mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
Formatting and other fixes to man pages.
(This used to be commit 411025ed0d
)
This commit is contained in:
parent
cf596ff9a0
commit
6c2e58987b
@ -1788,7 +1788,7 @@ hosts: wins
|
||||
</screen>
|
||||
The next step is to make certain that Samba is running using <command>ps ax | grep mbd</command>.
|
||||
The <command>nmbd</command> daemon will provide the WINS name resolution service when the
|
||||
&smmb.conf; file <smbconfsection>[global]</smbconfsection> parameter <smbconfoption name="wins
|
||||
&smb.conf; file <smbconfsection>[global]</smbconfsection> parameter <smbconfoption name="wins
|
||||
support">Yes</smbconfoption> has been specified. Having validated that Samba is operational,
|
||||
excute the following:
|
||||
<screen>
|
||||
|
@ -1,84 +0,0 @@
|
||||
<?xml version="1.0" encoding="iso-8859-1"?>
|
||||
<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
|
||||
<refentry id="editreg.1">
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>editreg</refentrytitle>
|
||||
<manvolnum>1</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
|
||||
<refnamediv>
|
||||
<refname>editreg</refname>
|
||||
<refpurpose>A utility for printing and editing NT4 registry files
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
<command>editreg</command>
|
||||
<arg choice="opt">-v</arg>
|
||||
<arg choice="opt">-c file</arg>
|
||||
<arg choice="req">file</arg>
|
||||
</cmdsynopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>DESCRIPTION</title>
|
||||
|
||||
<para>This tool is part of the <citerefentry><refentrytitle>samba</refentrytitle>
|
||||
<manvolnum>7</manvolnum></citerefentry> suite.</para>
|
||||
|
||||
<para><command>editreg</command> is a utility that
|
||||
can visualize windows registry files (currently only NT4) and apply
|
||||
so-called commandfiles to them.
|
||||
</para>
|
||||
</refsect1>
|
||||
|
||||
|
||||
<refsect1>
|
||||
<title>OPTIONS</title>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term>registry_file</term>
|
||||
<listitem><para>Registry file to view or edit. </para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
||||
<varlistentry>
|
||||
<term>-v,--verbose</term>
|
||||
<listitem><para>Increases verbosity of messages.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>-c commandfile</term>
|
||||
<listitem><para>Read commands to execute on <filename>registry_file</filename> from <filename>commandfile</filename>. Currently not yet supported!
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
&stdarg.help;
|
||||
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>VERSION</title>
|
||||
|
||||
<para>This man page is correct for version 3.0 of the Samba
|
||||
suite.</para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>AUTHOR</title>
|
||||
|
||||
<para>The original Samba software and related utilities
|
||||
were created by Andrew Tridgell. Samba is now developed
|
||||
by the Samba Team as an Open Source project similar
|
||||
to the way the Linux kernel is developed.</para>
|
||||
|
||||
<para>The editreg man page was written by Jelmer Vernooij. </para>
|
||||
</refsect1>
|
||||
|
||||
</refentry>
|
@ -94,7 +94,7 @@
|
||||
without <constant>-r</constant> option set would yield output similar
|
||||
to the following</para>
|
||||
|
||||
<screen>
|
||||
<programlisting>
|
||||
IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION
|
||||
---------------------------------------------------------------------
|
||||
192.168.35.10 MINESET-TEST1 [DMVENGR]
|
||||
@ -107,7 +107,7 @@ IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION
|
||||
192.168.35.88 SCNT2 +[MVENGR] [Windows NT 4.0] [NT LAN Manager 4.0]
|
||||
192.168.35.93 FROGSTAR-PC [MVENGR] [Windows 5.0] [Windows 2000 LAN Manager]
|
||||
192.168.35.97 HERBNT1 *[HERB-NT] [Windows NT 4.0] [NT LAN Manager 4.0]
|
||||
</screen>
|
||||
</programlisting>
|
||||
|
||||
</refsect1>
|
||||
|
||||
|
@ -53,16 +53,16 @@
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>An example follows:</para>
|
||||
|
||||
<programlisting>
|
||||
<para>An example follows:
|
||||
<programlisting>
|
||||
#
|
||||
# Sample Samba lmhosts file.
|
||||
#
|
||||
192.9.200.1 TESTPC
|
||||
192.9.200.20 NTSERVER#20
|
||||
192.9.200.21 SAMBASERVER
|
||||
</programlisting>
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>Contains three IP to NetBIOS name mappings. The first
|
||||
and third will be returned for any queries for the names "TESTPC"
|
||||
|
@ -86,15 +86,15 @@
|
||||
|
||||
<para>Extract all network traffic from all samba log files:</para>
|
||||
|
||||
<para><screen>
|
||||
<para><programlisting>
|
||||
<prompt>$</prompt> log2pcap < /var/log/* > trace.pcap
|
||||
</screen></para>
|
||||
</programlisting></para>
|
||||
|
||||
<para>Convert to pcap using text2pcap:</para>
|
||||
|
||||
<para><screen>
|
||||
<para><programlisting>
|
||||
<prompt>$</prompt> log2pcap -h samba.log | text2pcap -T 139,139 - trace.pcap
|
||||
</screen></para>
|
||||
</programlisting></para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
|
@ -620,10 +620,10 @@ Parameters take the for "parameter=value". Common options include:</para>
|
||||
|
||||
<para>
|
||||
Add a new group mapping entry:
|
||||
<screen>
|
||||
<programlisting>
|
||||
net groupmap add {rid=int|sid=string} unixgroup=string \
|
||||
[type={domain|local}] [ntgroup=string] [comment=string]
|
||||
</screen>
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
</refsect3>
|
||||
@ -643,10 +643,10 @@ net groupmap add {rid=int|sid=string} unixgroup=string \
|
||||
<para>Update en existing group entry</para>
|
||||
|
||||
<para>
|
||||
<screen>
|
||||
<programlisting>
|
||||
net groupmap modify {ntgroup=string|sid=SID} [unixgroup=string] \
|
||||
[comment=string] [type={domain|local}]
|
||||
</screen>
|
||||
</programlisting>
|
||||
</para>
|
||||
</refsect3>
|
||||
|
||||
|
@ -70,10 +70,10 @@
|
||||
This option prints a list of user/uid pairs separated by
|
||||
the ':' character.</para>
|
||||
<para>Example: <command>pdbedit -L</command></para>
|
||||
<para><screen>
|
||||
<para><programlisting>
|
||||
sorce:500:Simo Sorce
|
||||
samba:45:Test User
|
||||
</screen></para>
|
||||
</programlisting></para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
@ -86,7 +86,7 @@ samba:45:Test User
|
||||
out the account fields in a descriptive format.</para>
|
||||
|
||||
<para>Example: <command>pdbedit -L -v</command></para>
|
||||
<para><screen>
|
||||
<para><programlisting>
|
||||
---------------
|
||||
username: sorce
|
||||
user ID/Group: 500/500
|
||||
@ -105,7 +105,7 @@ Home Directory: \\BERSERKER\samba
|
||||
HomeDir Drive:
|
||||
Logon Script:
|
||||
Profile Path: \\BERSERKER\profile
|
||||
</screen></para>
|
||||
</programlisting></para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
@ -121,14 +121,14 @@ Profile Path: \\BERSERKER\profile
|
||||
<manvolnum>5</manvolnum></citerefentry> for details)</para>
|
||||
|
||||
<para>Example: <command>pdbedit -L -w</command></para>
|
||||
<screen>
|
||||
<programlisting>
|
||||
sorce:500:508818B733CE64BEAAD3B435B51404EE:
|
||||
D2A2418EFC466A8A0F6B1DBB5C3DB80C:
|
||||
[UX ]:LCT-00000000:
|
||||
samba:45:0F2B255F7B67A7A9AAD3B435B51404EE:
|
||||
BC281CE3F53B6A5146629CD4751D3490:
|
||||
[UX ]:LCT-3BFA1E8D:
|
||||
</screen>
|
||||
</programlisting>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
@ -30,9 +30,9 @@
|
||||
<para>
|
||||
The file consists of sections and parameters. A section begins with the name of the section in square brackets
|
||||
and continues until the next section begins. Sections contain parameters of the form:
|
||||
<screen>
|
||||
<programlisting>
|
||||
<replaceable>name</replaceable> = <replaceable>value </replaceable>
|
||||
</screen>
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
@ -179,9 +179,9 @@
|
||||
<para>
|
||||
If you decide to use a <emphasis>path =</emphasis> line in your [homes] section, it may be useful
|
||||
to use the %S macro. For example:
|
||||
<screen>
|
||||
<programlisting>
|
||||
<userinput moreinfo="none">path = /data/pchome/%S</userinput>
|
||||
</screen>
|
||||
</programlisting>
|
||||
is useful if you have different home directories for your PCs than for UNIX access.
|
||||
</para>
|
||||
|
||||
@ -273,10 +273,10 @@
|
||||
All aliases given for a printer in the printcap file are legitimate printer names as far as the server is concerned.
|
||||
If your printing subsystem doesn't work like that, you will have to set up a pseudo-printcap. This is a file
|
||||
consisting of one or more lines like this:
|
||||
<screen>
|
||||
<programlisting>
|
||||
alias|alias|alias|alias...
|
||||
</screen>
|
||||
</para>
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Each alias should be an acceptable printer name for your printing subsystem. In the [global] section,
|
||||
|
@ -3,18 +3,20 @@
|
||||
type="integer"
|
||||
advanced="1" developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>If a Samba server is a member of a Windows
|
||||
NT Domain (see the <smbconfoption name="security">domain</smbconfoption>
|
||||
parameter) then periodically a running smbd
|
||||
process will try and change the MACHINE ACCOUNT
|
||||
PASSWORD stored in the TDB called <filename moreinfo="none">private/secrets.tdb
|
||||
</filename>. This parameter specifies how often this password
|
||||
will be changed, in seconds. The default is one week (expressed in
|
||||
seconds), the same as a Windows NT Domain member server.</para>
|
||||
<description>
|
||||
|
||||
<para>See also <citerefentry><refentrytitle>smbpasswd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry>, and the <smbconfoption name="security">domain</smbconfoption> parameter.</para>
|
||||
<para>
|
||||
If a Samba server is a member of a Windows NT Domain (see the <smbconfoption
|
||||
name="security">domain</smbconfoption> parameter) then periodically a running smbd process will try and change
|
||||
the MACHINE ACCOUNT PASSWORD stored in the TDB called <filename moreinfo="none">private/secrets.tdb
|
||||
</filename>. This parameter specifies how often this password will be changed, in seconds. The default is one
|
||||
week (expressed in seconds), the same as a Windows NT Domain member server.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
See also <citerefentry><refentrytitle>smbpasswd</refentrytitle> <manvolnum>8</manvolnum></citerefentry>,
|
||||
and the <smbconfoption name="security">domain</smbconfoption> parameter.
|
||||
</para>
|
||||
|
||||
</description>
|
||||
<value type="default">604800</value>
|
||||
|
@ -17,7 +17,7 @@
|
||||
directories you might normally veto DOS/Windows users from seeing
|
||||
(e.g. <filename moreinfo="none">.AppleDouble</filename>)</para>
|
||||
|
||||
<para>Setting <smbconfoption name="delete veto files">yes</smbconfoption> allows these
|
||||
<para>Setting <smbconfoption name="delete veto files">yes</smbconfoption> allows these
|
||||
directories to be transparently deleted when the parent directory
|
||||
is deleted (so long as the user has permissions to do so).</para>
|
||||
</description>
|
||||
|
@ -31,9 +31,9 @@
|
||||
|
||||
<para>
|
||||
An example of us of this parameter is:
|
||||
<screen>
|
||||
<programlisting>
|
||||
hide files = /.*/DesktopFolderDB/TrashFor%m/resource.frk/
|
||||
</screen>
|
||||
</programlisting>
|
||||
</para>
|
||||
</description>
|
||||
|
||||
|
@ -3,10 +3,12 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This parameter prevents clients from seeing
|
||||
special files such as sockets, devices and fifo's in directory
|
||||
listings.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
This parameter prevents clients from seeing special files such as sockets, devices and
|
||||
fifo's in directory listings.
|
||||
</para>
|
||||
|
||||
</description>
|
||||
<value type="default">no</value>
|
||||
</samba:parameter>
|
||||
|
@ -3,10 +3,10 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This parameter prevents clients from seeing
|
||||
the existance of files that cannot be written to. Defaults to off.
|
||||
Note that unwriteable directories are shown as usual.
|
||||
</para>
|
||||
<para>
|
||||
This parameter prevents clients from seeing the existance of files that cannot be written to.
|
||||
Defaults to off. Note that unwriteable directories are shown as usual.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">no</value>
|
||||
</samba:parameter>
|
||||
|
@ -3,22 +3,29 @@
|
||||
context="S"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This is for those who want to directly map UNIX
|
||||
file names which cannot be represented on Windows/DOS. The mangling
|
||||
of names is not always what is needed. In particular you may have
|
||||
<para>
|
||||
This is for those who want to directly map UNIX file names which cannot be represented on
|
||||
Windows/DOS. The mangling of names is not always what is needed. In particular you may have
|
||||
documents with file extensions that differ between DOS and UNIX.
|
||||
For example, under UNIX it is common to use <filename moreinfo="none">.html</filename>
|
||||
for HTML files, whereas under Windows/DOS <filename moreinfo="none">.htm</filename>
|
||||
is more commonly used.</para>
|
||||
is more commonly used.
|
||||
</para>
|
||||
|
||||
<para>So to map <filename moreinfo="none">html</filename> to <filename moreinfo="none">htm</filename>
|
||||
you would use:</para>
|
||||
<para>
|
||||
So to map <filename moreinfo="none">html</filename> to <filename moreinfo="none">htm</filename>
|
||||
you would use:
|
||||
</para>
|
||||
|
||||
<para><smbconfoption name="mangled map">(*.html *.htm)</smbconfoption>.</para>
|
||||
<para>
|
||||
<smbconfoption name="mangled map">(*.html *.htm)</smbconfoption>.
|
||||
</para>
|
||||
|
||||
<para>One very useful case is to remove the annoying <filename moreinfo="none">;1
|
||||
</filename> off the ends of filenames on some CDROMs (only visible
|
||||
under some UNIXes). To do this use a map of (*;1 *;).</para>
|
||||
<para>
|
||||
One very useful case is to remove the annoying <filename moreinfo="none">;1</filename> off
|
||||
the ends of filenames on some CDROMs (only visible under some UNIXes). To do this use a map of
|
||||
(*;1 *;).
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default"><comment>no mangled map</comment></value>
|
||||
|
@ -7,7 +7,7 @@
|
||||
should be mapped to DOS-compatible names ("mangled") and made visible,
|
||||
or whether non-DOS names should simply be ignored.</para>
|
||||
|
||||
<para>See the section on <smbconfoption name="name mangling"/> for
|
||||
<para>See the section on <smbconfoption name="name mangling"/> for
|
||||
details on how to control the mangling process.</para>
|
||||
|
||||
<para>If mangling is used then the mangling algorithm is as follows:</para>
|
||||
|
@ -3,16 +3,20 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This controls whether the DOS archive attribute
|
||||
<para>
|
||||
This controls whether the DOS archive attribute
|
||||
should be mapped to the UNIX owner execute bit. The DOS archive bit
|
||||
is set when a file has been modified since its last backup. One
|
||||
motivation for this option it to keep Samba/your PC from making
|
||||
any file it touches from becoming executable under UNIX. This can
|
||||
be quite annoying for shared source code, documents, etc...</para>
|
||||
be quite annoying for shared source code, documents, etc...
|
||||
</para>
|
||||
|
||||
<para>Note that this requires the <smbconfoption name="create mask"/>
|
||||
parameter to be set such that owner execute bit is not masked out
|
||||
(i.e. it must include 100). See the parameter <smbconfoption name="create mask"/> for details.</para>
|
||||
<para>
|
||||
Note that this requires the <smbconfoption name="create mask"/> parameter to be set such that owner
|
||||
execute bit is not masked out (i.e. it must include 100). See the parameter
|
||||
<smbconfoption name="create mask"/> for details.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default">yes</value>
|
||||
|
@ -3,12 +3,15 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This controls whether DOS style hidden files
|
||||
should be mapped to the UNIX world execute bit.</para>
|
||||
<para>
|
||||
This controls whether DOS style hidden files should be mapped to the UNIX world execute bit.
|
||||
</para>
|
||||
|
||||
<para>Note that this requires the <smbconfoption name="create mask"/>
|
||||
to be set such that the world execute bit is not masked out (i.e.
|
||||
it must include 001). See the parameter <smbconfoption name="create mask"/> for details.</para>
|
||||
<para>
|
||||
Note that this requires the <smbconfoption name="create mask"/> to be set such that the world execute
|
||||
bit is not masked out (i.e. it must include 001). See the parameter <smbconfoption name="create mask"/>
|
||||
for details.
|
||||
</para>
|
||||
|
||||
</description>
|
||||
<value type="boolean">no</value>
|
||||
|
@ -3,13 +3,15 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This controls whether DOS style system files
|
||||
should be mapped to the UNIX group execute bit.</para>
|
||||
<para>
|
||||
This controls whether DOS style system files should be mapped to the UNIX group execute bit.
|
||||
</para>
|
||||
|
||||
<para>Note that this requires the <smbconfoption name="create mask"/>
|
||||
to be set such that the group execute bit is not masked out (i.e.
|
||||
it must include 010). See the parameter <smbconfoption name="create mask"/>
|
||||
for details.</para>
|
||||
</description>
|
||||
<value type="default">no</value>
|
||||
<para>
|
||||
Note that this requires the <smbconfoption name="create mask"/> to be set such that the group
|
||||
execute bit is not masked out (i.e. it must include 010). See the parameter
|
||||
<smbconfoption name="create mask"/> for details.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">no</value>
|
||||
</samba:parameter>
|
||||
|
@ -3,10 +3,14 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para> This controls if new filenames are created
|
||||
with the case that the client passes, or if they are forced to
|
||||
be the <smbconfoption name="default case"/>.</para>
|
||||
<para>See the section on <link linkend="NAMEMANGLINGSECT">NAME MANGLING</link> for a fuller discussion.</para>
|
||||
<para>
|
||||
This controls if new filenames are created with the case that the client passes, or if
|
||||
they are forced to be the <smbconfoption name="default case"/>.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
See the section on <link linkend="NAMEMANGLINGSECT">NAME MANGLING</link> for a fuller discussion.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default">yes</value>
|
||||
|
@ -3,16 +3,16 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>If this parameter is set Samba no longer attempts to
|
||||
map DOS attributes like SYSTEM, HIDDEN, ARCHIVE or READ-ONLY
|
||||
to UNIX permission bits (such as the <smbconfoption name="map hidden"/>. Instead, DOS attributes will be stored onto an extended
|
||||
attribute in the UNIX filesystem, associated with the file or directory.
|
||||
For this to operate correctly, the parameters <smbconfoption name="map hidden"/>, <smbconfoption name="map system"/>, <smbconfoption name="map archive"/> must be set to off.
|
||||
This parameter writes the DOS attributes as a string into the
|
||||
extended attribute named "user.DOSATTRIB". This extended attribute
|
||||
is explicitly hidden from smbd clients requesting an EA list.
|
||||
On Linux the filesystem must have been mounted with the mount
|
||||
option user_xattr in order for extended attributes to work, also
|
||||
<para>
|
||||
If this parameter is set Samba no longer attempts to map DOS attributes like SYSTEM, HIDDEN,
|
||||
ARCHIVE or READ-ONLY to UNIX permission bits (such as the <smbconfoption name="map hidden"/>.
|
||||
Instead, DOS attributes will be stored onto an extended attribute in the UNIX filesystem,
|
||||
associated with the file or directory. For this to operate correctly, the parameters
|
||||
<smbconfoption name="map hidden"/>, <smbconfoption name="map system"/>,
|
||||
<smbconfoption name="map archive"/> must be set to off. This parameter writes the DOS
|
||||
attributes as a string into the extended attribute named "user.DOSATTRIB". This extended attribute
|
||||
is explicitly hidden from smbd clients requesting an EA list.i On Linux the filesystem must have
|
||||
been mounted with the mount option user_xattr in order for extended attributes to work, also
|
||||
extended attributes must be compiled into the Linux kernel.
|
||||
</para>
|
||||
</description>
|
||||
|
@ -3,34 +3,36 @@
|
||||
type="string"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This is a list of files and directories that
|
||||
are neither visible nor accessible. Each entry in the list must
|
||||
be separated by a '/', which allows spaces to be included
|
||||
in the entry. '*' and '?' can be used to specify multiple files
|
||||
or directories as in DOS wildcards.</para>
|
||||
<para>
|
||||
This is a list of files and directories that are neither visible nor accessible. Each entry in
|
||||
the list must be separated by a '/', which allows spaces to be included in the entry. '*' and '?'
|
||||
can be used to specify multiple files or directories as in DOS wildcards.
|
||||
</para>
|
||||
|
||||
<para>Each entry must be a unix path, not a DOS path and
|
||||
must <emphasis>not</emphasis> include the unix directory
|
||||
separator '/'.</para>
|
||||
<para>
|
||||
Each entry must be a unix path, not a DOS path and must <emphasis>not</emphasis> include the
|
||||
unix directory separator '/'.
|
||||
</para>
|
||||
|
||||
<para>Note that the <smbconfoption name="case sensitive"/> option
|
||||
is applicable in vetoing files.</para>
|
||||
<para>
|
||||
Note that the <smbconfoption name="case sensitive"/> option is applicable in vetoing files.
|
||||
</para>
|
||||
|
||||
<para>One feature of the veto files parameter that it
|
||||
is important to be aware of is Samba's behaviour when
|
||||
trying to delete a directory. If a directory that is
|
||||
to be deleted contains nothing but veto files this
|
||||
deletion will <emphasis>fail</emphasis> unless you also set
|
||||
the <smbconfoption name="delete veto files"/> parameter to
|
||||
<parameter moreinfo="none">yes</parameter>.</para>
|
||||
<para>
|
||||
One feature of the veto files parameter that it is important to be aware of is Samba's behaviour when
|
||||
trying to delete a directory. If a directory that is to be deleted contains nothing but veto files this
|
||||
deletion will <emphasis>fail</emphasis> unless you also set the <smbconfoption name="delete veto files"/>
|
||||
parameter to <parameter moreinfo="none">yes</parameter>.
|
||||
</para>
|
||||
|
||||
<para>Setting this parameter will affect the performance
|
||||
of Samba, as it will be forced to check all files and directories
|
||||
for a match as they are scanned.</para>
|
||||
<para>
|
||||
Setting this parameter will affect the performance of Samba, as it will be forced to check all files
|
||||
and directories for a match as they are scanned.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Examples of use include:
|
||||
<screen>
|
||||
<programlisting>
|
||||
; Veto any files containing the word Security,
|
||||
; any ending in .tmp, and any directory containing the
|
||||
; word root.
|
||||
@ -39,7 +41,7 @@ veto files = /*Security*/*.tmp/*root*/
|
||||
; Veto the Apple specific files that a NetAtalk server
|
||||
; creates.
|
||||
veto files = /.AppleDouble/.bin/.AppleDesktop/Network Trash Folder/
|
||||
</screen>
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
</description>
|
||||
|
@ -3,28 +3,29 @@
|
||||
type="string"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This parameter is only valid when the
|
||||
<smbconfoption name="oplocks"/>
|
||||
<para>
|
||||
This parameter is only valid when the <smbconfoption name="oplocks"/>
|
||||
parameter is turned on for a share. It allows the Samba administrator
|
||||
to selectively turn off the granting of oplocks on selected files that
|
||||
match a wildcarded list, similar to the wildcarded list used in the
|
||||
<smbconfoption name="veto files"/>
|
||||
parameter.</para>
|
||||
<smbconfoption name="veto files"/> parameter.
|
||||
</para>
|
||||
|
||||
|
||||
<para>You might want to do this on files that you know will
|
||||
be heavily contended for by clients. A good example of this
|
||||
is in the NetBench SMB benchmark program, which causes heavy
|
||||
client contention for files ending in <filename moreinfo="none">.SEM</filename>.
|
||||
To cause Samba not to grant oplocks on these files you would use
|
||||
the line (either in the [global] section or in the section for
|
||||
the particular NetBench share :</para>
|
||||
<para>
|
||||
You might want to do this on files that you know will be heavily contended
|
||||
for by clients. A good example of this is in the NetBench SMB benchmark
|
||||
program, which causes heavy client contention for files ending in
|
||||
<filename moreinfo="none">.SEM</filename>. To cause Samba not to grant
|
||||
oplocks on these files you would use the line (either in the [global]
|
||||
section or in the section for the particular NetBench share.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
An example of use is:
|
||||
<screen>
|
||||
<programlisting>
|
||||
veto oplock files = /.*SEM/
|
||||
</screen>
|
||||
</programlisting>
|
||||
</para>
|
||||
</description>
|
||||
<value type="default"><comment>No files are vetoed for oplock grants</comment></value>
|
||||
|
@ -7,7 +7,7 @@
|
||||
<para> This parameter specifies whether a delete
|
||||
operation in the ldapsam deletes the complete entry or only the attributes
|
||||
specific to Samba.
|
||||
</para>
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default">no</value>
|
||||
|
@ -4,11 +4,11 @@
|
||||
type="string"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This parameters specifies the suffix that is
|
||||
used when storing idmap mappings. If this parameter
|
||||
is unset, the value of <smbconfoption name="ldap suffix"/>
|
||||
will be used instead. The suffix string is pre-pended to the
|
||||
<smbconfoption name="ldap suffix"/> string so use a partial DN.</para>
|
||||
<para>
|
||||
This parameters specifies the suffix that is used when storing idmap mappings. If this parameter
|
||||
is unset, the value of <smbconfoption name="ldap suffix"/> will be used instead. The suffix
|
||||
string is pre-pended to the <smbconfoption name="ldap suffix"/> string so use a partial DN.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default"></value>
|
||||
<value type="example">ou=Idmap</value>
|
||||
|
@ -3,13 +3,15 @@
|
||||
context="G"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This parameter is only available if Samba has been
|
||||
configure to include the <command moreinfo="none">--with-ldapsam</command> option
|
||||
at compile time.</para>
|
||||
<para>
|
||||
This parameter is only available if Samba has been configure to include the
|
||||
<command moreinfo="none">--with-ldapsam</command> option at compile time.
|
||||
</para>
|
||||
|
||||
<para>This option is used to control the tcp port number used to contact
|
||||
the <smbconfoption name="ldap server"/>.
|
||||
The default is to use the stand LDAPS port 636.</para>
|
||||
<para>
|
||||
This option is used to control the tcp port number used to contact the
|
||||
<smbconfoption name="ldap server"/>. The default is to use the stand LDAPS port 636.
|
||||
</para>
|
||||
</description>
|
||||
<related>ldap ssl</related>
|
||||
<value type="default">636<comment>if ldap ssl = on</comment></value>
|
||||
|
@ -4,20 +4,22 @@
|
||||
type="integer"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>When Samba is asked to write to a read-only LDAP
|
||||
replica, we are redirected to talk to the read-write master server.
|
||||
This server then replicates our changes back to the 'local' server,
|
||||
however the replication might take some seconds, especially over slow
|
||||
links. Certain client activities, particularly domain joins, can become
|
||||
confused by the 'success' that does not immediately change the LDAP
|
||||
back-end's data. </para>
|
||||
<para>This option simply causes Samba to wait a short time, to
|
||||
allow the LDAP server to catch up. If you have a particularly
|
||||
high-latency network, you may wish to time the LDAP replication with a
|
||||
network sniffer, and increase this value accordingly. Be aware that no
|
||||
checking is performed that the data has actually replicated.</para>
|
||||
<para>The value is specified in milliseconds, the maximum
|
||||
value is 5000 (5 seconds).</para>
|
||||
<para>
|
||||
When Samba is asked to write to a read-only LDAP replica, we are redirected to talk to the read-write master server.
|
||||
This server then replicates our changes back to the 'local' server, however the replication might take some seconds,
|
||||
especially over slow links. Certain client activities, particularly domain joins, can become confused by the 'success'
|
||||
that does not immediately change the LDAP back-end's data.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
This option simply causes Samba to wait a short time, to allow the LDAP server to catch up. If you have a particularly
|
||||
high-latency network, you may wish to time the LDAP replication with a network sniffer, and increase this value accordingly.
|
||||
Be aware that no checking is performed that the data has actually replicated.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The value is specified in milliseconds, the maximum value is 5000 (5 seconds).
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">1000</value>
|
||||
</samba:parameter>
|
||||
|
@ -4,12 +4,11 @@
|
||||
type="integer"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>When Samba connects to an ldap server that server
|
||||
may be down or unreachable. To prevent Samba from hanging whilst
|
||||
waiting for the connection this parameter specifies in seconds how
|
||||
long Samba should wait before failing the connect. The default is
|
||||
to only wait fifteen seconds for the ldap server to respond to the
|
||||
connect request.</para>
|
||||
<para>
|
||||
When Samba connects to an ldap server that servermay be down or unreachable. To prevent Samba from hanging whilst
|
||||
waiting for the connection this parameter specifies in seconds how long Samba should wait before failing the
|
||||
connect. The default is to only wait fifteen seconds for the ldap server to respond to the connect request.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">15</value>
|
||||
</samba:parameter>
|
||||
|
@ -4,10 +4,11 @@
|
||||
advanced="1" developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This parameter specifies where users are added to the tree.
|
||||
If this parameter is unset, the value of <smbconfoption
|
||||
name="ldap suffix"/> will be used instead. The suffix string is pre-pended to the
|
||||
<smbconfoption name="ldap suffix"/> string so use a partial DN.</para>
|
||||
<para>
|
||||
This parameter specifies where users are added to the tree. If this parameter is unset,
|
||||
the value of <smbconfoption name="ldap suffix"/> will be used instead. The suffix
|
||||
string is pre-pended to the <smbconfoption name="ldap suffix"/> string so use a partial DN.
|
||||
</para>
|
||||
|
||||
</description>
|
||||
<value type="default"/>
|
||||
|
@ -3,15 +3,19 @@
|
||||
type="enum"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This stands for <emphasis>client-side caching
|
||||
policy</emphasis>, and specifies how clients capable of offline
|
||||
caching will cache the files in the share. The valid values
|
||||
are: manual, documents, programs, disable.</para>
|
||||
<para>
|
||||
This stands for <emphasis>client-side caching policy</emphasis>, and specifies how clients capable of offline
|
||||
caching will cache the files in the share. The valid values are: manual, documents, programs, disable.
|
||||
</para>
|
||||
|
||||
<para>These values correspond to those used on Windows servers.</para>
|
||||
<para>
|
||||
These values correspond to those used on Windows servers.
|
||||
</para>
|
||||
|
||||
<para>For example, shares containing roaming profiles can have
|
||||
offline caching disabled using <smbconfoption name="csc policy">disable</smbconfoption>.</para>
|
||||
<para>
|
||||
For example, shares containing roaming profiles can have offline caching disabled using
|
||||
<smbconfoption name="csc policy">disable</smbconfoption>.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">manual</value>
|
||||
<value type="example">programs</value>
|
||||
|
@ -11,7 +11,7 @@
|
||||
in case the lock could later be acquired. This behavior
|
||||
is used to support PC database formats such as MS Access
|
||||
and FoxPro.
|
||||
</para>
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">3</value>
|
||||
</samba:parameter>
|
||||
|
@ -3,16 +3,16 @@
|
||||
type="integer"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This is a tuning parameter added due to bugs in
|
||||
both Windows 9x and WinNT. If Samba responds to a client too
|
||||
quickly when that client issues an SMB that can cause an oplock
|
||||
break request, then the network client can fail and not respond
|
||||
to the break request. This tuning parameter (which is set in milliseconds)
|
||||
is the amount of time Samba will wait before sending an oplock break
|
||||
request to such (broken) clients.</para>
|
||||
<para>
|
||||
This is a tuning parameter added due to bugs in both Windows 9x and WinNT. If Samba responds to a client too
|
||||
quickly when that client issues an SMB that can cause an oplock break request, then the network client can
|
||||
fail and not respond to the break request. This tuning parameter (which is set in milliseconds) is the amount
|
||||
of time Samba will wait before sending an oplock break request to such (broken) clients.
|
||||
</para>
|
||||
|
||||
<warning><para>DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND
|
||||
UNDERSTOOD THE SAMBA OPLOCK CODE.</para></warning>
|
||||
</description>
|
||||
<value type="default">0</value>
|
||||
<warning><para>
|
||||
DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND UNDERSTOOD THE SAMBA OPLOCK CODE.
|
||||
</para></warning>
|
||||
</description>
|
||||
<value type="default">0</value>
|
||||
</samba:parameter>
|
||||
|
@ -3,20 +3,23 @@
|
||||
type="integer"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This is a <emphasis>very</emphasis> advanced
|
||||
<citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> tuning option to
|
||||
improve the efficiency of the granting of oplocks under multiple
|
||||
client contention for the same file.</para>
|
||||
<para>
|
||||
This is a <emphasis>very</emphasis> advanced <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> tuning option to improve the efficiency of the
|
||||
granting of oplocks under multiple client contention for the same file.
|
||||
</para>
|
||||
|
||||
<para>In brief it specifies a number, which causes <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry>not to grant an oplock even when requested
|
||||
if the approximate number of clients contending for an oplock on the same file goes over this
|
||||
<para>
|
||||
In brief it specifies a number, which causes <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry>not to grant an oplock even when requested if the
|
||||
approximate number of clients contending for an oplock on the same file goes over this
|
||||
limit. This causes <command moreinfo="none">smbd</command> to behave in a similar
|
||||
way to Windows NT.</para>
|
||||
way to Windows NT.
|
||||
</para>
|
||||
|
||||
<warning><para>DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ
|
||||
AND UNDERSTOOD THE SAMBA OPLOCK CODE.</para></warning>
|
||||
<warning><para>
|
||||
DO NOT CHANGE THIS PARAMETER UNLESS YOU HAVE READ AND UNDERSTOOD THE SAMBA OPLOCK CODE.
|
||||
</para></warning>
|
||||
|
||||
</description>
|
||||
<value type="default">2</value>
|
||||
|
@ -3,22 +3,26 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This boolean option tells <command moreinfo="none">smbd</command> whether to
|
||||
<para>
|
||||
This boolean option tells <command moreinfo="none">smbd</command> whether to
|
||||
issue oplocks (opportunistic locks) to file open requests on this
|
||||
share. The oplock code can dramatically (approx. 30% or more) improve
|
||||
the speed of access to files on Samba servers. It allows the clients
|
||||
to aggressively cache files locally and you may want to disable this
|
||||
option for unreliable network environments (it is turned on by
|
||||
default in Windows NT Servers). For more information see the file
|
||||
<filename moreinfo="none">Speed.txt</filename> in the Samba <filename moreinfo="none">docs/</filename>
|
||||
directory.</para>
|
||||
<filename moreinfo="none">Speed.txt</filename> in the Samba
|
||||
<filename moreinfo="none">docs/</filename> directory.
|
||||
</para>
|
||||
|
||||
<para>Oplocks may be selectively turned off on certain files with a
|
||||
share. See the <smbconfoption name="veto oplock files"/> parameter. On some systems
|
||||
<para>
|
||||
Oplocks may be selectively turned off on certain files with a share. See
|
||||
the <smbconfoption name="veto oplock files"/> parameter. On some systems
|
||||
oplocks are recognized by the underlying operating system. This
|
||||
allows data synchronization between all access to oplocked files,
|
||||
whether it be via Samba or NFS or a local UNIX process. See the
|
||||
<parameter moreinfo="none">kernel oplocks</parameter> parameter for details.</para>
|
||||
<smbconfoption name="kernel oplocks"/> parameter for details.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<related>kernel oplocks</related>
|
||||
|
@ -3,14 +3,13 @@
|
||||
context="S"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>The <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry>
|
||||
daemon maintains an database of file locks obtained by SMB clients.
|
||||
The default behavior is to map this internal database to POSIX
|
||||
locks. This means that file locks obtained by SMB clients are
|
||||
consistent with those seen by POSIX compliant applications accessing
|
||||
the files via a non-SMB method (e.g. NFS or local file access).
|
||||
You should never need to disable this parameter.</para>
|
||||
<para>
|
||||
The <citerefentry><refentrytitle>smbd</refentrytitle> <manvolnum>8</manvolnum></citerefentry>
|
||||
daemon maintains an database of file locks obtained by SMB clients. The default behavior is
|
||||
to map this internal database to POSIX locks. This means that file locks obtained by SMB clients are
|
||||
consistent with those seen by POSIX compliant applications accessing the files via a non-SMB
|
||||
method (e.g. NFS or local file access). You should never need to disable this parameter.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">yes</value>
|
||||
</samba:parameter>
|
||||
|
@ -3,17 +3,20 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This is a boolean that controls the handling of
|
||||
file locking in the server. When this is set to <constant>yes</constant>,
|
||||
the server will check every read and write access for file locks, and
|
||||
deny access if locks exist. This can be slow on some systems.</para>
|
||||
<para>
|
||||
This is a boolean that controls the handling of file locking in the server. When this is set to <constant>yes</constant>,
|
||||
the server will check every read and write access for file locks, and deny access if locks exist. This can be slow on
|
||||
some systems.
|
||||
</para>
|
||||
|
||||
<para>When strict locking is disabled, the server performs file
|
||||
lock checks only when the client explicitly asks for them.</para>
|
||||
<para>
|
||||
When strict locking is disabled, the server performs file lock checks only when the client explicitly asks for them.
|
||||
</para>
|
||||
|
||||
<para>Well-behaved clients always ask for lock checks when it
|
||||
is important. So in the vast majority of cases, <command moreinfo="none">strict
|
||||
locking = no</command> is acceptable.</para>
|
||||
</description>
|
||||
<value type="default">yes</value>
|
||||
<para>
|
||||
Well-behaved clients always ask for lock checks when it is important. So in the vast majority of cases,
|
||||
<command moreinfo="none">strict locking = no</command> is acceptable.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">yes</value>
|
||||
</samba:parameter>
|
||||
|
@ -4,14 +4,14 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>Sometimes the timestamps in the log messages
|
||||
are needed with a resolution of higher that seconds, this
|
||||
boolean parameter adds microsecond resolution to the timestamp
|
||||
message header when turned on.</para>
|
||||
<para>
|
||||
Sometimes the timestamps in the log messages are needed with a resolution of higher that seconds, this
|
||||
boolean parameter adds microsecond resolution to the timestamp message header when turned on.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Note that the parameter <smbconfoption name="debug timestamp"/> must be on for this to have an
|
||||
effect.</para>
|
||||
Note that the parameter <smbconfoption name="debug timestamp"/> must be on for this to have an effect.
|
||||
</para>
|
||||
|
||||
</description>
|
||||
<value type="default">no</value>
|
||||
|
@ -4,15 +4,16 @@
|
||||
developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>When using only one log file for more then one forked
|
||||
<citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry>-process there may be hard to
|
||||
follow which process outputs which message. This boolean parameter
|
||||
is adds the process-id to the timestamp message headers in the
|
||||
logfile when turned on.</para>
|
||||
<para>
|
||||
When using only one log file for more then one forked <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry>-process there may be hard to follow which process outputs which
|
||||
message. This boolean parameter is adds the process-id to the timestamp message headers in the
|
||||
logfile when turned on.
|
||||
</para>
|
||||
|
||||
<para>Note that the parameter <smbconfoption name="debug timestamp"/> must be on for this to have an
|
||||
effect.</para>
|
||||
<para>
|
||||
Note that the parameter <smbconfoption name="debug timestamp"/> must be on for this to have an effect.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">no</value>
|
||||
</samba:parameter>
|
||||
|
@ -3,12 +3,13 @@
|
||||
type="boolean"
|
||||
developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<synonym>timestamp logs</synonym>
|
||||
<synonym>timestamp logs</synonym>
|
||||
<description>
|
||||
<para>Samba debug log messages are timestamped
|
||||
by default. If you are running at a high <smbconfoption name="debug level"/> these timestamps
|
||||
can be distracting. This boolean parameter allows timestamping
|
||||
to be turned off.</para>
|
||||
<para>
|
||||
Samba debug log messages are timestamped by default. If you are running at a high
|
||||
<smbconfoption name="debug level"/> these timestamps can be distracting. This
|
||||
boolean parameter allows timestamping to be turned off.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">yes</value>
|
||||
</samba:parameter>
|
||||
|
@ -4,13 +4,14 @@
|
||||
developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>Samba is sometimes run as root and sometime
|
||||
run as the connected user, this boolean parameter inserts the
|
||||
current euid, egid, uid and gid to the timestamp message headers
|
||||
in the log file if turned on.</para>
|
||||
<para>
|
||||
Samba is sometimes run as root and sometime run as the connected user, this boolean parameter inserts the
|
||||
current euid, egid, uid and gid to the timestamp message headers in the log file if turned on.
|
||||
</para>
|
||||
|
||||
<para>Note that the parameter <smbconfoption name="debug timestamp"/> must be on for this to have an
|
||||
effect.</para>
|
||||
<para>
|
||||
Note that the parameter <smbconfoption name="debug timestamp"/> must be on for this to have an effect.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">no</value>
|
||||
</samba:parameter>
|
||||
|
@ -4,11 +4,13 @@
|
||||
developer="1" advanced="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This option allows you to override the name
|
||||
of the Samba log file (also known as the debug file).</para>
|
||||
<para>
|
||||
This option allows you to override the name of the Samba log file (also known as the debug file).
|
||||
</para>
|
||||
|
||||
<para>This option takes the standard substitutions, allowing
|
||||
you to have separate log files for each user or machine.</para>
|
||||
<para>
|
||||
This option takes the standard substitutions, allowing you to have separate log files for each user or machine.
|
||||
</para>
|
||||
</description>
|
||||
<value type="example">/usr/local/samba/var/log.%m</value>
|
||||
</samba:parameter>
|
||||
|
@ -5,15 +5,16 @@
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<synonym>debuglevel</synonym>
|
||||
<description>
|
||||
<para>The value of the parameter (a astring) allows
|
||||
the debug level (logging level) to be specified in the
|
||||
<filename moreinfo="none">smb.conf</filename> file. This parameter has been
|
||||
extended since the 2.2.x series, now it allow to specify the debug
|
||||
level for multiple debug classes. This is to give greater
|
||||
flexibility in the configuration of the system.</para>
|
||||
<para>
|
||||
The value of the parameter (a astring) allows the debug level (logging level) to be specified in the
|
||||
<filename moreinfo="none">smb.conf</filename> file. This parameter has been extended since the 2.2.x
|
||||
series, now it allow to specify the debug level for multiple debug classes. This is to give greater
|
||||
flexibility in the configuration of the system.
|
||||
</para>
|
||||
|
||||
<para>The default will be the log level specified on
|
||||
the command line or level zero if none was specified.</para>
|
||||
<para>
|
||||
The default will be the log level specified on the command line or level zero if none was specified.
|
||||
</para>
|
||||
|
||||
</description>
|
||||
<value type="example">3 passdb:5 auth:10 winbind:2</value>
|
||||
|
@ -4,12 +4,14 @@
|
||||
developer="1" advanced="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This option (an integer in kilobytes) specifies
|
||||
the max size the log file should grow to. Samba periodically checks
|
||||
the size and if it is exceeded it will rename the file, adding
|
||||
a <filename moreinfo="none">.old</filename> extension.</para>
|
||||
<para>
|
||||
This option (an integer in kilobytes) specifies the max size the log file should grow to.
|
||||
Samba periodically checks the size and if it is exceeded it will rename the file, adding
|
||||
a <filename moreinfo="none">.old</filename> extension.
|
||||
</para>
|
||||
|
||||
<para>A size of 0 means no limit.</para>
|
||||
<para>A size of 0 means no limit.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">5000</value>
|
||||
<value type="default">1000</value>
|
||||
|
@ -4,17 +4,17 @@
|
||||
developer="1" advanced="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This parameter maps how Samba debug messages
|
||||
are logged onto the system syslog logging levels. Samba debug
|
||||
level zero maps onto syslog <constant>LOG_ERR</constant>, debug
|
||||
level one maps onto <constant>LOG_WARNING</constant>, debug level
|
||||
two maps onto <constant>LOG_NOTICE</constant>, debug level three
|
||||
maps onto LOG_INFO. All higher levels are mapped to <constant>
|
||||
LOG_DEBUG</constant>.</para>
|
||||
<para>
|
||||
This parameter maps how Samba debug messages are logged onto the system syslog logging levels.
|
||||
Samba debug level zero maps onto syslog <constant>LOG_ERR</constant>, debug level one maps onto
|
||||
<constant>LOG_WARNING</constant>, debug level two maps onto <constant>LOG_NOTICE</constant>,
|
||||
debug level three maps onto LOG_INFO. All higher levels are mapped to <constant>LOG_DEBUG</constant>.
|
||||
</para>
|
||||
|
||||
<para>This parameter sets the threshold for sending messages
|
||||
to syslog. Only messages with debug level less than this value
|
||||
will be sent to syslog.</para>
|
||||
<para>
|
||||
This parameter sets the threshold for sending messages to syslog. Only messages with debug
|
||||
level less than this value will be sent to syslog.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">1</value>
|
||||
</samba:parameter>
|
||||
|
@ -4,9 +4,10 @@
|
||||
developer="1" advanced="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>If this parameter is set then Samba debug
|
||||
messages are logged into the system syslog only, and not to
|
||||
the debug log files.</para>
|
||||
<para>
|
||||
If this parameter is set then Samba debug messages are logged into the system
|
||||
syslog only, and not to the debug log files.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">no</value>
|
||||
</samba:parameter>
|
||||
|
@ -4,39 +4,45 @@
|
||||
advanced="1" developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This is the full pathname to a script that will
|
||||
be run <emphasis>AS ROOT</emphasis> by <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> under special circumstances described below.</para>
|
||||
<para>
|
||||
This is the full pathname to a script that will be run <emphasis>AS ROOT</emphasis> by
|
||||
<citerefentry><refentrytitle>smbd</refentrytitle> <manvolnum>8</manvolnum></citerefentry>
|
||||
under special circumstances described below.
|
||||
</para>
|
||||
|
||||
<para>Normally, a Samba server requires that UNIX users are
|
||||
created for all users accessing files on this server. For sites
|
||||
that use Windows NT account databases as their primary user database
|
||||
creating these users and keeping the user list in sync with the
|
||||
Windows NT PDC is an onerous task. This option allows smbd to create the required UNIX users
|
||||
<emphasis>ON DEMAND</emphasis> when a user accesses the Samba server.</para>
|
||||
<para>
|
||||
Normally, a Samba server requires that UNIX users are created for all users accessing
|
||||
files on this server. For sites that use Windows NT account databases as their primary
|
||||
user database creating these users and keeping the user list in sync with the Windows
|
||||
NT PDC is an onerous task. This option allows smbd to create the required UNIX users
|
||||
<emphasis>ON DEMAND</emphasis> when a user accesses the Samba server.
|
||||
</para>
|
||||
|
||||
<para>In order to use this option, <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> must <emphasis>NOT</emphasis> be set to <parameter moreinfo="none">security = share</parameter>
|
||||
and <parameter moreinfo="none">add user script</parameter>
|
||||
must be set to a full pathname for a script that will create a UNIX
|
||||
user given one argument of <parameter moreinfo="none">%u</parameter>, which expands into
|
||||
the UNIX user name to create.</para>
|
||||
<para>
|
||||
In order to use this option, <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> must <emphasis>NOT</emphasis> be set to
|
||||
<smbconfoption name="security">share</smbconfoption> and <smbconfoption name="add user script"/>
|
||||
must be set to a full pathname for a script that will create a UNIX user given one argument of
|
||||
<parameter moreinfo="none">%u</parameter>, which expands into the UNIX user name to create.
|
||||
</para>
|
||||
|
||||
<para>When the Windows user attempts to access the Samba server,
|
||||
at login (session setup in the SMB protocol) time, <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> contacts the <parameter moreinfo="none">password server</parameter> and
|
||||
attempts to authenticate the given user with the given password. If the
|
||||
authentication succeeds then <command moreinfo="none">smbd</command>
|
||||
attempts to find a UNIX user in the UNIX password database to map the
|
||||
Windows user into. If this lookup fails, and <parameter moreinfo="none">add user script
|
||||
</parameter> is set then <command moreinfo="none">smbd</command> will
|
||||
call the specified script <emphasis>AS ROOT</emphasis>, expanding
|
||||
any <parameter moreinfo="none">%u</parameter> argument to be the user name to create.</para>
|
||||
<para>
|
||||
When the Windows user attempts to access the Samba server, at login (session setup in
|
||||
the SMB protocol) time, <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> contacts the <smbconfoption name="password server"/>
|
||||
and attempts to authenticate the given user with the given password. If the authentication
|
||||
succeeds then <command moreinfo="none">smbd</command> attempts to find a UNIX user in the UNIX
|
||||
password database to map the Windows user into. If this lookup fails, and
|
||||
<smbconfoption name="add user script"/> is set then <command moreinfo="none">smbd</command> will
|
||||
call the specified script <emphasis>AS ROOT</emphasis>, expanding any
|
||||
<parameter moreinfo="none">%u</parameter> argument to be the user name to create.
|
||||
</para>
|
||||
|
||||
<para>If this script successfully creates the user then <command moreinfo="none">smbd
|
||||
</command> will continue on as though the UNIX user
|
||||
already existed. In this way, UNIX users are dynamically created to
|
||||
match existing Windows NT accounts.</para>
|
||||
<para>
|
||||
If this script successfully creates the user then <command moreinfo="none">smbd</command> will
|
||||
continue on as though the UNIX user already existed. In this way, UNIX users are dynamically created to
|
||||
match existing Windows NT accounts.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
See also <smbconfoption name="security"/>, <smbconfoption name="password server"/>,
|
||||
|
@ -4,16 +4,17 @@
|
||||
advanced="1" developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>Full path to the script that will be called when
|
||||
a user is added to a group using the Windows NT domain administration
|
||||
tools. It will be run by <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> <emphasis>AS ROOT</emphasis>.
|
||||
Any <parameter moreinfo="none">%g</parameter> will be replaced with the group name and
|
||||
<para>
|
||||
Full path to the script that will be called when a user is added to a group using the Windows NT domain administration
|
||||
tools. It will be run by <citerefentry><refentrytitle>smbd</refentrytitle> <manvolnum>8</manvolnum></citerefentry>
|
||||
<emphasis>AS ROOT</emphasis>. Any <parameter moreinfo="none">%g</parameter> will be replaced with the group name and
|
||||
any <parameter moreinfo="none">%u</parameter> will be replaced with the user name.
|
||||
</para>
|
||||
|
||||
<para>Note that the <command>adduser</command> command used in the example below does
|
||||
not support the used syntax on all systems. </para>
|
||||
<para>
|
||||
Note that the <command>adduser</command> command used in the example below does
|
||||
not support the used syntax on all systems.
|
||||
</para>
|
||||
|
||||
</description>
|
||||
<value type="default"></value>
|
||||
|
@ -38,18 +38,16 @@
|
||||
This option takes the standard substitutions, allowing you to have separate logon scripts for each user or machine.
|
||||
</para>
|
||||
|
||||
<warning>
|
||||
<para>
|
||||
Do not quote the value. Setting this as <quote>\\%N\profile\%U</quote>
|
||||
will break profile handling. Where the tdbsam or ldapsam passdb backend
|
||||
is used, at the time the user account is created the value configured
|
||||
for this parameter is written to the passdb backend and that value will
|
||||
over-ride the parameter value present in the smb.conf file. Any error
|
||||
present in the passdb backend account record must be editted using the
|
||||
appropriate tool (pdbedit on the command-line, or any other locally
|
||||
provided system tool.
|
||||
</para>
|
||||
</warning>
|
||||
<warning><para>
|
||||
Do not quote the value. Setting this as <quote>\\%N\profile\%U</quote>
|
||||
will break profile handling. Where the tdbsam or ldapsam passdb backend
|
||||
is used, at the time the user account is created the value configured
|
||||
for this parameter is written to the passdb backend and that value will
|
||||
over-ride the parameter value present in the smb.conf file. Any error
|
||||
present in the passdb backend account record must be editted using the
|
||||
appropriate tool (pdbedit on the command-line, or any other locally
|
||||
provided system tool.
|
||||
</para></warning>
|
||||
|
||||
<para>Note that this option is only useful if Samba is set up as a domain controller.</para>
|
||||
|
||||
@ -63,9 +61,9 @@
|
||||
|
||||
<para>
|
||||
An example of use is:
|
||||
<screen>
|
||||
<programlisting>
|
||||
logon path = \\PROFILESERVER\PROFILE\%U
|
||||
</screen>
|
||||
</programlisting>
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">\\%N\%U\profile</value>
|
||||
|
@ -15,17 +15,20 @@
|
||||
service specifies a <smbconfoption name="path"/> of <filename
|
||||
moreinfo="none">/usr/local/samba/netlogon</filename>, and <smbconfoption name="logon
|
||||
script">STARTUP.BAT</smbconfoption>, then the file that will be downloaded is:
|
||||
<screen>
|
||||
<programlisting>
|
||||
/usr/local/samba/netlogon/STARTUP.BAT
|
||||
</screen>
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The contents of the batch file are entirely your choice. A suggested command would be to add <command
|
||||
moreinfo="none">NET TIME \\SERVER /SET /YES</command>, to force every machine to synchronize clocks with the
|
||||
same time server. Another use would be to add <command moreinfo="none">NET USE U: \\SERVER\UTILS</command>
|
||||
for commonly used utilities, or <screen> <userinput>NET USE Q: \\SERVER\ISO9001_QA</userinput></screen> for
|
||||
example.
|
||||
for commonly used utilities, or
|
||||
<programlisting>
|
||||
<userinput>NET USE Q: \\SERVER\ISO9001_QA</userinput>
|
||||
</programlisting>
|
||||
for example.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
|
@ -49,8 +49,9 @@ let "time++"
|
||||
|
||||
/sbin/shutdown $3 $4 +$time $1 &
|
||||
</programlisting>
|
||||
Shutdown does not return so we need to launch it in background.
|
||||
</para>
|
||||
Shutdown does not return so we need to launch it in background.
|
||||
</para>
|
||||
|
||||
</description>
|
||||
<related>abort shutdown script</related>
|
||||
<value type="default"></value>
|
||||
|
@ -9,7 +9,7 @@
|
||||
the <parameter>path</parameter> parameter is a local AFS import. The
|
||||
special AFS features include the attempt to hand-craft an AFS token
|
||||
if you enabled --with-fake-kaserver in configure.
|
||||
</para>
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default">no</value>
|
||||
|
@ -28,21 +28,23 @@
|
||||
<para>Note: Your script should <emphasis>NOT</emphasis> be setuid or
|
||||
setgid and should be owned by (and writeable only by) root!</para>
|
||||
|
||||
<para>Where the script dfree (which must be made executable) could be:</para>
|
||||
|
||||
<para><programlisting format="linespecific">
|
||||
<para>Where the script dfree (which must be made executable) could be:
|
||||
<programlisting format="linespecific">
|
||||
#!/bin/sh
|
||||
df $1 | tail -1 | awk '{print $2" "$4}'
|
||||
</programlisting></para>
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>or perhaps (on Sys V based systems):</para>
|
||||
|
||||
<para><programlisting format="linespecific">
|
||||
<para>or perhaps (on Sys V based systems):
|
||||
<programlisting format="linespecific">
|
||||
#!/bin/sh
|
||||
/usr/bin/df -k $1 | tail -1 | awk '{print $3" "$5}'
|
||||
</programlisting></para>
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>Note that you may have to replace the command names with full path names on some systems.</para>
|
||||
<para>
|
||||
Note that you may have to replace the command names with full path names on some systems.
|
||||
</para>
|
||||
|
||||
</description>
|
||||
<value type="default"><comment>By default internal routines for
|
||||
|
@ -3,19 +3,18 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This parameter allows the Samba administrator
|
||||
to stop <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> from following symbolic
|
||||
links in a particular share. Setting this
|
||||
parameter to <constant>no</constant> prevents any file or directory
|
||||
that is a symbolic link from being followed (the user will get an
|
||||
error). This option is very useful to stop users from adding a
|
||||
symbolic link to <filename moreinfo="none">/etc/passwd</filename> in their home
|
||||
directory for instance. However it will slow filename lookups
|
||||
down slightly.</para>
|
||||
<para>
|
||||
This parameter allows the Samba administrator to stop <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> from following symbolic links in a particular share. Setting this
|
||||
parameter to <constant>no</constant> prevents any file or directory that is a symbolic link from being
|
||||
followed (the user will get an error). This option is very useful to stop users from adding a symbolic
|
||||
link to <filename moreinfo="none">/etc/passwd</filename> in their home directory for instance. However
|
||||
it will slow filename lookups down slightly.
|
||||
</para>
|
||||
|
||||
<para>This option is enabled (i.e. <command moreinfo="none">smbd</command> will
|
||||
follow symbolic links) by default.</para>
|
||||
<para>
|
||||
This option is enabled (i.e. <command moreinfo="none">smbd</command> will follow symbolic links) by default.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">yes</value>
|
||||
</samba:parameter>
|
||||
|
@ -3,14 +3,13 @@
|
||||
type="string"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This parameter allows the administrator to
|
||||
configure the string that specifies the type of filesystem a share
|
||||
is using that is reported by <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> when a client queries the filesystem type
|
||||
for a share. The default type is <constant>NTFS</constant> for
|
||||
compatibility with Windows NT but this can be changed to other
|
||||
strings such as <constant>Samba</constant> or <constant>FAT
|
||||
</constant> if required.</para>
|
||||
<para>
|
||||
This parameter allows the administrator to configure the string that specifies the type of filesystem a share
|
||||
is using that is reported by <citerefentry><refentrytitle>smbd</refentrytitle> <manvolnum>8</manvolnum></citerefentry>
|
||||
when a client queries the filesystem type for a share. The default type is <constant>NTFS</constant> for compatibility
|
||||
with Windows NT but this can be changed to other strings such as <constant>Samba</constant> or <constant>FAT</constant>
|
||||
if required.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">NTFS</value>
|
||||
<value type="example">Samba</value>
|
||||
|
@ -4,23 +4,21 @@
|
||||
advanced="1" developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>If <smbconfoption name="nis homedir"/> is <constant>yes</constant>,
|
||||
and <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> is also acting
|
||||
as a Win95/98 <parameter moreinfo="none">logon server</parameter> then this parameter
|
||||
specifies the NIS (or YP) map from which the server for the user's
|
||||
home directory should be extracted. At present, only the Sun
|
||||
auto.home map format is understood. The form of the map is:</para>
|
||||
|
||||
<para><command moreinfo="none">username server:/some/file/system</command></para>
|
||||
|
||||
<para>and the program will extract the servername from before
|
||||
the first ':'. There should probably be a better parsing system
|
||||
that copes with different map formats and also Amd (another
|
||||
automounter) maps.</para>
|
||||
<para>
|
||||
If <smbconfoption name="nis homedir"/> is <constant>yes</constant>, and <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> is also acting as a Win95/98 <parameter moreinfo="none">logon server</parameter>
|
||||
then this parameter specifies the NIS (or YP) map from which the server for the user's home directory should be extracted.
|
||||
At present, only the Sun auto.home map format is understood. The form of the map is:
|
||||
<programlisting>
|
||||
<command moreinfo="none">username server:/some/file/system</command>
|
||||
</programlisting>
|
||||
and the program will extract the servername from before the first ':'. There should probably be a better parsing system
|
||||
that copes with different map formats and also Amd (another automounter) maps.
|
||||
</para>
|
||||
|
||||
<note><para>A working NIS client is required on
|
||||
the system for this option to work.</para></note>
|
||||
<note><para>
|
||||
A working NIS client is required on the system for this option to work.
|
||||
</para></note>
|
||||
</description>
|
||||
<related>nis homedir</related>
|
||||
<related>domain logons</related>
|
||||
|
@ -4,13 +4,15 @@
|
||||
hide="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This allows you to include one config file
|
||||
inside another. The file is included literally, as though typed
|
||||
in place.</para>
|
||||
<para>
|
||||
This allows you to include one config file inside another. The file is included literally, as though typed
|
||||
in place.
|
||||
</para>
|
||||
|
||||
<para>It takes the standard substitutions, except <parameter moreinfo="none">%u
|
||||
</parameter>, <parameter moreinfo="none">%P</parameter> and <parameter moreinfo="none">%S</parameter>.
|
||||
</para>
|
||||
<para>
|
||||
It takes the standard substitutions, except <parameter moreinfo="none">%u</parameter>,
|
||||
<parameter moreinfo="none">%P</parameter> and <parameter moreinfo="none">%S</parameter>.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default"></value>
|
||||
|
@ -4,14 +4,13 @@
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>
|
||||
This parameter specifies the name of a file
|
||||
which will contain output created by a magic script (see the
|
||||
This parameter specifies the name of a file which will contain output created by a magic script (see the
|
||||
<smbconfoption name="magic script"/> parameter below).
|
||||
</para>
|
||||
|
||||
<warning><para>If two clients use the same <parameter moreinfo="none">magic script
|
||||
</parameter> in the same directory the output file content
|
||||
is undefined.</para></warning>
|
||||
<warning><para>If two clients use the same <parameter moreinfo="none">magic script
|
||||
</parameter> in the same directory the output file content is undefined.
|
||||
</para></warning>
|
||||
</description>
|
||||
|
||||
<value type="default"><magic script name>.out</value>
|
||||
|
@ -11,9 +11,10 @@
|
||||
deliver the message somehow. How this is to be done is
|
||||
up to your imagination.</para>
|
||||
|
||||
<para>An example is:</para>
|
||||
|
||||
<para><command moreinfo="none">message command = csh -c 'xedit %s;rm %s' &</command>
|
||||
<para>An example is:
|
||||
<programlisting>
|
||||
<command moreinfo="none">message command = csh -c 'xedit %s;rm %s' &</command>
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>This delivers the message using <command moreinfo="none">xedit</command>, then
|
||||
@ -52,10 +53,12 @@
|
||||
takes your fancy. Please let us know of any really interesting
|
||||
ideas you have.</para>
|
||||
|
||||
<para>Here's a way of sending the messages as mail to root:</para>
|
||||
|
||||
<para><command moreinfo="none">message command = /bin/mail -s 'message from %f on
|
||||
%m' root < %s; rm %s</command></para>
|
||||
<para>
|
||||
Here's a way of sending the messages as mail to root:
|
||||
<programlisting>
|
||||
<command moreinfo="none">message command = /bin/mail -s 'message from %f on %m' root < %s; rm %s</command>
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>If you don't have a message command then the message
|
||||
won't be delivered and Samba will tell the sender there was
|
||||
@ -63,9 +66,13 @@
|
||||
and carries on regardless, saying that the message was delivered.
|
||||
</para>
|
||||
|
||||
<para>If you want to silently delete it then try:</para>
|
||||
|
||||
<para><command moreinfo="none">message command = rm %s</command></para>
|
||||
<para>
|
||||
If you want to silently delete it then try:
|
||||
<programlisting>
|
||||
<command moreinfo="none">message command = rm %s</command>
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
</description>
|
||||
<value type="default"></value>
|
||||
<value type="example">csh -c 'xedit %s; rm %s' &</value>
|
||||
|
@ -8,7 +8,8 @@
|
||||
system command to be called when either <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> or <citerefentry><refentrytitle>smbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> crashes. This is usually used to
|
||||
draw attention to the fact that a problem occurred.</para>
|
||||
draw attention to the fact that a problem occurred.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default"></value>
|
||||
|
@ -4,8 +4,9 @@
|
||||
advanced="1" developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This option specifies the directory where pid
|
||||
files will be placed. </para>
|
||||
<para>
|
||||
This option specifies the directory where pid files will be placed.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default">${prefix}/var/locks</value>
|
||||
|
@ -4,8 +4,10 @@
|
||||
advanced="1" developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This boolean option controls whether a non-zero
|
||||
return code from <smbconfoption name="preexec"/> should close the service being connected to.</para>
|
||||
<para>
|
||||
This boolean option controls whether a non-zero return code from <smbconfoption name="preexec"/>
|
||||
should close the service being connected to.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default">no</value>
|
||||
|
@ -4,28 +4,34 @@
|
||||
type="list"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
|
||||
<para>
|
||||
This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry>to periodically announce itself
|
||||
to arbitrary IP addresses with an arbitrary workgroup name.</para>
|
||||
to arbitrary IP addresses with an arbitrary workgroup name.
|
||||
</para>
|
||||
|
||||
<para>This is useful if you want your Samba server to appear
|
||||
in a remote workgroup for which the normal browse propagation
|
||||
rules don't work. The remote workgroup can be anywhere that you
|
||||
can send IP packets to.</para>
|
||||
<para>
|
||||
This is useful if you want your Samba server to appear in a remote workgroup for
|
||||
which the normal browse propagation rules don't work. The remote workgroup can be
|
||||
anywhere that you can send IP packets to.
|
||||
</para>
|
||||
|
||||
<para>For example:</para>
|
||||
<para>
|
||||
For example:
|
||||
<programlisting>
|
||||
<command moreinfo="none">remote announce = 192.168.2.255/SERVERS 192.168.4.255/STAFF</command>
|
||||
</programlisting>
|
||||
the above line would cause <command moreinfo="none">nmbd</command> to announce itself
|
||||
to the two given IP addresses using the given workgroup names. If you leave out the
|
||||
workgroup name then the one given in the <smbconfoption name="workgroup"/> parameter
|
||||
is used instead.
|
||||
</para>
|
||||
|
||||
<para><command moreinfo="none">remote announce = 192.168.2.255/SERVERS
|
||||
192.168.4.255/STAFF</command></para>
|
||||
|
||||
<para>the above line would cause <command moreinfo="none">nmbd</command> to announce itself
|
||||
to the two given IP addresses using the given workgroup names.
|
||||
If you leave out the workgroup name then the one given in
|
||||
the <smbconfoption name="workgroup"/> parameter is used instead.</para>
|
||||
|
||||
<para>The IP addresses you choose would normally be the broadcast
|
||||
addresses of the remote networks, but can also be the IP addresses
|
||||
of known browse masters if your network config is that stable.</para>
|
||||
<para>
|
||||
The IP addresses you choose would normally be the broadcast addresses of the remote
|
||||
networks, but can also be the IP addresses of known browse masters if your network
|
||||
config is that stable.
|
||||
</para>
|
||||
|
||||
<para>See <smbconfoption name="NetworkBrowsing"/>.</para>
|
||||
</description>
|
||||
|
@ -4,32 +4,40 @@
|
||||
type="list"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
|
||||
<para>
|
||||
This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
|
||||
<manvolnum>8</manvolnum></citerefentry> to periodically request
|
||||
synchronization of browse lists with the master browser of a Samba
|
||||
server that is on a remote segment. This option will allow you to
|
||||
gain browse lists for multiple workgroups across routed networks. This
|
||||
is done in a manner that does not work with any non-Samba servers.</para>
|
||||
is done in a manner that does not work with any non-Samba servers.
|
||||
</para>
|
||||
|
||||
<para>This is useful if you want your Samba server and all local
|
||||
<para>
|
||||
This is useful if you want your Samba server and all local
|
||||
clients to appear in a remote workgroup for which the normal browse
|
||||
propagation rules don't work. The remote workgroup can be anywhere
|
||||
that you can send IP packets to.</para>
|
||||
that you can send IP packets to.
|
||||
</para>
|
||||
|
||||
<para>For example:</para>
|
||||
|
||||
<para><command moreinfo="none">remote browse sync = 192.168.2.255 192.168.4.255</command></para>
|
||||
|
||||
<para>the above line would cause <command moreinfo="none">nmbd</command> to request
|
||||
<para>
|
||||
For example:
|
||||
<programlisting>
|
||||
<command moreinfo="none">remote browse sync = 192.168.2.255 192.168.4.255</command>
|
||||
</programlisting>
|
||||
the above line would cause <command moreinfo="none">nmbd</command> to request
|
||||
the master browser on the specified subnets or addresses to
|
||||
synchronize their browse lists with the local server.</para>
|
||||
synchronize their browse lists with the local server.
|
||||
</para>
|
||||
|
||||
<para>The IP addresses you choose would normally be the broadcast
|
||||
<para>
|
||||
The IP addresses you choose would normally be the broadcast
|
||||
addresses of the remote networks, but can also be the IP addresses
|
||||
of known browse masters if your network config is that stable. If
|
||||
a machine IP address is given Samba makes NO attempt to validate
|
||||
that the remote machine is available, is listening, nor that it
|
||||
is in fact the browse master on its segment.</para>
|
||||
is in fact the browse master on its segment.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default"></value>
|
||||
|
@ -4,10 +4,11 @@
|
||||
advanced="1" developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This is the same as the <parameter moreinfo="none">postexec</parameter>
|
||||
parameter except that the command is run as root. This
|
||||
is useful for unmounting filesystems
|
||||
(such as CDROMs) after a connection is closed.</para>
|
||||
<para>
|
||||
This is the same as the <parameter moreinfo="none">postexec</parameter>
|
||||
parameter except that the command is run as root. This is useful for
|
||||
unmounting filesystems (such as CDROMs) after a connection is closed.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<related>postexec</related>
|
||||
|
@ -4,10 +4,11 @@
|
||||
advanced="1" wizard="1" developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This is the same as the <parameter moreinfo="none">preexec</parameter>
|
||||
parameter except that the command is run as root. This
|
||||
is useful for mounting filesystems (such as CDROMs) when a
|
||||
connection is opened.</para>
|
||||
<para>
|
||||
This is the same as the <parameter moreinfo="none">preexec</parameter>
|
||||
parameter except that the command is run as root. This is useful for
|
||||
mounting filesystems (such as CDROMs) when a connection is opened.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<related>preexec</related>
|
||||
|
@ -3,13 +3,16 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>If <command moreinfo="none">set directory = no</command>, then
|
||||
users of the service may not use the setdir command to change
|
||||
directory.</para>
|
||||
<para>
|
||||
If <command moreinfo="none">set directory = no</command>, then users of the
|
||||
service may not use the setdir command to change directory.
|
||||
</para>
|
||||
|
||||
<para>The <command moreinfo="none">setdir</command> command is only implemented
|
||||
<para>
|
||||
The <command moreinfo="none">setdir</command> command is only implemented
|
||||
in the Digital Pathworks client. See the Pathworks documentation
|
||||
for details.</para>
|
||||
for details.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default">no</value>
|
||||
|
@ -3,19 +3,20 @@
|
||||
type="boolean"
|
||||
developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This boolean parameter is only available if
|
||||
Samba has been configured and compiled with the option <command moreinfo="none">
|
||||
--with-utmp</command>. If set to <constant>yes</constant> then Samba will attempt
|
||||
to add utmp or utmpx records (depending on the UNIX system) whenever a
|
||||
connection is made to a Samba server. Sites may use this to record the
|
||||
user connecting to a Samba share.</para>
|
||||
<description>
|
||||
<para>
|
||||
This boolean parameter is only available if Samba has been configured and compiled
|
||||
with the option <command moreinfo="none">--with-utmp</command>. If set to
|
||||
<constant>yes</constant> then Samba will attempt to add utmp or utmpx records
|
||||
(depending on the UNIX system) whenever a connection is made to a Samba server.
|
||||
Sites may use this to record the user connecting to a Samba share.
|
||||
</para>
|
||||
|
||||
<para>Due to the requirements of the utmp record, we
|
||||
are required to create a unique identifier for the
|
||||
incoming user. Enabling this option creates an n^2
|
||||
algorithm to find this number. This may impede
|
||||
performance on large installations. </para>
|
||||
<para>
|
||||
Due to the requirements of the utmp record, we are required to create a unique
|
||||
identifier for the incoming user. Enabling this option creates an n^2 algorithm
|
||||
to find this number. This may impede performance on large installations.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<related>utmp directory</related>
|
||||
|
@ -4,19 +4,17 @@
|
||||
advanced="1" developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This parameter is only available if Samba has
|
||||
been configured and compiled with the option <command moreinfo="none">
|
||||
--with-utmp</command>. It specifies a directory pathname that is
|
||||
used to store the wtmp or wtmpx files (depending on the UNIX system) that
|
||||
record user connections to a Samba server. The difference with
|
||||
the utmp directory is the fact that user info is kept after a user
|
||||
has logged out.</para>
|
||||
<para>
|
||||
This parameter is only available if Samba has been configured and compiled with the option <command moreinfo="none">
|
||||
--with-utmp</command>. It specifies a directory pathname that is used to store the wtmp or wtmpx files (depending on
|
||||
the UNIX system) that record user connections to a Samba server. The difference with the utmp directory is the fact
|
||||
that user info is kept after a user has logged out.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
By default this is
|
||||
not set, meaning the system will use whatever utmp file the
|
||||
native system is set to use (usually
|
||||
<filename moreinfo="none">/var/run/wtmp</filename> on Linux).</para>
|
||||
<para>
|
||||
By default this is not set, meaning the system will use whatever utmp file the native system is set to use (usually
|
||||
<filename moreinfo="none">/var/run/wtmp</filename> on Linux).
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<related>utmp</related>
|
||||
|
@ -5,17 +5,20 @@
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>
|
||||
This parameter is only applicable if <smbconfoption name="printing"/> is
|
||||
This parameter is only applicable if <smbconfoption name="printing"/> is
|
||||
set to <constant>cups</constant>. Its value is a free form string of options
|
||||
passed directly to the cups library.
|
||||
</para>
|
||||
|
||||
<para>You can pass any generic print option known to CUPS (as listed
|
||||
<para>
|
||||
You can pass any generic print option known to CUPS (as listed
|
||||
in the CUPS "Software Users' Manual"). You can also pass any printer
|
||||
specific option (as listed in "lpoptions -d printername -l")
|
||||
valid for the target queue.</para>
|
||||
valid for the target queue.
|
||||
</para>
|
||||
|
||||
<para>You should set this parameter to <constant>raw</constant> if your CUPS server
|
||||
<para>
|
||||
You should set this parameter to <constant>raw</constant> if your CUPS server
|
||||
<filename>error_log</filename> file contains messages such as
|
||||
"Unsupported format 'application/octet-stream'" when printing from a Windows client
|
||||
through Samba. It is no longer necessary to enable
|
||||
|
@ -4,12 +4,14 @@
|
||||
print="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This parameter is only applicable if <smbconfoption name="printing"/> is set to <constant>cups</constant>.
|
||||
<para>
|
||||
This parameter is only applicable if <smbconfoption name="printing"/> is set to <constant>cups</constant>.
|
||||
</para>
|
||||
|
||||
<para>If set, this option overrides the ServerName option in the CUPS
|
||||
<filename>client.conf</filename>. This is necessary if you have virtual
|
||||
samba servers that connect to different CUPS daemons.</para>
|
||||
<para>
|
||||
If set, this option overrides the ServerName option in the CUPS <filename>client.conf</filename>. This is
|
||||
necessary if you have virtual samba servers that connect to different CUPS daemons.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default">""</value>
|
||||
|
@ -24,7 +24,7 @@
|
||||
been executed, <command moreinfo="none">smbd</command> will reparse the <filename moreinfo="none">
|
||||
smb.conf</filename> to associated printer no longer exists.
|
||||
If the sharename is still valid, then <command moreinfo="none">smbd
|
||||
</command> will return an ACCESS_DENIED error to the client.</para>
|
||||
</command> will return an ACCESS_DENIED error to the client.</para>
|
||||
</description>
|
||||
|
||||
<related>addprinter command</related>
|
||||
|
@ -17,7 +17,7 @@
|
||||
can define <parameter moreinfo="none">enumports command</parameter> to point to
|
||||
a program which should generate a list of ports, one per line,
|
||||
to standard output. This listing will then be used in response
|
||||
to the level 1 and 2 EnumPorts() RPC.</para>
|
||||
to the level 1 and 2 EnumPorts() RPC.</para>
|
||||
</description>
|
||||
|
||||
<value type="default"></value>
|
||||
|
@ -7,7 +7,7 @@
|
||||
<para>A boolean variable that controls whether all
|
||||
printers in the printcap will be loaded for browsing by default.
|
||||
See the <smbconfoption name="printers"/> section for
|
||||
more details.</para>
|
||||
more details.</para>
|
||||
</description>
|
||||
|
||||
<value type="default">yes</value>
|
||||
|
@ -29,7 +29,11 @@
|
||||
<related>printing</related>
|
||||
|
||||
<value type="default"><comment>Currently no default value is given to
|
||||
this string, unless the value of the <parameter moreinfo="none">printing</parameter>
|
||||
parameter is <constant>SYSV</constant>, in which case the default is : <command moreinfo="none">lp -i %p-%j -H hold</command> or if the value of the <parameter moreinfo="none">printing</parameter> parameter is <constant>SOFTQ</constant>, then the default is: <command moreinfo="none">qstat -s -j%j -h</command>. </comment></value>
|
||||
this string, unless the value of the <smbconfoption name="printing"/>
|
||||
parameter is <constant>SYSV</constant>, in which case the default is :
|
||||
<command moreinfo="none">lp -i %p-%j -H hold</command> or if the value of the
|
||||
<parameter moreinfo="none">printing</parameter> parameter is
|
||||
<constant>SOFTQ</constant>, then the default is:
|
||||
<command moreinfo="none">qstat -s -j%j -h</command>. </comment></value>
|
||||
<value type="example">/usr/bin/lpalt %p-%j -p0</value>
|
||||
</samba:parameter>
|
||||
|
@ -29,7 +29,7 @@
|
||||
<para><command moreinfo="none">lp -i %p-%j -H resume</command></para>
|
||||
|
||||
<para>or if the value of the <parameter moreinfo="none">printing</parameter> parameter
|
||||
is <constant>SOFTQ</constant>, then the default is:</para>
|
||||
is <constant>SOFTQ</constant>, then the default is:</para>
|
||||
|
||||
<para><command moreinfo="none">qstat -s -j%j -r</command></para>
|
||||
</description>
|
||||
|
@ -20,13 +20,13 @@
|
||||
|
||||
<para>
|
||||
Examples of use are:
|
||||
<screen>
|
||||
<programlisting>
|
||||
lprm command = /usr/bin/lprm -P%p %j
|
||||
|
||||
or
|
||||
|
||||
lprm command = /usr/bin/cancel %p-%j
|
||||
</screen>
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
</description>
|
||||
|
@ -4,11 +4,12 @@
|
||||
print="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This parameter limits the maximum number of
|
||||
jobs displayed in a port monitor for Samba printer queue at any given
|
||||
moment. If this number is exceeded, the excess jobs will not be shown.
|
||||
A value of zero means there is no limit on the number of print
|
||||
jobs reported.</para>
|
||||
<para>
|
||||
This parameter limits the maximum number of jobs displayed in a port monitor for
|
||||
Samba printer queue at any given moment. If this number is exceeded, the excess
|
||||
jobs will not be shown. A value of zero means there is no limit on the number of
|
||||
print jobs reported.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<related>max print jobs</related>
|
||||
|
@ -15,10 +15,10 @@
|
||||
LaserJet 5L</command>.</para>
|
||||
|
||||
<para>
|
||||
The need for the file is due to the printer driver namespace problem described in <link
|
||||
linkend="classicalprinting">the chapter on Classical Printing in the book Samba3-HOWTO</link>. For more
|
||||
details on OS/2 clients, please refer to <link linkend="Other-Clients"/>.
|
||||
</para>
|
||||
The need for the file is due to the printer driver namespace problem described in <link
|
||||
linkend="classicalprinting">the chapter on Classical Printing in the book Samba3-HOWTO</link>. For more
|
||||
details on OS/2 clients, please refer to <link linkend="Other-Clients"/>.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default"/>
|
||||
</samba:parameter>
|
||||
|
@ -11,9 +11,10 @@
|
||||
packs do security ACL checking on the owner and ability to write of the
|
||||
profile directory stored on a local workstation when copied from a Samba
|
||||
share.
|
||||
</para>
|
||||
</para>
|
||||
|
||||
<para>When not in domain mode with winbindd then the security info copied
|
||||
<para>
|
||||
When not in domain mode with winbindd then the security info copied
|
||||
onto the local workstation has no meaning to the logged in user (SID) on
|
||||
that workstation so the profile storing fails. Adding this parameter
|
||||
onto a share used for profile storage changes two things about the
|
||||
@ -22,16 +23,18 @@
|
||||
BUILTIN\\Users respectively (SIDs S-1-5-32-544, S-1-5-32-545). Secondly
|
||||
it adds an ACE entry of "Full Control" to the SID BUILTIN\\Users to
|
||||
every returned ACL. This will allow any Windows 2000 or XP workstation
|
||||
user to access the profile.</para>
|
||||
user to access the profile.
|
||||
</para>
|
||||
|
||||
<para>Note that if you have multiple users logging
|
||||
<para>
|
||||
Note that if you have multiple users logging
|
||||
on to a workstation then in order to prevent them from being able to access
|
||||
each others profiles you must remove the "Bypass traverse checking" advanced
|
||||
user right. This will prevent access to other users profile directories as
|
||||
the top level profile directory (named after the user) is created by the
|
||||
workstation profile code and has an ACL restricting entry to the directory
|
||||
tree to the owning user.
|
||||
</para>
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default">no</value>
|
||||
|
@ -5,7 +5,7 @@
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>
|
||||
This option only takes effect when the <smbconfoption name="security"/> option is set to
|
||||
This option only takes effect when the <smbconfoption name="security"/> option is set to
|
||||
<constant>server</constant>,<constant>domain</constant> or <constant>ads</constant>.
|
||||
If it is set to no, then attempts to connect to a resource from
|
||||
a domain or workgroup other than the one which smbd is running
|
||||
|
@ -4,25 +4,30 @@
|
||||
basic="1" advanced="1" wizard="1" developer="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>
|
||||
This option allows the administrator to chose what authentication methods <command
|
||||
moreinfo="none">smbd</command> will use when authenticating a user. This option defaults to sensible values
|
||||
based on <smbconfoption name="security"/>. This should be considered a developer option and used only in rare
|
||||
circumstances. In the majority (if not all) of production servers, the default setting should be adequate.
|
||||
</para>
|
||||
|
||||
<para>Each entry in the list attempts to authenticate the user in turn, until
|
||||
<para>
|
||||
This option allows the administrator to chose what authentication methods <command moreinfo="none">smbd</command>
|
||||
will use when authenticating a user. This option defaults to sensible values based on <smbconfoption name="security"/>.
|
||||
This should be considered a developer option and used only in rare circumstances. In the majority (if not all)
|
||||
of production servers, the default setting should be adequate.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Each entry in the list attempts to authenticate the user in turn, until
|
||||
the user authenticates. In practice only one method will ever actually
|
||||
be able to complete the authentication.
|
||||
</para>
|
||||
|
||||
<para>Possible options include <constant>guest</constant> (anonymous access),
|
||||
<para>
|
||||
Possible options include <constant>guest</constant> (anonymous access),
|
||||
<constant>sam</constant> (lookups in local list of accounts based on netbios
|
||||
name or domain name), <constant>winbind</constant> (relay authentication requests
|
||||
for remote users through winbindd), <constant>ntdomain</constant> (pre-winbindd
|
||||
method of authentication for remote domain users; deprecated in favour of winbind method),
|
||||
<constant>trustdomain</constant> (authenticate trusted users by contacting the
|
||||
remote DC directly from smbd; deprecated in favour of winbind method).</para>
|
||||
remote DC directly from smbd; deprecated in favour of winbind method).
|
||||
</para>
|
||||
|
||||
</description>
|
||||
<value type="default"/>
|
||||
<value type="example">guest sam winbind</value>
|
||||
|
@ -5,14 +5,13 @@
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
|
||||
<para>This controls whether the client offers or even
|
||||
demands the use of the netlogon schannel.
|
||||
<parameter>client schannel = no</parameter> does not
|
||||
offer the schannel, <parameter>client schannel =
|
||||
auto</parameter> offers the schannel but does not
|
||||
enforce it, and <parameter>client schannel =
|
||||
yes</parameter> denies access if the server is not
|
||||
able to speak netlogon schannel. </para>
|
||||
<para>
|
||||
This controls whether the client offers or even demands the use of the netlogon schannel.
|
||||
<smbconfoption name="client schannel">no</smbconfoption> does not offer the schannel,
|
||||
<smbconfoption name="client schannel">auto</smbconfoption> offers the schannel but does not
|
||||
enforce it, and <smbconfoption name="client schannel">yes</smbconfoption> denies access
|
||||
if the server is not able to speak netlogon schannel.
|
||||
</para>
|
||||
</description>
|
||||
<value type="default">auto</value>
|
||||
<value type="example">yes</value>
|
||||
|
@ -4,23 +4,23 @@
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
|
||||
<description>
|
||||
<para>If this parameter is set, a Windows NT ACL that contains an unknown
|
||||
SID (security descriptor, or representation of a user or group
|
||||
id) as the owner or group owner of the file will be silently
|
||||
mapped into the current UNIX uid or gid of the currently
|
||||
connected user.</para>
|
||||
<para>
|
||||
If this parameter is set, a Windows NT ACL that contains an unknown SID (security descriptor, or
|
||||
representation of a user or group id) as the owner or group owner of the file will be silently
|
||||
mapped into the current UNIX uid or gid of the currently connected user.
|
||||
</para>
|
||||
|
||||
<para>This is designed to allow Windows NT clients to copy files and
|
||||
folders containing ACLs that were created locally on the client
|
||||
machine and contain users local to that machine only (no domain
|
||||
users) to be copied to a Samba server (usually with XCOPY /O)
|
||||
and have the unknown userid and groupid of the file owner map to
|
||||
the current connected user. This can only be fixed correctly
|
||||
when winbindd allows arbitrary mapping from any Windows NT SID
|
||||
to a UNIX uid or gid.</para>
|
||||
<para>
|
||||
This is designed to allow Windows NT clients to copy files and folders containing ACLs that were
|
||||
created locally on the client machine and contain users local to that machine only (no domain
|
||||
users) to be copied to a Samba server (usually with XCOPY /O) and have the unknown userid and
|
||||
groupid of the file owner map to the current connected user. This can only be fixed correctly
|
||||
when winbindd allows arbitrary mapping from any Windows NT SID to a UNIX uid or gid.
|
||||
</para>
|
||||
|
||||
<para>Try using this parameter when XCOPY /O gives an ACCESS_DENIED
|
||||
error.</para>
|
||||
<para>
|
||||
Try using this parameter when XCOPY /O gives an ACCESS_DENIED error.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default">no</value>
|
||||
|
@ -65,7 +65,7 @@
|
||||
|
||||
</para>
|
||||
Examples of use are:
|
||||
<screen>
|
||||
<programlisting>
|
||||
passdb backend = tdbsam:/etc/samba/private/passdb.tdb \
|
||||
smbpasswd:/etc/samba/smbpasswd
|
||||
|
||||
@ -81,7 +81,7 @@ passdb backend = ldapsam:"ldap://ldap-1.example.com \
|
||||
or
|
||||
|
||||
passdb backend = mysql:my_plugin_args tdbsam
|
||||
</screen>
|
||||
</programlisting>
|
||||
</description>
|
||||
|
||||
<value type="default">smbpasswd</value>
|
||||
|
@ -7,10 +7,10 @@
|
||||
<para>The setting of this parameter determines whether user and
|
||||
group list information is returned for an anonymous connection.
|
||||
and mirrors the effects of the
|
||||
<screen>
|
||||
<programlisting>
|
||||
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
|
||||
Control\LSA\RestrictAnonymous
|
||||
</screen>
|
||||
</programlisting>
|
||||
registry key in Windows 2000 and Windows NT. When set to 0, user
|
||||
and group list information is returned to anyone who asks. When set
|
||||
to 1, only an authenticated user can retrive user and
|
||||
|
@ -7,12 +7,12 @@
|
||||
<para>This option sets the path to the encrypted smbpasswd file. By
|
||||
default the path to the smbpasswd file is compiled into Samba.</para>
|
||||
|
||||
<para>
|
||||
An example of use is:
|
||||
<screen>
|
||||
<para>
|
||||
An example of use is:
|
||||
<programlisting>
|
||||
smb passwd file = /etc/samba/smbpasswd
|
||||
</screen>
|
||||
</para>
|
||||
</programlisting>
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default">${prefix}/private/smbpasswd</value>
|
||||
|
@ -76,15 +76,17 @@
|
||||
guest = *
|
||||
</programlisting></para>
|
||||
|
||||
<para>Note that the remapping is applied to all occurrences
|
||||
<para>
|
||||
Note that the remapping is applied to all occurrences
|
||||
of usernames. Thus if you connect to \\server\fred and <constant>
|
||||
fred</constant> is remapped to <constant>mary</constant> then you
|
||||
will actually be connecting to \\server\mary and will need to
|
||||
supply a password suitable for <constant>mary</constant> not
|
||||
<constant>fred</constant>. The only exception to this is the
|
||||
username passed to the <smbconfoption name="password server"/> (if you have one). The password
|
||||
server will receive whatever username the client supplies without
|
||||
modification.</para>
|
||||
username passed to the <smbconfoption name="password server"/>
|
||||
(if you have one). The password server will receive whatever
|
||||
username the client supplies without modification.
|
||||
</para>
|
||||
|
||||
<para>Also note that no reverse mapping is done. The main effect
|
||||
this has is with printing. Users who have been mapped may have
|
||||
@ -117,12 +119,12 @@ guest = *
|
||||
after the user has been successfully authenticated.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
An example of use is:
|
||||
<screen>
|
||||
<para>
|
||||
An example of use is:
|
||||
<programlisting>
|
||||
username map = /usr/local/samba/lib/users.map
|
||||
</screen>
|
||||
</para>
|
||||
</programlisting>
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<value type="default"><comment>no username map</comment></value>
|
||||
|
@ -3,17 +3,22 @@
|
||||
type="list"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This is a list of users that should be allowed
|
||||
to login to this service. Names starting with '@', '+' and '&'
|
||||
are interpreted using the same rules as described in the
|
||||
<parameter moreinfo="none">invalid users</parameter> parameter.</para>
|
||||
<para>
|
||||
This is a list of users that should be allowed to login to this service. Names starting with
|
||||
'@', '+' and '&' are interpreted using the same rules as described in the
|
||||
<parameter moreinfo="none">invalid users</parameter> parameter.
|
||||
</para>
|
||||
|
||||
<para>If this is empty (the default) then any user can login.
|
||||
If a username is in both this list and the <parameter moreinfo="none">invalid
|
||||
users</parameter> list then access is denied for that user.</para>
|
||||
<para>
|
||||
If this is empty (the default) then any user can login. If a username is in both this list
|
||||
and the <parameter moreinfo="none">invalid users</parameter> list then access is denied
|
||||
for that user.
|
||||
</para>
|
||||
|
||||
<para>The current servicename is substituted for <parameter moreinfo="none">%S
|
||||
</parameter>. This is useful in the [homes] section.</para>
|
||||
<para>
|
||||
The current servicename is substituted for <parameter moreinfo="none">%S</parameter>.
|
||||
This is useful in the [homes] section.
|
||||
</para>
|
||||
</description>
|
||||
|
||||
<related>invalid users</related>
|
||||
|
@ -3,17 +3,22 @@
|
||||
type="list"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>This is a list of users that are given read-write
|
||||
access to a service. If the connecting user is in this list then
|
||||
they will be given write access, no matter what the <smbconfoption name="read only"/>
|
||||
option is set to. The list can include group names using the
|
||||
@group syntax.</para>
|
||||
<para>
|
||||
This is a list of users that are given read-write access to a service. If the
|
||||
connecting user is in this list then they will be given write access, no matter
|
||||
what the <smbconfoption name="read only"/> option is set to. The list can
|
||||
include group names using the @group syntax.
|
||||
</para>
|
||||
|
||||
<para>Note that if a user is in both the read list and the
|
||||
write list then they will be given write access.</para>
|
||||
<para>
|
||||
Note that if a user is in both the read list and the write list then they will be
|
||||
given write access.
|
||||
</para>
|
||||
|
||||
<para>This parameter will not work with the <smbconfoption name="security">share</smbconfoption> in
|
||||
Samba 3.0. This is by design.</para>
|
||||
<para>
|
||||
By design, this parameter will not work with the
|
||||
<smbconfoption name="security">share</smbconfoption> in Samba 3.0.
|
||||
</para>
|
||||
|
||||
</description>
|
||||
|
||||
|
@ -3,8 +3,9 @@
|
||||
type="boolean"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>If this parameter is <constant>yes</constant>, and the <constant>sendfile()</constant> system call is supported by the underlying operating system, then some SMB read calls (mainly ReadAndX
|
||||
and ReadRaw) will use the more efficient sendfile system call for files that
|
||||
<para>If this parameter is <constant>yes</constant>, and the <constant>sendfile()</constant>
|
||||
system call is supported by the underlying operating system, then some SMB read calls
|
||||
(mainly ReadAndX and ReadRaw) will use the more efficient sendfile system call for files that
|
||||
are exclusively oplocked. This may make more efficient use of the system CPU's
|
||||
and cause Samba to be faster. Samba automatically turns this off for clients
|
||||
that use protocol levels lower than NT LM 0.12 and when it detects a client is
|
||||
|
Loading…
Reference in New Issue
Block a user