for that user.
</para>
<para>The current servicename is substituted for <parameter moreinfo="none">%S
</parameter>. This is useful in the [homes] section.</para>
<para>
The current servicename is substituted for <parameter moreinfo="none">%S</parameter>.
This is useful in the [homes] section.
</para>
</description>
<related>invalid users</related>

View File

@ -3,17 +3,22 @@
type="list"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This is a list of users that are given read-write
access to a service. If the connecting user is in this list then
they will be given write access, no matter what the <smbconfoption name="read only"/>
option is set to. The list can include group names using the
@group syntax.</para>
<para>
This is a list of users that are given read-write access to a service. If the
connecting user is in this list then they will be given write access, no matter
what the <smbconfoption name="read only"/> option is set to. The list can
include group names using the @group syntax.
</para>
<para>Note that if a user is in both the read list and the
write list then they will be given write access.</para>
<para>
Note that if a user is in both the read list and the write list then they will be
given write access.
</para>
<para>This parameter will not work with the <smbconfoption name="security">share</smbconfoption> in
Samba 3.0. This is by design.</para>
<para>
By design, this parameter will not work with the
<smbconfoption name="security">share</smbconfoption> in Samba 3.0.
</para>
</description>

View File

@ -3,8 +3,9 @@
type="boolean"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>If this parameter is <constant>yes</constant>, and the <constant>sendfile()</constant> system call is supported by the underlying operating system, then some SMB read calls (mainly ReadAndX
and ReadRaw) will use the more efficient sendfile system call for files that
<para>If this parameter is <constant>yes</constant>, and the <constant>sendfile()</constant>
system call is supported by the underlying operating system, then some SMB read calls
(mainly ReadAndX and ReadRaw) will use the more efficient sendfile system call for files that
are exclusively oplocked. This may make more efficient use of the system CPU's
and cause Samba to be faster. Samba automatically turns this off for clients
that use protocol levels lower than NT LM 0.12 and when it detects a client is