consulting firm located in Waterloo, Ontario, Canada. We work
with a variety of environments (such as Windows, Windows NT and
Unix), tools and application areas, and can provide assistance for
- development work ranging from a few days to to multiple man-year
+ development work ranging from a few days to multiple man-year
projects. You can find more information at http://www.metrics.com/.
<para>You may wish to disable this option if you have a problem with empty
workgroups not disappearing from browse lists. Due to the restrictions
- of the browse protocols these enhancements can cause a empty workgroup
+ of the browse protocols, these enhancements can cause a empty workgroup
to stay around forever which can be annoying.</para>
<para>In general you should leave this option enabled as it makes
<para>
When strict locking is set to Auto (the default), the server performs file lock checks only on non-oplocked files.
As most Windows redirectors perform file locking checks locally on oplocked files this is a good trade off for
- inproved performance.
+ improved performance.
</para>
<para>
<description>
<para>
This option allows you to setup <citerefentry><refentrytitle>nmbd</refentrytitle>
- <manvolnum>8</manvolnum></citerefentry>to periodically announce itself
+ <manvolnum>8</manvolnum></citerefentry> to periodically announce itself
to arbitrary IP addresses with an arbitrary workgroup name.
</para>
</programlisting>
the above line would cause <command moreinfo="none">nmbd</command> to announce itself
to the two given IP addresses using the given workgroup names. If you leave out the
- workgroup name then the one given in the <smbconfoption name="workgroup"/> parameter
+ workgroup name, then the one given in the <smbconfoption name="workgroup"/> parameter
is used instead.
</para>
to be accessed by non-authenticated users or not. It is the equivalent
of allowing people who can create a share the option of setting
<parameter moreinfo="none">guest ok = yes</parameter> in a share
- definition. Due to the security sensitive nature of this the default
+ definition. Due to its security sensitive nature, the default
is set to off.</para>
</description>
<description>
<para>This parameter specifies a list of absolute pathnames
the root of which are allowed to be exported by user defined share definitions.
- If the pathname exported doesn't start with one of the strings in this
- list the user defined share will not be allowed. This allows the Samba
+ If the pathname to be exported doesn't start with one of the strings in this
+ list, the user defined share will not be allowed. This allows the Samba
administrator to restrict the directories on the system that can be
exported by user defined shares.
</para>
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>User defined shares only have limited possible parameters
- such as path, guest ok etc. This parameter allows usershares to
+ such as path, guest ok, etc. This parameter allows usershares to
"cloned" from an existing share. If "usershare template share"
is set to the name of an existing share, then all usershares
created have their defaults set from the parameters set on this
<para>If this parameter is enabled for a printer, then any attempt
to open the printer with the PRINTER_ACCESS_ADMINISTER right is mapped
to PRINTER_ACCESS_USE instead. Thus allowing the OpenPrinterEx()
- call to succeed. <emphasis>This parameter MUST not be able enabled
+ call to succeed. <emphasis>This parameter MUST not be enabled
on a print share which has valid print driver installed on the Samba
server.</emphasis></para>
</description>
and allows the open. If the user doesn't have permission to delete the file this will only be
discovered at close time, which is too late for the Windows user tools to display an error message
to the user. The symptom of this is files that appear to have been deleted "magically" re-appearing
- on a Windows explorer refersh. This is an extremely advanced protocol option which should not
+ on a Windows explorer refresh. This is an extremely advanced protocol option which should not
need to be changed. This parameter was introduced in its final form in 3.0.21, an earlier version
with slightly different semantics was introduced in 3.0.20. That older version is not documented here.
</para>
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>Hosts running the "Advanced Server for Unix (ASU)" product
- require some special accomodations such as creating a builting [ADMIN$]
+ require some special accomodations such as creating a builtin [ADMIN$]
share that only supports IPC connections. The has been the default
behavior in smbd for many years. However, certain Microsoft applications
such as the Print Migrator tool require that the remote server support
password hashes (e.g. Windows NT/2000, Samba, etc... but not
Windows 95/98) will be able to be connected from the Samba client.</para>
- <para>The LANMAN encrypted response is easily broken, due to it's
+ <para>The LANMAN encrypted response is easily broken, due to its
case-insensitive nature, and the choice of algorithm. Clients
without Windows 95/98 servers are advised to disable
this option. </para>
basic="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
- <para>This controls whether the client offers or requires
- the server it talks to to use SMB signing. Possible values
+ <para>This controls whether the client is allowed or required to use SMB signing. Possible values
are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis>
and <emphasis>disabled</emphasis>.
</para>
Windows 95/98 or the MS DOS network client) will be able to
connect to the Samba host.</para>
- <para>The LANMAN encrypted response is easily broken, due to it's
+ <para>The LANMAN encrypted response is easily broken, due to its
case-insensitive nature, and the choice of algorithm. Servers
without Windows 95/98/ME or MS DOS clients are advised to disable
this option. </para>
<para>By specifying the name of another SMB server
or Active Directory domain controller with this option,
and using <command moreinfo="none">security = [ads|domain|server]</command>
- it is possible to get Samba to
+ it is possible to get Samba
to do all its username/password validation using a specific remote server.</para>
<para>This option sets the name or IP address of the password server to use.
want to mainly setup shares without a password (guest shares). This
is commonly used for a shared printer server. It is more difficult
to setup guest shares with <command moreinfo="none">security = user</command>, see
- the <smbconfoption name="map to guest"/>parameter for details.</para>
+ the <smbconfoption name="map to guest"/> parameter for details.</para>
<para>It is possible to use <command moreinfo="none">smbd</command> in a <emphasis>
hybrid mode</emphasis> where it is offers both user and share
<para><anchor id="SECURITYEQUALSSHARE"/><emphasis>SECURITY = SHARE</emphasis></para>
- <para>When clients connect to a share level security server they
+ <para>When clients connect to a share level security server, they
need not log onto the server with a valid username and password before
attempting to connect to a shared resource (although modern clients
such as Windows 95/98 and Windows NT will send a logon request with
</para></note>
<note><para>From the client's point of
- view <command moreinfo="none">security = server</command> is the
+ view, <command moreinfo="none">security = server</command> is the
same as <command moreinfo="none">security = user</command>. It
only affects how the server deals with the authentication, it does
not in any way affect what the client sees.</para></note>
</para>
<para>
- Please note that with this set to <literal>no</literal> you will have to apply the WindowsXP
+ Please note that with this set to <literal>no</literal>, you will have to apply the WindowsXP
<filename>WinXP_SignOrSeal.reg</filename> registry patch found in the docs/registry subdirectory of the Samba distribution tarball.
</para>
</description>
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
- <para>This controls whether the server offers or requires
- the client it talks to to use SMB signing. Possible values
+ <para>This controls whether the client is allowed or required to use SMB signing. Possible values
are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis>
and <emphasis>disabled</emphasis>.
</para>
and MacOS/X clients. Windows clients do not support this feature.
</para>
- <para>This controls whether the server offers or requires
- the client it talks to to use SMB encryption. Possible values
+ <para>This controls whether the remote client is allowed or required to use SMB encryption. Possible values
are <emphasis>auto</emphasis>, <emphasis>mandatory</emphasis>
and <emphasis>disabled</emphasis>. This may be set on a per-share
basis, but clients may chose to encrypt the entire session, not
This boolean parameter allows a user logging on with a plaintext password to have their encrypted (hashed)
password in the smbpasswd file to be updated automatically as they log on. This option allows a site to
migrate from plaintext password authentication (users authenticate with plaintext password over the
- wire, and are checked against a UNIX account atabase) to encrypted password authentication (the SMB
+ wire, and are checked against a UNIX account database) to encrypted password authentication (the SMB
challenge/response authentication mechanism) without forcing all users to re-enter their passwords via
smbpasswd at the time the change is made. This is a convenience option to allow the change over to encrypted
passwords to be made over a longer period. Once all users have encrypted representations of their passwords
</para>
<para>
- Note that even when this parameter is set a user authenticating to <command moreinfo="none">smbd</command>
+ Note that even when this parameter is set, a user authenticating to <command moreinfo="none">smbd</command>
must still enter a valid password in order to connect correctly, and to update their hashed (smbpasswd)
passwords.
</para>
git.samba.org / samba.git / commitdiff