samba-mirror/allowtrusteddomains.xml at 3f14155a9f409103fcfeea0df633e2700dd316f2

mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00

Gerald W. Carter 8f8a9f0190 Moving docs tree to docs-xml to make room for generated docs in the release tarball.

(This used to be commit 9f672c26d6)

2008-04-23 08:47:48 -05:00

 <samba:parameter name="allow trusted domains"
                  context="G"
 				 type="boolean"
                  advanced="1" developer="1"
 		 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
 <description>
     <para>
     This option only takes effect when the <smbconfoption name="security"/> option is set to
     <constant>server</constant>, <constant>domain</constant> or <constant>ads</constant>.
     If it is set to no, then attempts to connect to a resource from
     a domain or workgroup other than the one which smbd is running
     in will fail, even if that domain is trusted by the remote server
     doing the authentication.</para>
     <para>This is useful if you only want your Samba server to
     serve resources to users in the domain it is a member of. As
     an example, suppose that there are two domains DOMA and DOMB.  DOMB
     is trusted by DOMA, which contains the Samba server.  Under normal
     circumstances, a user with an account in DOMB can then access the
     resources of a UNIX account with the same account name on the
     Samba server even if they do not have an account in DOMA.  This
     can make implementing a security boundary difficult.</para>
 </description>
 <value type="default">yes</value>
 </samba:parameter>