Ignore:
Timestamp:
May 26, 2007, 10:26:26 PM (14 years ago)
Author:
Paul Smedley
Message:

Upgrade source to 3.0.25a

Location:
trunk/samba/docs/htmldocs/manpages
Files:
57 edited

Legend:

Unmodified
Added
Removed
  • trunk/samba/docs/htmldocs/manpages/eventlogadm.8.html

    r22 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>eventlogadm</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="eventlogadm.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>eventlogadm &#8212; push records into the Samba event log store</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">eventlogadm</code>  [<code class="option">-d</code>] [<code class="option">-h</code>]  <code class="option">-o</code>
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>eventlogadm</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="eventlogadm.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>eventlogadm &#8212; push records into the Samba event log store</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">eventlogadm</code>  [<code class="option">-d</code>] [<code class="option">-h</code>]  <code class="option">-o</code>
    22                <code class="literal">addsource</code>
    33                <em class="replaceable"><code>EVENTLOG</code></em>
     
    77                <code class="literal">write</code>
    88                <em class="replaceable"><code>EVENTLOG</code></em>
    9                  </p></div></div><div class="refsect1" lang="en"><a name="id231177"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.1.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(1)</span></a> suite.</p><p><span><strong class="command">eventlogadm</strong></span> is a filter that accepts
     9                 </p></div></div><div class="refsect1" lang="en"><a name="id259595"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.1.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(1)</span></a> suite.</p><p><span><strong class="command">eventlogadm</strong></span> is a filter that accepts
    1010        formatted event log records on standard input and writes them
    1111        to the Samba event log store. Windows client can then manipulate
    12         these record using the usual administration tools.</p></div><div class="refsect1" lang="en"><a name="id231404"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term"><code class="option">-d</code></span></dt><dd><p>
     12        these record using the usual administration tools.</p></div><div class="refsect1" lang="en"><a name="id259373"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term"><code class="option">-d</code></span></dt><dd><p>
    1313                The <span><strong class="command">-d</strong></span> option causes <span><strong class="command">eventlogadm</strong></span> to emit debugging
    1414                information.
     
    3232                </p></dd><dt><span class="term"><code class="option">-h</code></span></dt><dd><p>
    3333                Print usage information.
    34                 </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id231519"></a><h2>EVENTLOG RECORD FORMAT</h2><p>For the write operation, <span><strong class="command">eventlogadm</strong></span>
     34                </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id260402"></a><h2>EVENTLOG RECORD FORMAT</h2><p>For the write operation, <span><strong class="command">eventlogadm</strong></span>
    3535        expects to be able to read structured records from standard
    3636        input. These records are a sequence of lines, with the record key
     
    8181                </p></li><li><p>
    8282                <span><strong class="command">DAT</strong></span> - This field should be left unset.
    83                 </p></li></ul></div></div><div class="refsect1" lang="en"><a name="id271754"></a><h2>EXAMPLES</h2><p>An example of the record format accepted by <span><strong class="command">eventlogadm</strong></span>:</p><pre class="programlisting">
     83                </p></li></ul></div></div><div class="refsect1" lang="en"><a name="id300454"></a><h2>EXAMPLES</h2><p>An example of the record format accepted by <span><strong class="command">eventlogadm</strong></span>:</p><pre class="programlisting">
    8484        LEN: 0
    8585        RS1: 1699505740
     
    104104                my_program_to_parse_into_eventlog_records | \\
    105105                eventlogadm SystemLogEvents
    106         </pre></div><div class="refsect1" lang="en"><a name="id271795"></a><h2>VERSION</h2><p>This man page is correct for version 3.0.25 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id271805"></a><h2>AUTHOR</h2><p> The original Samba software and related utilities were
     106        </pre></div><div class="refsect1" lang="en"><a name="id300495"></a><h2>VERSION</h2><p>This man page is correct for version 3.0.25 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id300505"></a><h2>AUTHOR</h2><p> The original Samba software and related utilities were
    107107        created by Andrew Tridgell.  Samba is now developed by the
    108108        Samba Team as an Open Source project similar to the way the
  • trunk/samba/docs/htmldocs/manpages/findsmb.1.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>findsmb</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="findsmb.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>findsmb &#8212; list info about machines that respond to SMB
    2         name queries on a subnet</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">findsmb</code>  [subnet broadcast address]</p></div></div><div class="refsect1" lang="en"><a name="id230769"></a><h2>DESCRIPTION</h2><p>This perl script is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a>
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>findsmb</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="findsmb.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>findsmb &#8212; list info about machines that respond to SMB
     2        name queries on a subnet</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">findsmb</code>  [subnet broadcast address]</p></div></div><div class="refsect1" lang="en"><a name="id259298"></a><h2>DESCRIPTION</h2><p>This perl script is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a>
    33        suite.</p><p><span><strong class="command">findsmb</strong></span> is a perl script that
    44        prints out several pieces of information about machines
     
    77        and <a href="smbclient.1.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(1)</span></a>
    88        to obtain this information.
    9         </p></div><div class="refsect1" lang="en"><a name="id231137"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-r</span></dt><dd><p>Controls whether <span><strong class="command">findsmb</strong></span> takes
     9        </p></div><div class="refsect1" lang="en"><a name="id259553"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-r</span></dt><dd><p>Controls whether <span><strong class="command">findsmb</strong></span> takes
    1010                bugs in Windows95 into account when trying to find a Netbios name
    1111                registered of the remote machine. This option is disabled by default
     
    1717                is run. This value is passed to
    1818                <a href="nmblookup.1.html"><span class="citerefentry"><span class="refentrytitle">nmblookup</span>(1)</span></a>
    19                 as part of the <code class="constant">-B</code> option.</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id231410"></a><h2>EXAMPLES</h2><p>The output of <span><strong class="command">findsmb</strong></span> lists the following
     19                as part of the <code class="constant">-B</code> option.</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id259376"></a><h2>EXAMPLES</h2><p>The output of <span><strong class="command">findsmb</strong></span> lists the following
    2020        information for all machines that respond to the initial
    2121        <span><strong class="command">nmblookup</strong></span> for any name: IP address, NetBIOS name,
     
    4949192.168.35.93   FROGSTAR-PC    [MVENGR] [Windows 5.0] [Windows 2000 LAN Manager]
    5050192.168.35.97   HERBNT1       *[HERB-NT] [Windows NT 4.0] [NT LAN Manager 4.0]
    51 </pre></div><div class="refsect1" lang="en"><a name="id231496"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of
    52         the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id231506"></a><h2>SEE ALSO</h2><p><a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a>,
     51</pre></div><div class="refsect1" lang="en"><a name="id260379"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of
     52        the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id260389"></a><h2>SEE ALSO</h2><p><a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a>,
    5353        <a href="smbclient.1.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(1)</span></a>, and <a href="nmblookup.1.html"><span class="citerefentry"><span class="refentrytitle">nmblookup</span>(1)</span></a>
    54         </p></div><div class="refsect1" lang="en"><a name="id231540"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     54        </p></div><div class="refsect1" lang="en"><a name="id260422"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    5555        were created by Andrew Tridgell. Samba is now developed
    5656        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/index.html

    r30 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title></title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="article" lang="en"><div class="titlepage"><hr></div><div class="variablelist"><dl><dt><span class="term"><a href="eventlogadm.8.html" target="_top">eventlogadm(8)</a></span></dt><dd><p>push records into the Samba event log store
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title></title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="article" lang="en"><div class="titlepage"><hr></div><div class="variablelist"><dl><dt><span class="term"><a href="eventlogadm.8.html" target="_top">eventlogadm(8)</a></span></dt><dd><p>push records into the Samba event log store
    22</p></dd><dt><span class="term"><a href="findsmb.1.html" target="_top">findsmb(1)</a></span></dt><dd><p>list info about machines that respond to SMB
    33        name queries on a subnet
     
    2626        MS-RPC functions
    2727</p></dd><dt><span class="term"><a href="samba.7.html" target="_top">samba(7)</a></span></dt><dd><p>A Windows SMB/CIFS fileserver for UNIX
    28 </p></dd><dt><span class="term"><a href="smb.conf.5.html" target="_top">smb.conf(5)</a></span></dt><dd><p>The configuration file for the Samba suite
    2928</p></dd><dt><span class="term"><a href="smbcacls.1.html" target="_top">smbcacls(1)</a></span></dt><dd><p>Set or get ACLs on an NT file or directory names
    3029</p></dd><dt><span class="term"><a href="smbclient.1.html" target="_top">smbclient(1)</a></span></dt><dd><p>ftp-like client to access SMB/CIFS resources
    3130        on servers
     31</p></dd><dt><span class="term"><a href="smb.conf.5.html" target="_top">smb.conf(5)</a></span></dt><dd><p>The configuration file for the Samba suite
    3232</p></dd><dt><span class="term"><a href="smbcontrol.1.html" target="_top">smbcontrol(1)</a></span></dt><dd><p>send messages to smbd, nmbd or winbindd processes
    3333</p></dd><dt><span class="term"><a href="smbcquotas.1.html" target="_top">smbcquotas(1)</a></span></dt><dd><p>Set or get QUOTAs of NTFS 5 shares
     
    6363</p></dd><dt><span class="term"><a href="vfs_extd_audit.8.html" target="_top">vfs_extd_audit(8)</a></span></dt><dd><p>record selected Samba VFS operations
    6464</p></dd><dt><span class="term"><a href="vfs_fake_perms.8.html" target="_top">vfs_fake_perms(8)</a></span></dt><dd><p>enable read only Roaming Profiles
    65 </p></dd><dt><span class="term"><a href="vfs_fam_notify.8.html" target="_top">vfs_fam_notify(8)</a></span></dt><dd><p>FAM support for file change notifications
    6665</p></dd><dt><span class="term"><a href="vfs_full_audit.8.html" target="_top">vfs_full_audit(8)</a></span></dt><dd><p>record Samba VFS operations in the system log
    6766</p></dd><dt><span class="term"><a href="vfs_gpfs.8.html" target="_top">vfs_gpfs(8)</a></span></dt><dd><p>gpfs specific samba extensions like acls and prealloc
    6867</p></dd><dt><span class="term"><a href="vfs_netatalk.8.html" target="_top">vfs_netatalk(8)</a></span></dt><dd><p>hide .AppleDouble files from CIFS clients
     68</p></dd><dt><span class="term"><a href="vfs_notify_fam.8.html" target="_top">vfs_notify_fam(8)</a></span></dt><dd><p>FAM support for file change notifications
    6969</p></dd><dt><span class="term"><a href="vfs_prealloc.8.html" target="_top">vfs_prealloc(8)</a></span></dt><dd><p>preallocate matching files to a predetermined size
    7070</p></dd><dt><span class="term"><a href="vfs_readahead.8.html" target="_top">vfs_readahead(8)</a></span></dt><dd><p>pre-load the kernel buffer cache
  • trunk/samba/docs/htmldocs/manpages/libsmbclient.7.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>libsmbclient</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="libsmbclient.7"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>libsmbclient &#8212; An extension library for browsers and that can be used as a generic browsing API.</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">Browser URL:</code> <p>
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>libsmbclient</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="libsmbclient.7"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>libsmbclient &#8212; An extension library for browsers and that can be used as a generic browsing API.</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">Browser URL:</code> <p>
    22        smb://[[[domain:]user[:password@]]server[/share[/path[/file]]]] [?options]
    3     </p></p></div></div><div class="refsect1" lang="en"><a name="id230766"></a><h2>DESCRIPTION</h2><p>
     3    </p></p></div></div><div class="refsect1" lang="en"><a name="id259294"></a><h2>DESCRIPTION</h2><p>
    44        This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.
    55        </p><p>
     
    1313        extension of the capabilities of tools such as file managers and browsers.  This man page describes the
    1414        configuration options for this tool so that the user may obtain greatest utility of use.
    15         </p></div><div class="refsect1" lang="en"><a name="id231134"></a><h2>OPTIONS</h2><p>
     15        </p></div><div class="refsect1" lang="en"><a name="id259550"></a><h2>OPTIONS</h2><p>
    1616        What the URLs mean:
    1717        </p><div class="variablelist"><dl><dt><span class="term">smb://</span></dt><dd><p>
     
    4545        parameter and will use its value when if the <code class="literal">user</code> parameter was not included
    4646        in the URL.
    47         </p></div><div class="refsect1" lang="en"><a name="id231454"></a><h2>PROGRAMMERS GUIDE</h2><p>
     47        </p></div><div class="refsect1" lang="en"><a name="id259420"></a><h2>PROGRAMMERS GUIDE</h2><p>
    4848        Watch this space for future updates.
    49         </p></div><div class="refsect1" lang="en"><a name="id231464"></a><h2>VERSION</h2><p>
     49        </p></div><div class="refsect1" lang="en"><a name="id259429"></a><h2>VERSION</h2><p>
    5050        This man page is correct for version 3.0 of the Samba suite.
    51         </p></div><div class="refsect1" lang="en"><a name="id231474"></a><h2>AUTHOR</h2><p>
     51        </p></div><div class="refsect1" lang="en"><a name="id260355"></a><h2>AUTHOR</h2><p>
    5252        The original Samba software and related utilities were created by Andrew Tridgell.
    5353        Samba is now developed by the Samba Team as an Open Source project similar to the way
  • trunk/samba/docs/htmldocs/manpages/lmhosts.5.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>lmhosts</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="lmhosts.5"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>lmhosts &#8212; The Samba NetBIOS hosts file</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><p><code class="filename">lmhosts</code> is the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> NetBIOS name to IP address mapping file.</p></div><div class="refsect1" lang="en"><a name="id230767"></a><h2>DESCRIPTION</h2><p>This file is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><code class="filename">lmhosts</code> is the <span class="emphasis"><em>Samba
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>lmhosts</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="lmhosts.5"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>lmhosts &#8212; The Samba NetBIOS hosts file</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><p><code class="filename">lmhosts</code> is the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> NetBIOS name to IP address mapping file.</p></div><div class="refsect1" lang="en"><a name="id259295"></a><h2>DESCRIPTION</h2><p>This file is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><code class="filename">lmhosts</code> is the <span class="emphasis"><em>Samba
    22        </em></span> NetBIOS name to IP address mapping file.  It
    33        is very similar to the <code class="filename">/etc/hosts</code> file
    44        format, except that the hostname component must correspond
    5         to the NetBIOS naming format.</p></div><div class="refsect1" lang="en"><a name="id231129"></a><h2>FILE FORMAT</h2><p>It is an ASCII file containing one line for NetBIOS name.
     5        to the NetBIOS naming format.</p></div><div class="refsect1" lang="en"><a name="id259546"></a><h2>FILE FORMAT</h2><p>It is an ASCII file containing one line for NetBIOS name.
    66        The two fields on each line are separated from each other by
    77        white space. Any entry beginning with '#' is ignored. Each line
     
    2626        type for a name "NTSERVER" is queried. Any other name type will not
    2727        be resolved.</p><p>The default location of the <code class="filename">lmhosts</code> file
    28         is in the same directory as the <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a> file.</p></div><div class="refsect1" lang="en"><a name="id231199"></a><h2>FILES</h2><p>lmhosts is loaded from the configuration directory. This is
     28        is in the same directory as the <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a> file.</p></div><div class="refsect1" lang="en"><a name="id259366"></a><h2>FILES</h2><p>lmhosts is loaded from the configuration directory. This is
    2929                usually <code class="filename">/etc/samba</code> or <code class="filename">/usr/local/samba/lib</code>.
    30         </p></div><div class="refsect1" lang="en"><a name="id231420"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id231430"></a><h2>SEE ALSO</h2><p><a href="smbclient.1.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(1)</span></a>, <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a>, and <a href="smbpasswd.8.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(8)</span></a>
    31         </p></div><div class="refsect1" lang="en"><a name="id231464"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     30        </p></div><div class="refsect1" lang="en"><a name="id259388"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id259398"></a><h2>SEE ALSO</h2><p><a href="smbclient.1.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(1)</span></a>, <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a>, and <a href="smbpasswd.8.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(8)</span></a>
     31        </p></div><div class="refsect1" lang="en"><a name="id259432"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    3232        were created by Andrew Tridgell. Samba is now developed
    3333        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/log2pcap.1.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>log2pcap</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="log2pcap.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>log2pcap &#8212; Extract network traces from Samba log files</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">log2pcap</code>  [-h] [-q] [logfile] [pcap_file]</p></div></div><div class="refsect1" lang="en"><a name="id230792"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">log2pcap</strong></span> reads in a
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>log2pcap</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="log2pcap.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>log2pcap &#8212; Extract network traces from Samba log files</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">log2pcap</code>  [-h] [-q] [logfile] [pcap_file]</p></div></div><div class="refsect1" lang="en"><a name="id259321"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">log2pcap</strong></span> reads in a
    22        samba log file and generates a pcap file (readable
    33        by most sniffers, such as ethereal or tcpdump) based on the packet
     
    66        right, <code class="constant">10</code> to get the first 512 data bytes of the
    77        packet and <code class="constant">50</code> to get the whole packet.
    8         </p></div><div class="refsect1" lang="en"><a name="id231165"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-h</span></dt><dd><p>If this parameter is
     8        </p></div><div class="refsect1" lang="en"><a name="id259582"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-h</span></dt><dd><p>If this parameter is
    99                specified the output file will be a
    1010                hex dump, in a format that is readable
     
    1818                to stdout.
    1919                </p></dd><dt><span class="term">-h|--help</span></dt><dd><p>Print a summary of command line options.
    20 </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id231439"></a><h2>EXAMPLES</h2><p>Extract all network traffic from all samba log files:</p><pre class="programlisting">
     20</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id259405"></a><h2>EXAMPLES</h2><p>Extract all network traffic from all samba log files:</p><pre class="programlisting">
    2121                        <code class="prompt">$</code> log2pcap &lt; /var/log/* &gt; trace.pcap
    2222        </pre><p>Convert to pcap using text2pcap:</p><pre class="programlisting">
    2323        <code class="prompt">$</code> log2pcap -h samba.log | text2pcap -T 139,139 - trace.pcap
    24         </pre></div><div class="refsect1" lang="en"><a name="id231478"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id231487"></a><h2>BUGS</h2><p>Only SMB data is extracted from the samba logs, no LDAP,
     24        </pre></div><div class="refsect1" lang="en"><a name="id260358"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id260368"></a><h2>BUGS</h2><p>Only SMB data is extracted from the samba logs, no LDAP,
    2525        NetBIOS lookup or other data.</p><p>The generated TCP and IP headers don't contain a valid
    26         checksum.</p></div><div class="refsect1" lang="en"><a name="id231502"></a><h2>SEE ALSO</h2><p><a href="text2pcap.1.html"><span class="citerefentry"><span class="refentrytitle">text2pcap</span>(1)</span></a>, <a href="ethereal.1.html"><span class="citerefentry"><span class="refentrytitle">ethereal</span>(1)</span></a></p></div><div class="refsect1" lang="en"><a name="id231524"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     26        checksum.</p></div><div class="refsect1" lang="en"><a name="id260383"></a><h2>SEE ALSO</h2><p><a href="text2pcap.1.html"><span class="citerefentry"><span class="refentrytitle">text2pcap</span>(1)</span></a>, <a href="ethereal.1.html"><span class="citerefentry"><span class="refentrytitle">ethereal</span>(1)</span></a></p></div><div class="refsect1" lang="en"><a name="id260406"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    2727        were created by Andrew Tridgell. Samba is now developed
    2828        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/mount.cifs.8.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>mount.cifs</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="mount.cifs.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>mount.cifs &#8212; mount using the Common Internet File System (CIFS)</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">mount.cifs</code>  {service} {mount-point} [-o options]</p></div></div><div class="refsect1" lang="en"><a name="id230784"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>mount.cifs mounts a Linux CIFS filesystem. It
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>mount.cifs</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="mount.cifs.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>mount.cifs &#8212; mount using the Common Internet File System (CIFS)</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">mount.cifs</code>  {service} {mount-point} [-o options]</p></div></div><div class="refsect1" lang="en"><a name="id259314"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>mount.cifs mounts a Linux CIFS filesystem. It
    22is usually invoked indirectly by
    33the <a href="mount.8.html"><span class="citerefentry"><span class="refentrytitle">mount</span>(8)</span></a> command when using the
     
    2121        </p><p><span class="emphasis"><em>mount.cifs</em></span> causes the cifs vfs to launch a thread named cifsd. After mounting it keeps running until
    2222                the mounted resource is unmounted (usually via the umount utility).
    23         </p></div><div class="refsect1" lang="en"><a name="id231168"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">user=<em class="replaceable"><code>arg</code></em></span></dt><dd><p>specifies the username to connect as. If
     23        </p></div><div class="refsect1" lang="en"><a name="id259585"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">user=<em class="replaceable"><code>arg</code></em></span></dt><dd><p>specifies the username to connect as. If
    2424                                this is not given, then the environment variable <span class="emphasis"><em>USER</em></span> is used. This option can also take the
    2525form "user%password" or "workgroup/user" or
     
    164164                </p></dd><dt><span class="term">noserverino</span></dt><dd><p>client generates inode numbers (rather than using the actual one
    165165                from the server) by default.
    166                 </p></dd><dt><span class="term">nouser_xattr</span></dt><dd><p>(default) Do not allow getfattr/setfattr to get/set xattrs, even if server would support it otherwise. </p></dd><dt><span class="term">rsize=<em class="replaceable"><code>arg</code></em></span></dt><dd><p>default network read size</p></dd><dt><span class="term">wsize=<em class="replaceable"><code>arg</code></em></span></dt><dd><p>default network write size</p></dd><dt><span class="term">--verbose</span></dt><dd><p>Print additional debugging information for the mount. Note that this parameter must be specified before the -o. For example:</p><p>mount -t cifs //server/share /mnt --verbose -o user=username</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id272078"></a><h2>ENVIRONMENT VARIABLES</h2><p>
     166                </p></dd><dt><span class="term">nouser_xattr</span></dt><dd><p>(default) Do not allow getfattr/setfattr to get/set xattrs, even if server would support it otherwise. </p></dd><dt><span class="term">rsize=<em class="replaceable"><code>arg</code></em></span></dt><dd><p>default network read size</p></dd><dt><span class="term">wsize=<em class="replaceable"><code>arg</code></em></span></dt><dd><p>default network write size</p></dd><dt><span class="term">--verbose</span></dt><dd><p>Print additional debugging information for the mount. Note that this parameter must be specified before the -o. For example:</p><p>mount -t cifs //server/share /mnt --verbose -o user=username</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id300777"></a><h2>ENVIRONMENT VARIABLES</h2><p>
    167167                The variable <span class="emphasis"><em>USER</em></span> may contain the username of the
    168168person to be used to authenticate to the server.
     
    176176of a file to read the password from. A single line of input is
    177177read and used as the password.
    178         </p></div><div class="refsect1" lang="en"><a name="id272109"></a><h2>NOTES</h2><p>This command may be used only by root, unless installed setuid, in which case the noeexec and nosuid mount flags are enabled.</p></div><div class="refsect1" lang="en"><a name="id272120"></a><h2>CONFIGURATION</h2><p>
     178        </p></div><div class="refsect1" lang="en"><a name="id300809"></a><h2>NOTES</h2><p>This command may be used only by root, unless installed setuid, in which case the noeexec and nosuid mount flags are enabled.</p></div><div class="refsect1" lang="en"><a name="id300820"></a><h2>CONFIGURATION</h2><p>
    179179The primary mechanism for making configuration changes and for reading
    180180debug information for the cifs vfs is via the Linux /proc filesystem.
     
    187187installation (device driver load).
    188188For more information see the kernel file <code class="filename">fs/cifs/README</code>.
    189 </p></div><div class="refsect1" lang="en"><a name="id272147"></a><h2>BUGS</h2><p>Mounting using the CIFS URL specification is currently not supported.
     189</p></div><div class="refsect1" lang="en"><a name="id300847"></a><h2>BUGS</h2><p>Mounting using the CIFS URL specification is currently not supported.
    190190        </p><p>The credentials file does not handle usernames or passwords with
    191191                leading space.</p><p>
     
    195195when reporting bugs (minimum: mount.cifs (try mount.cifs -V), kernel (see /proc/version) and
    196196server type you are trying to contact.
    197 </p></div><div class="refsect1" lang="en"><a name="id272168"></a><h2>VERSION</h2><p>This man page is correct for version 1.39 of
    198         the cifs vfs filesystem (roughly Linux kernel 2.6.15).</p></div><div class="refsect1" lang="en"><a name="id272178"></a><h2>SEE ALSO</h2><p>
     197</p></div><div class="refsect1" lang="en"><a name="id300867"></a><h2>VERSION</h2><p>This man page is correct for version 1.39 of
     198        the cifs vfs filesystem (roughly Linux kernel 2.6.15).</p></div><div class="refsect1" lang="en"><a name="id300878"></a><h2>SEE ALSO</h2><p>
    199199        Documentation/filesystems/cifs.txt and fs/cifs/README in the linux kernel
    200200        source tree may contain additional options and information.
    201 </p><p><a href="umount.cifs.8.html"><span class="citerefentry"><span class="refentrytitle">umount.cifs</span>(8)</span></a></p></div><div class="refsect1" lang="en"><a name="id272198"></a><h2>AUTHOR</h2><p>Steve French</p><p>The syntax and manpage were loosely based on that of smbmount. It
     201</p><p><a href="umount.cifs.8.html"><span class="citerefentry"><span class="refentrytitle">umount.cifs</span>(8)</span></a></p></div><div class="refsect1" lang="en"><a name="id300898"></a><h2>AUTHOR</h2><p>Steve French</p><p>The syntax and manpage were loosely based on that of smbmount. It
    202202                was converted to Docbook/XML by Jelmer Vernooij.</p><p>The maintainer of the Linux cifs vfs and the userspace
    203203                tool <span class="emphasis"><em>mount.cifs</em></span> is <a href="mailto:sfrench@samba.org" target="_top">Steve French</a>.
  • trunk/samba/docs/htmldocs/manpages/net.8.html

    r30 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>net</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="net.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>net &#8212; Tool for administration of Samba and remote
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>net</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="net.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>net &#8212; Tool for administration of Samba and remote
    22        CIFS servers.
    3         </p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">net</code>  {&lt;ads|rap|rpc&gt;} [-h] [-w workgroup] [-W myworkgroup] [-U user] [-I ip-address] [-p port] [-n myname] [-s conffile] [-S server] [-l] [-P] [-d debuglevel] [-V]</p></div></div><div class="refsect1" lang="en"><a name="id231193"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>The samba net utility is meant to work just like the net utility
     3        </p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">net</code>  {&lt;ads|rap|rpc&gt;} [-h] [-w workgroup] [-W myworkgroup] [-U user] [-I ip-address] [-p port] [-n myname] [-s conffile] [-S server] [-l] [-P] [-d debuglevel] [-V]</p></div></div><div class="refsect1" lang="en"><a name="id259362"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>The samba net utility is meant to work just like the net utility
    44        available for windows and DOS. The first argument should be used
    55        to specify the protocol to use when executing a certain command.
     
    88        argument is omitted, net will try to determine it automatically.
    99        Not all commands are available on all protocols.
    10         </p></div><div class="refsect1" lang="en"><a name="id231418"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-h|--help</span></dt><dd><p>Print a summary of command line options.
     10        </p></div><div class="refsect1" lang="en"><a name="id259387"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-h|--help</span></dt><dd><p>Print a summary of command line options.
    1111</p></dd><dt><span class="term">-w target-workgroup</span></dt><dd><p>
    1212                Sets target workgroup or domain. You have to specify
     
    2525                </p></dd><dt><span class="term">-n &lt;primary NetBIOS name&gt;</span></dt><dd><p>This option allows you to override
    2626the NetBIOS name that Samba uses for itself. This is identical
    27 to setting the <a class="indexterm" name="id231506"></a> parameter in the <code class="filename">smb.conf</code> file.
     27to setting the <a class="indexterm" name="id260390"></a> parameter in the <code class="filename">smb.conf</code> file.
    2828However, a command
    2929line setting will take precedence over settings in
     
    5454use only by developers and generate HUGE amounts of log
    5555data, most of which is extremely cryptic.</p><p>Note that specifying this parameter here will
    56 override the <a class="indexterm" name="id230555"></a> parameter
    57 in the <code class="filename">smb.conf</code> file.</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id230572"></a><h2>COMMANDS</h2><div class="refsect2" lang="en"><a name="id230577"></a><h3>CHANGESECRETPW</h3><p>This command allows the Samba machine account password to be set from an external application
     56override the <a class="indexterm" name="id260134"></a> parameter
     57in the <code class="filename">smb.conf</code> file.</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id260151"></a><h2>COMMANDS</h2><div class="refsect2" lang="en"><a name="id260156"></a><h3>CHANGESECRETPW</h3><p>This command allows the Samba machine account password to be set from an external application
    5858to a machine account password that has already been stored in Active Directory. DO NOT USE this command
    5959unless you know exactly what you are doing. The use of this command requires that the force flag (-f)
     
    6262this without care and attention as it will overwrite a legitimate machine password without warning.
    6363YOU HAVE BEEN WARNED.
    64 </p></div><div class="refsect2" lang="en"><a name="id230593"></a><h3>TIME</h3><p>The <span><strong class="command">NET TIME</strong></span> command allows you to view the time on a remote server
    65         or synchronise the time on the local server with the time on the remote server.</p><div class="refsect3" lang="en"><a name="id230609"></a><h4>TIME</h4><p>Without any options, the <span><strong class="command">NET TIME</strong></span> command
     64</p></div><div class="refsect2" lang="en"><a name="id260172"></a><h3>TIME</h3><p>The <span><strong class="command">NET TIME</strong></span> command allows you to view the time on a remote server
     65        or synchronise the time on the local server with the time on the remote server.</p><div class="refsect3" lang="en"><a name="id260188"></a><h4>TIME</h4><p>Without any options, the <span><strong class="command">NET TIME</strong></span> command
    6666displays the time on the remote server.
    67 </p></div><div class="refsect3" lang="en"><a name="id230625"></a><h4>TIME SYSTEM</h4><p>Displays the time on the remote server in a format ready for <span><strong class="command">/bin/date</strong></span></p></div><div class="refsect3" lang="en"><a name="id271740"></a><h4>TIME SET</h4><p>Tries to set the date and time of the local server to that on
    68 the remote server using <span><strong class="command">/bin/date</strong></span>. </p></div><div class="refsect3" lang="en"><a name="id271755"></a><h4>TIME ZONE</h4><p>Displays the timezone in hours from GMT on the remote computer.</p></div></div><div class="refsect2" lang="en"><a name="id271766"></a><h3>[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options]</h3><p>
     67</p></div><div class="refsect3" lang="en"><a name="id260203"></a><h4>TIME SYSTEM</h4><p>Displays the time on the remote server in a format ready for <span><strong class="command">/bin/date</strong></span></p></div><div class="refsect3" lang="en"><a name="id300441"></a><h4>TIME SET</h4><p>Tries to set the date and time of the local server to that on
     68the remote server using <span><strong class="command">/bin/date</strong></span>. </p></div><div class="refsect3" lang="en"><a name="id300456"></a><h4>TIME ZONE</h4><p>Displays the timezone in hours from GMT on the remote computer.</p></div></div><div class="refsect2" lang="en"><a name="id300467"></a><h3>[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options]</h3><p>
    6969Join a domain.  If the account already exists on the server, and
    7070[TYPE] is MEMBER, the machine will attempt to join automatically.
     
    8383and ldap, so it may need to be doubled or quadrupled to pass through,
    8484and it is not used as a delimiter.
    85 </p></div><div class="refsect2" lang="en"><a name="id271794"></a><h3>[RPC] OLDJOIN [options]</h3><p>Join a domain. Use the OLDJOIN option to join the domain
     85</p></div><div class="refsect2" lang="en"><a name="id300494"></a><h3>[RPC] OLDJOIN [options]</h3><p>Join a domain. Use the OLDJOIN option to join the domain
    8686using the old style of domain joining - you need to create a trust
    87 account in server manager first.</p></div><div class="refsect2" lang="en"><a name="id271805"></a><h3>[RPC|ADS] USER</h3><div class="refsect3" lang="en"><a name="id271810"></a><h4>[RPC|ADS] USER</h4><p>List all users</p></div><div class="refsect3" lang="en"><a name="id271820"></a><h4>[RPC|ADS] USER DELETE <em class="replaceable"><code>target</code></em></h4><p>Delete specified user</p></div><div class="refsect3" lang="en"><a name="id271833"></a><h4>[RPC|ADS] USER INFO <em class="replaceable"><code>target</code></em></h4><p>List the domain groups of a the specified user.</p></div><div class="refsect3" lang="en"><a name="id271846"></a><h4>[RPC|ADS] USER RENAME <em class="replaceable"><code>oldname</code></em> <em class="replaceable"><code>newname</code></em></h4><p>Rename specified user.</p></div><div class="refsect3" lang="en"><a name="id271862"></a><h4>[RPC|ADS] USER ADD <em class="replaceable"><code>name</code></em> [password] [-F user flags] [-C comment]</h4><p>Add specified user.</p></div></div><div class="refsect2" lang="en"><a name="id271877"></a><h3>[RPC|ADS] GROUP</h3><div class="refsect3" lang="en"><a name="id271882"></a><h4>[RPC|ADS] GROUP [misc options] [targets]</h4><p>List user groups.</p></div><div class="refsect3" lang="en"><a name="id271893"></a><h4>[RPC|ADS] GROUP DELETE <em class="replaceable"><code>name</code></em> [misc. options]</h4><p>Delete specified group.</p></div><div class="refsect3" lang="en"><a name="id271907"></a><h4>[RPC|ADS] GROUP ADD <em class="replaceable"><code>name</code></em> [-C comment]</h4><p>Create specified group.</p></div></div><div class="refsect2" lang="en"><a name="id271922"></a><h3>[RAP|RPC] SHARE</h3><div class="refsect3" lang="en"><a name="id271927"></a><h4>[RAP|RPC] SHARE [misc. options] [targets]</h4><p>Enumerates all exported resources (network shares) on target server.</p></div><div class="refsect3" lang="en"><a name="id271938"></a><h4>[RAP|RPC] SHARE ADD <em class="replaceable"><code>name=serverpath</code></em> [-C comment] [-M maxusers] [targets]</h4><p>Adds a share from a server (makes the export active). Maxusers
     87account in server manager first.</p></div><div class="refsect2" lang="en"><a name="id300505"></a><h3>[RPC|ADS] USER</h3><div class="refsect3" lang="en"><a name="id300510"></a><h4>[RPC|ADS] USER</h4><p>List all users</p></div><div class="refsect3" lang="en"><a name="id300520"></a><h4>[RPC|ADS] USER DELETE <em class="replaceable"><code>target</code></em></h4><p>Delete specified user</p></div><div class="refsect3" lang="en"><a name="id300532"></a><h4>[RPC|ADS] USER INFO <em class="replaceable"><code>target</code></em></h4><p>List the domain groups of a the specified user.</p></div><div class="refsect3" lang="en"><a name="id300545"></a><h4>[RPC|ADS] USER RENAME <em class="replaceable"><code>oldname</code></em> <em class="replaceable"><code>newname</code></em></h4><p>Rename specified user.</p></div><div class="refsect3" lang="en"><a name="id300561"></a><h4>[RPC|ADS] USER ADD <em class="replaceable"><code>name</code></em> [password] [-F user flags] [-C comment]</h4><p>Add specified user.</p></div></div><div class="refsect2" lang="en"><a name="id300576"></a><h3>[RPC|ADS] GROUP</h3><div class="refsect3" lang="en"><a name="id300582"></a><h4>[RPC|ADS] GROUP [misc options] [targets]</h4><p>List user groups.</p></div><div class="refsect3" lang="en"><a name="id300592"></a><h4>[RPC|ADS] GROUP DELETE <em class="replaceable"><code>name</code></em> [misc. options]</h4><p>Delete specified group.</p></div><div class="refsect3" lang="en"><a name="id300606"></a><h4>[RPC|ADS] GROUP ADD <em class="replaceable"><code>name</code></em> [-C comment]</h4><p>Create specified group.</p></div></div><div class="refsect2" lang="en"><a name="id300621"></a><h3>[RAP|RPC] SHARE</h3><div class="refsect3" lang="en"><a name="id300626"></a><h4>[RAP|RPC] SHARE [misc. options] [targets]</h4><p>Enumerates all exported resources (network shares) on target server.</p></div><div class="refsect3" lang="en"><a name="id300637"></a><h4>[RAP|RPC] SHARE ADD <em class="replaceable"><code>name=serverpath</code></em> [-C comment] [-M maxusers] [targets]</h4><p>Adds a share from a server (makes the export active). Maxusers
    8888specifies the number of users that can be connected to the
    89 share simultaneously.</p></div><div class="refsect3" lang="en"><a name="id271953"></a><h4>SHARE DELETE <em class="replaceable"><code>sharenam</code></em></h4><p>Delete specified share.</p></div></div><div class="refsect2" lang="en"><a name="id271967"></a><h3>[RPC|RAP] FILE</h3><div class="refsect3" lang="en"><a name="id271972"></a><h4>[RPC|RAP] FILE</h4><p>List all open files on remote server.</p></div><div class="refsect3" lang="en"><a name="id271983"></a><h4>[RPC|RAP] FILE CLOSE <em class="replaceable"><code>fileid</code></em></h4><p>Close file with specified <em class="replaceable"><code>fileid</code></em> on
    90 remote server.</p></div><div class="refsect3" lang="en"><a name="id271999"></a><h4>[RPC|RAP] FILE INFO <em class="replaceable"><code>fileid</code></em></h4><p>
     89share simultaneously.</p></div><div class="refsect3" lang="en"><a name="id300652"></a><h4>SHARE DELETE <em class="replaceable"><code>sharenam</code></em></h4><p>Delete specified share.</p></div></div><div class="refsect2" lang="en"><a name="id300666"></a><h3>[RPC|RAP] FILE</h3><div class="refsect3" lang="en"><a name="id300672"></a><h4>[RPC|RAP] FILE</h4><p>List all open files on remote server.</p></div><div class="refsect3" lang="en"><a name="id300682"></a><h4>[RPC|RAP] FILE CLOSE <em class="replaceable"><code>fileid</code></em></h4><p>Close file with specified <em class="replaceable"><code>fileid</code></em> on
     90remote server.</p></div><div class="refsect3" lang="en"><a name="id300698"></a><h4>[RPC|RAP] FILE INFO <em class="replaceable"><code>fileid</code></em></h4><p>
    9191Print information on specified <em class="replaceable"><code>fileid</code></em>.
    9292Currently listed are: file-id, username, locks, path, permissions.
    93 </p></div><div class="refsect3" lang="en"><a name="id272016"></a><h4>[RAP|RPC] FILE USER</h4><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div></div><div class="refsect2" lang="en"><a name="id272028"></a><h3>SESSION</h3><div class="refsect3" lang="en"><a name="id272034"></a><h4>RAP SESSION</h4><p>Without any other options, SESSION enumerates all active SMB/CIFS
    94 sessions on the target server.</p></div><div class="refsect3" lang="en"><a name="id272045"></a><h4>RAP SESSION DELETE|CLOSE <em class="replaceable"><code>CLIENT_NAME</code></em></h4><p>Close the specified sessions.</p></div><div class="refsect3" lang="en"><a name="id272057"></a><h4>RAP SESSION INFO <em class="replaceable"><code>CLIENT_NAME</code></em></h4><p>Give a list with all the open files in specified session.</p></div></div><div class="refsect2" lang="en"><a name="id272071"></a><h3>RAP SERVER <em class="replaceable"><code>DOMAIN</code></em></h3><p>List all servers in specified domain or workgroup. Defaults
    95 to local domain.</p></div><div class="refsect2" lang="en"><a name="id272084"></a><h3>RAP DOMAIN</h3><p>Lists all domains and workgroups visible on the
    96 current network.</p></div><div class="refsect2" lang="en"><a name="id272095"></a><h3>RAP PRINTQ</h3><div class="refsect3" lang="en"><a name="id272101"></a><h4>RAP PRINTQ LIST <em class="replaceable"><code>QUEUE_NAME</code></em></h4><p>Lists the specified print queue and print jobs on the server.
     93</p></div><div class="refsect3" lang="en"><a name="id300715"></a><h4>[RAP|RPC] FILE USER</h4><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div></div><div class="refsect2" lang="en"><a name="id300727"></a><h3>SESSION</h3><div class="refsect3" lang="en"><a name="id300733"></a><h4>RAP SESSION</h4><p>Without any other options, SESSION enumerates all active SMB/CIFS
     94sessions on the target server.</p></div><div class="refsect3" lang="en"><a name="id300744"></a><h4>RAP SESSION DELETE|CLOSE <em class="replaceable"><code>CLIENT_NAME</code></em></h4><p>Close the specified sessions.</p></div><div class="refsect3" lang="en"><a name="id300757"></a><h4>RAP SESSION INFO <em class="replaceable"><code>CLIENT_NAME</code></em></h4><p>Give a list with all the open files in specified session.</p></div></div><div class="refsect2" lang="en"><a name="id300771"></a><h3>RAP SERVER <em class="replaceable"><code>DOMAIN</code></em></h3><p>List all servers in specified domain or workgroup. Defaults
     95to local domain.</p></div><div class="refsect2" lang="en"><a name="id300784"></a><h3>RAP DOMAIN</h3><p>Lists all domains and workgroups visible on the
     96current network.</p></div><div class="refsect2" lang="en"><a name="id300794"></a><h3>RAP PRINTQ</h3><div class="refsect3" lang="en"><a name="id300800"></a><h4>RAP PRINTQ LIST <em class="replaceable"><code>QUEUE_NAME</code></em></h4><p>Lists the specified print queue and print jobs on the server.
    9797If the <em class="replaceable"><code>QUEUE_NAME</code></em> is omitted, all
    98 queues are listed.</p></div><div class="refsect3" lang="en"><a name="id272117"></a><h4>RAP PRINTQ DELETE <em class="replaceable"><code>JOBID</code></em></h4><p>Delete job with specified id.</p></div></div><div class="refsect2" lang="en"><a name="id272131"></a><h3>RAP VALIDATE <em class="replaceable"><code>user</code></em> [<em class="replaceable"><code>password</code></em>]</h3><p>
     98queues are listed.</p></div><div class="refsect3" lang="en"><a name="id300817"></a><h4>RAP PRINTQ DELETE <em class="replaceable"><code>JOBID</code></em></h4><p>Delete job with specified id.</p></div></div><div class="refsect2" lang="en"><a name="id300830"></a><h3>RAP VALIDATE <em class="replaceable"><code>user</code></em> [<em class="replaceable"><code>password</code></em>]</h3><p>
    9999Validate whether the specified user can log in to the
    100100remote server. If the password is not specified on the commandline, it
    101101will be prompted.
    102 </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect2" lang="en"><a name="id272154"></a><h3>RAP GROUPMEMBER</h3><div class="refsect3" lang="en"><a name="id272160"></a><h4>RAP GROUPMEMBER LIST <em class="replaceable"><code>GROUP</code></em></h4><p>List all members of the specified group.</p></div><div class="refsect3" lang="en"><a name="id272172"></a><h4>RAP GROUPMEMBER DELETE <em class="replaceable"><code>GROUP</code></em> <em class="replaceable"><code>USER</code></em></h4><p>Delete member from group.</p></div><div class="refsect3" lang="en"><a name="id272188"></a><h4>RAP GROUPMEMBER ADD <em class="replaceable"><code>GROUP</code></em> <em class="replaceable"><code>USER</code></em></h4><p>Add member to group.</p></div></div><div class="refsect2" lang="en"><a name="id272206"></a><h3>RAP ADMIN <em class="replaceable"><code>command</code></em></h3><p>Execute the specified <em class="replaceable"><code>command</code></em> on
     102</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect2" lang="en"><a name="id300853"></a><h3>RAP GROUPMEMBER</h3><div class="refsect3" lang="en"><a name="id300859"></a><h4>RAP GROUPMEMBER LIST <em class="replaceable"><code>GROUP</code></em></h4><p>List all members of the specified group.</p></div><div class="refsect3" lang="en"><a name="id300872"></a><h4>RAP GROUPMEMBER DELETE <em class="replaceable"><code>GROUP</code></em> <em class="replaceable"><code>USER</code></em></h4><p>Delete member from group.</p></div><div class="refsect3" lang="en"><a name="id300888"></a><h4>RAP GROUPMEMBER ADD <em class="replaceable"><code>GROUP</code></em> <em class="replaceable"><code>USER</code></em></h4><p>Add member to group.</p></div></div><div class="refsect2" lang="en"><a name="id300905"></a><h3>RAP ADMIN <em class="replaceable"><code>command</code></em></h3><p>Execute the specified <em class="replaceable"><code>command</code></em> on
    103103the remote server. Only works with OS/2 servers.
    104 </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect2" lang="en"><a name="id272227"></a><h3>RAP SERVICE</h3><div class="refsect3" lang="en"><a name="id272232"></a><h4>RAP SERVICE START <em class="replaceable"><code>NAME</code></em> [arguments...]</h4><p>Start the specified service on the remote server. Not implemented yet.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect3" lang="en"><a name="id272251"></a><h4>RAP SERVICE STOP</h4><p>Stop the specified service on the remote server.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div></div><div class="refsect2" lang="en"><a name="id272267"></a><h3>RAP PASSWORD <em class="replaceable"><code>USER</code></em> <em class="replaceable"><code>OLDPASS</code></em> <em class="replaceable"><code>NEWPASS</code></em></h3><p>
     104</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect2" lang="en"><a name="id300926"></a><h3>RAP SERVICE</h3><div class="refsect3" lang="en"><a name="id300932"></a><h4>RAP SERVICE START <em class="replaceable"><code>NAME</code></em> [arguments...]</h4><p>Start the specified service on the remote server. Not implemented yet.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect3" lang="en"><a name="id300950"></a><h4>RAP SERVICE STOP</h4><p>Stop the specified service on the remote server.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div></div><div class="refsect2" lang="en"><a name="id300967"></a><h3>RAP PASSWORD <em class="replaceable"><code>USER</code></em> <em class="replaceable"><code>OLDPASS</code></em> <em class="replaceable"><code>NEWPASS</code></em></h3><p>
    105105Change password of <em class="replaceable"><code>USER</code></em> from <em class="replaceable"><code>OLDPASS</code></em> to <em class="replaceable"><code>NEWPASS</code></em>.
    106 </p></div><div class="refsect2" lang="en"><a name="id272298"></a><h3>LOOKUP</h3><div class="refsect3" lang="en"><a name="id272303"></a><h4>LOOKUP HOST <em class="replaceable"><code>HOSTNAME</code></em> [<em class="replaceable"><code>TYPE</code></em>]</h4><p>
     106</p></div><div class="refsect2" lang="en"><a name="id300997"></a><h3>LOOKUP</h3><div class="refsect3" lang="en"><a name="id301003"></a><h4>LOOKUP HOST <em class="replaceable"><code>HOSTNAME</code></em> [<em class="replaceable"><code>TYPE</code></em>]</h4><p>
    107107Lookup the IP address of the given host with the specified type (netbios suffix).
    108108The type defaults to 0x20 (workstation).
    109 </p></div><div class="refsect3" lang="en"><a name="id272321"></a><h4>LOOKUP LDAP [<em class="replaceable"><code>DOMAIN</code></em></h4><p>Give IP address of LDAP server of specified <em class="replaceable"><code>DOMAIN</code></em>. Defaults to local domain.</p></div><div class="refsect3" lang="en"><a name="id272338"></a><h4>LOOKUP KDC [<em class="replaceable"><code>REALM</code></em>]</h4><p>Give IP address of KDC for the specified <em class="replaceable"><code>REALM</code></em>.
    110 Defaults to local realm.</p></div><div class="refsect3" lang="en"><a name="id272356"></a><h4>LOOKUP DC [<em class="replaceable"><code>DOMAIN</code></em>]</h4><p>Give IP's of Domain Controllers for specified <em class="replaceable"><code>
    111 DOMAIN</code></em>. Defaults to local domain.</p></div><div class="refsect3" lang="en"><a name="id272374"></a><h4>LOOKUP MASTER <em class="replaceable"><code>DOMAIN</code></em></h4><p>Give IP of master browser for specified <em class="replaceable"><code>DOMAIN</code></em>
    112 or workgroup. Defaults to local domain.</p></div></div><div class="refsect2" lang="en"><a name="id272391"></a><h3>CACHE</h3><p>Samba uses a general caching interface called 'gencache'. It
     109</p></div><div class="refsect3" lang="en"><a name="id301021"></a><h4>LOOKUP LDAP [<em class="replaceable"><code>DOMAIN</code></em></h4><p>Give IP address of LDAP server of specified <em class="replaceable"><code>DOMAIN</code></em>. Defaults to local domain.</p></div><div class="refsect3" lang="en"><a name="id301037"></a><h4>LOOKUP KDC [<em class="replaceable"><code>REALM</code></em>]</h4><p>Give IP address of KDC for the specified <em class="replaceable"><code>REALM</code></em>.
     110Defaults to local realm.</p></div><div class="refsect3" lang="en"><a name="id301055"></a><h4>LOOKUP DC [<em class="replaceable"><code>DOMAIN</code></em>]</h4><p>Give IP's of Domain Controllers for specified <em class="replaceable"><code>
     111DOMAIN</code></em>. Defaults to local domain.</p></div><div class="refsect3" lang="en"><a name="id301073"></a><h4>LOOKUP MASTER <em class="replaceable"><code>DOMAIN</code></em></h4><p>Give IP of master browser for specified <em class="replaceable"><code>DOMAIN</code></em>
     112or workgroup. Defaults to local domain.</p></div></div><div class="refsect2" lang="en"><a name="id301091"></a><h3>CACHE</h3><p>Samba uses a general caching interface called 'gencache'. It
    113113can be controlled using 'NET CACHE'.</p><p>All the timeout parameters support the suffixes:
    114114
    115115</p><table class="simplelist" border="0" summary="Simple list"><tr><td>s - Seconds</td></tr><tr><td>m - Minutes</td></tr><tr><td>h - Hours</td></tr><tr><td>d - Days</td></tr><tr><td>w - Weeks</td></tr></table><p>
    116116
    117 </p><div class="refsect3" lang="en"><a name="id272428"></a><h4>CACHE ADD <em class="replaceable"><code>key</code></em> <em class="replaceable"><code>data</code></em> <em class="replaceable"><code>time-out</code></em></h4><p>Add specified key+data to the cache with the given timeout.</p></div><div class="refsect3" lang="en"><a name="id272447"></a><h4>CACHE DEL <em class="replaceable"><code>key</code></em></h4><p>Delete key from the cache.</p></div><div class="refsect3" lang="en"><a name="id272460"></a><h4>CACHE SET <em class="replaceable"><code>key</code></em> <em class="replaceable"><code>data</code></em> <em class="replaceable"><code>time-out</code></em></h4><p>Update data of existing cache entry.</p></div><div class="refsect3" lang="en"><a name="id272479"></a><h4>CACHE SEARCH <em class="replaceable"><code>PATTERN</code></em></h4><p>Search for the specified pattern in the cache data.</p></div><div class="refsect3" lang="en"><a name="id272492"></a><h4>CACHE LIST</h4><p>
     117</p><div class="refsect3" lang="en"><a name="id301127"></a><h4>CACHE ADD <em class="replaceable"><code>key</code></em> <em class="replaceable"><code>data</code></em> <em class="replaceable"><code>time-out</code></em></h4><p>Add specified key+data to the cache with the given timeout.</p></div><div class="refsect3" lang="en"><a name="id301146"></a><h4>CACHE DEL <em class="replaceable"><code>key</code></em></h4><p>Delete key from the cache.</p></div><div class="refsect3" lang="en"><a name="id301159"></a><h4>CACHE SET <em class="replaceable"><code>key</code></em> <em class="replaceable"><code>data</code></em> <em class="replaceable"><code>time-out</code></em></h4><p>Update data of existing cache entry.</p></div><div class="refsect3" lang="en"><a name="id301178"></a><h4>CACHE SEARCH <em class="replaceable"><code>PATTERN</code></em></h4><p>Search for the specified pattern in the cache data.</p></div><div class="refsect3" lang="en"><a name="id301191"></a><h4>CACHE LIST</h4><p>
    118118List all current items in the cache.
    119 </p></div><div class="refsect3" lang="en"><a name="id272502"></a><h4>CACHE FLUSH</h4><p>Remove all the current items from the cache.</p></div></div><div class="refsect2" lang="en"><a name="id272514"></a><h3>GETLOCALSID [DOMAIN]</h3><p>Print the SID of the specified domain, or if the parameter is
    120 omitted, the SID of the domain the local server is in.</p></div><div class="refsect2" lang="en"><a name="id272524"></a><h3>SETLOCALSID S-1-5-21-x-y-z</h3><p>Sets domain sid for the local server to the specified SID.</p></div><div class="refsect2" lang="en"><a name="id272535"></a><h3>GROUPMAP</h3><p>Manage the mappings between Windows group SIDs and UNIX groups.
     119</p></div><div class="refsect3" lang="en"><a name="id301201"></a><h4>CACHE FLUSH</h4><p>Remove all the current items from the cache.</p></div></div><div class="refsect2" lang="en"><a name="id301213"></a><h3>GETLOCALSID [DOMAIN]</h3><p>Print the SID of the specified domain, or if the parameter is
     120omitted, the SID of the domain the local server is in.</p></div><div class="refsect2" lang="en"><a name="id301224"></a><h3>SETLOCALSID S-1-5-21-x-y-z</h3><p>Sets domain sid for the local server to the specified SID.</p></div><div class="refsect2" lang="en"><a name="id301234"></a><h3>GROUPMAP</h3><p>Manage the mappings between Windows group SIDs and UNIX groups.
    121121Parameters take the for "parameter=value".  Common options include:</p><div class="itemizedlist"><ul type="disc"><li><p>unixgroup - Name of the UNIX group</p></li><li><p>ntgroup - Name of the Windows NT group (must be
    122122  resolvable to a SID</p></li><li><p>rid - Unsigned 32-bit integer</p></li><li><p>sid - Full SID in the form of "S-1-..."</p></li><li><p>type - Type of the group; either 'domain', 'local',
    123   or 'builtin'</p></li><li><p>comment - Freeform text description of the group</p></li></ul></div><div class="refsect3" lang="en"><a name="id272577"></a><h4>GROUPMAP ADD</h4><p>
     123  or 'builtin'</p></li><li><p>comment - Freeform text description of the group</p></li></ul></div><div class="refsect3" lang="en"><a name="id301276"></a><h4>GROUPMAP ADD</h4><p>
    124124Add a new group mapping entry:
    125125</p><pre class="programlisting">
     
    127127      [type={domain|local}] [ntgroup=string] [comment=string]
    128128</pre><p>
    129 </p></div><div class="refsect3" lang="en"><a name="id272594"></a><h4>GROUPMAP DELETE</h4><p>Delete a group mapping entry. If more then one group name matches, the first entry found is deleted.</p><p>net groupmap delete {ntgroup=string|sid=SID}</p></div><div class="refsect3" lang="en"><a name="id272608"></a><h4>GROUPMAP MODIFY</h4><p>Update en existing group entry</p><p>
     129</p></div><div class="refsect3" lang="en"><a name="id301293"></a><h4>GROUPMAP DELETE</h4><p>Delete a group mapping entry. If more then one group name matches, the first entry found is deleted.</p><p>net groupmap delete {ntgroup=string|sid=SID}</p></div><div class="refsect3" lang="en"><a name="id301308"></a><h4>GROUPMAP MODIFY</h4><p>Update en existing group entry</p><p>
    130130</p><pre class="programlisting">
    131131net groupmap modify {ntgroup=string|sid=SID} [unixgroup=string] \
    132132       [comment=string] [type={domain|local}]
    133133</pre><p>
    134 </p></div><div class="refsect3" lang="en"><a name="id272628"></a><h4>GROUPMAP LIST</h4><p>List existing group mapping entries</p><p>net groupmap list [verbose] [ntgroup=string] [sid=SID]</p></div></div><div class="refsect2" lang="en"><a name="id272644"></a><h3>MAXRID</h3><p>Prints out the highest RID currently in use on the local
     134</p></div><div class="refsect3" lang="en"><a name="id301328"></a><h4>GROUPMAP LIST</h4><p>List existing group mapping entries</p><p>net groupmap list [verbose] [ntgroup=string] [sid=SID]</p></div></div><div class="refsect2" lang="en"><a name="id301343"></a><h3>MAXRID</h3><p>Prints out the highest RID currently in use on the local
    135135server (by the active 'passdb backend').
    136 </p></div><div class="refsect2" lang="en"><a name="id272654"></a><h3>RPC INFO</h3><p>Print information about the domain of the remote server,
     136</p></div><div class="refsect2" lang="en"><a name="id301354"></a><h3>RPC INFO</h3><p>Print information about the domain of the remote server,
    137137such as domain name, domain sid and number of users and groups.
    138 </p></div><div class="refsect2" lang="en"><a name="id272665"></a><h3>[RPC|ADS] TESTJOIN</h3><p>Check whether participation in a domain is still valid.</p></div><div class="refsect2" lang="en"><a name="id272676"></a><h3>[RPC|ADS] CHANGETRUSTPW</h3><p>Force change of domain trust password.</p></div><div class="refsect2" lang="en"><a name="id272686"></a><h3>RPC TRUSTDOM</h3><div class="refsect3" lang="en"><a name="id272692"></a><h4>RPC TRUSTDOM ADD <em class="replaceable"><code>DOMAIN</code></em></h4><p>Add a interdomain trust account for
     138</p></div><div class="refsect2" lang="en"><a name="id301365"></a><h3>[RPC|ADS] TESTJOIN</h3><p>Check whether participation in a domain is still valid.</p></div><div class="refsect2" lang="en"><a name="id301375"></a><h3>[RPC|ADS] CHANGETRUSTPW</h3><p>Force change of domain trust password.</p></div><div class="refsect2" lang="en"><a name="id301385"></a><h3>RPC TRUSTDOM</h3><div class="refsect3" lang="en"><a name="id301391"></a><h4>RPC TRUSTDOM ADD <em class="replaceable"><code>DOMAIN</code></em></h4><p>Add a interdomain trust account for
    139139<em class="replaceable"><code>DOMAIN</code></em> to the remote server.
    140 </p></div><div class="refsect3" lang="en"><a name="id272708"></a><h4>RPC TRUSTDOM DEL <em class="replaceable"><code>DOMAIM</code></em></h4><p>Remove interdomain trust account for
     140</p></div><div class="refsect3" lang="en"><a name="id301407"></a><h4>RPC TRUSTDOM DEL <em class="replaceable"><code>DOMAIM</code></em></h4><p>Remove interdomain trust account for
    141141<em class="replaceable"><code>DOMAIN</code></em> from the remote server.
    142 </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect3" lang="en"><a name="id272729"></a><h4>RPC TRUSTDOM ESTABLISH <em class="replaceable"><code>DOMAIN</code></em></h4><p>
     142</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Currently NOT implemented.</p></div></div><div class="refsect3" lang="en"><a name="id301429"></a><h4>RPC TRUSTDOM ESTABLISH <em class="replaceable"><code>DOMAIN</code></em></h4><p>
    143143Establish a trust relationship to a trusting domain.
    144144Interdomain account must already be created on the remote PDC.
    145 </p></div><div class="refsect3" lang="en"><a name="id272743"></a><h4>RPC TRUSTDOM REVOKE <em class="replaceable"><code>DOMAIN</code></em></h4><p>Abandon relationship to trusted domain</p></div><div class="refsect3" lang="en"><a name="id272755"></a><h4>RPC TRUSTDOM LIST</h4><p>List all current interdomain trust relationships.</p></div><div class="refsect3" lang="en"><a name="id272766"></a><h4>RPC RIGHTS</h4><p>This subcommand is used to view and manage Samba's rights assignments (also
     145</p></div><div class="refsect3" lang="en"><a name="id301442"></a><h4>RPC TRUSTDOM REVOKE <em class="replaceable"><code>DOMAIN</code></em></h4><p>Abandon relationship to trusted domain</p></div><div class="refsect3" lang="en"><a name="id301455"></a><h4>RPC TRUSTDOM LIST</h4><p>List all current interdomain trust relationships.</p></div><div class="refsect3" lang="en"><a name="id301465"></a><h4>RPC RIGHTS</h4><p>This subcommand is used to view and manage Samba's rights assignments (also
    146146referred to as privileges).  There are three options current available:
    147147<em class="parameter"><code>list</code></em>, <em class="parameter"><code>grant</code></em>, and
    148148<em class="parameter"><code>revoke</code></em>.  More details on Samba's privilege model and its use
    149 can be found in the Samba-HOWTO-Collection.</p></div></div><div class="refsect2" lang="en"><a name="id272797"></a><h3>RPC ABORTSHUTDOWN</h3><p>Abort the shutdown of a remote server.</p></div><div class="refsect2" lang="en"><a name="id272807"></a><h3>RPC SHUTDOWN [-t timeout] [-r] [-f] [-C message]</h3><p>Shut down the remote server.</p><div class="variablelist"><dl><dt><span class="term">-r</span></dt><dd><p>
     149can be found in the Samba-HOWTO-Collection.</p></div></div><div class="refsect2" lang="en"><a name="id301496"></a><h3>RPC ABORTSHUTDOWN</h3><p>Abort the shutdown of a remote server.</p></div><div class="refsect2" lang="en"><a name="id301506"></a><h3>RPC SHUTDOWN [-t timeout] [-r] [-f] [-C message]</h3><p>Shut down the remote server.</p><div class="variablelist"><dl><dt><span class="term">-r</span></dt><dd><p>
    150150Reboot after shutdown.
    151151</p></dd><dt><span class="term">-f</span></dt><dd><p>
     
    155155user of the system can use this time to cancel the shutdown.
    156156</p></dd><dt><span class="term">-C message</span></dt><dd><p>Display the specified message on the screen to
    157 announce the shutdown.</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id272867"></a><h3>RPC SAMDUMP</h3><p>Print out sam database of remote server. You need
    158 to run this against the PDC, from a Samba machine joined as a BDC. </p></div><div class="refsect2" lang="en"><a name="id272878"></a><h3>RPC VAMPIRE</h3><p>Export users, aliases and groups from remote server to
     157announce the shutdown.</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id301566"></a><h3>RPC SAMDUMP</h3><p>Print out sam database of remote server. You need
     158to run this against the PDC, from a Samba machine joined as a BDC. </p></div><div class="refsect2" lang="en"><a name="id301577"></a><h3>RPC VAMPIRE</h3><p>Export users, aliases and groups from remote server to
    159159local server.  You need to run this against the PDC, from a Samba machine joined as a BDC.
    160 </p></div><div class="refsect2" lang="en"><a name="id272889"></a><h3>RPC GETSID</h3><p>Fetch domain SID and store it in the local <code class="filename">secrets.tdb</code>. </p></div><div class="refsect2" lang="en"><a name="id272905"></a><h3>ADS LEAVE</h3><p>Make the remote host leave the domain it is part of. </p></div><div class="refsect2" lang="en"><a name="id272915"></a><h3>ADS STATUS</h3><p>Print out status of machine account of the local machine in ADS.
     160</p></div><div class="refsect2" lang="en"><a name="id301588"></a><h3>RPC GETSID</h3><p>Fetch domain SID and store it in the local <code class="filename">secrets.tdb</code>. </p></div><div class="refsect2" lang="en"><a name="id301604"></a><h3>ADS LEAVE</h3><p>Make the remote host leave the domain it is part of. </p></div><div class="refsect2" lang="en"><a name="id301615"></a><h3>ADS STATUS</h3><p>Print out status of machine account of the local machine in ADS.
    161161Prints out quite some debug info. Aimed at developers, regular
    162 users should use <span><strong class="command">NET ADS TESTJOIN</strong></span>.</p></div><div class="refsect2" lang="en"><a name="id272932"></a><h3>ADS PRINTER</h3><div class="refsect3" lang="en"><a name="id272938"></a><h4>ADS PRINTER INFO [<em class="replaceable"><code>PRINTER</code></em>] [<em class="replaceable"><code>SERVER</code></em>]</h4><p>
     162users should use <span><strong class="command">NET ADS TESTJOIN</strong></span>.</p></div><div class="refsect2" lang="en"><a name="id301632"></a><h3>ADS PRINTER</h3><div class="refsect3" lang="en"><a name="id301637"></a><h4>ADS PRINTER INFO [<em class="replaceable"><code>PRINTER</code></em>] [<em class="replaceable"><code>SERVER</code></em>]</h4><p>
    163163Lookup info for <em class="replaceable"><code>PRINTER</code></em> on <em class="replaceable"><code>SERVER</code></em>. The printer name defaults to "*", the
    164 server name defaults to the local host.</p></div><div class="refsect3" lang="en"><a name="id272963"></a><h4>ADS PRINTER PUBLISH <em class="replaceable"><code>PRINTER</code></em></h4><p>Publish specified printer using ADS.</p></div><div class="refsect3" lang="en"><a name="id272976"></a><h4>ADS PRINTER REMOVE <em class="replaceable"><code>PRINTER</code></em></h4><p>Remove specified printer from ADS directory.</p></div></div><div class="refsect2" lang="en"><a name="id272990"></a><h3>ADS SEARCH <em class="replaceable"><code>EXPRESSION</code></em> <em class="replaceable"><code>ATTRIBUTES...</code></em></h3><p>Perform a raw LDAP search on a ADS server and dump the results. The
     164server name defaults to the local host.</p></div><div class="refsect3" lang="en"><a name="id301662"></a><h4>ADS PRINTER PUBLISH <em class="replaceable"><code>PRINTER</code></em></h4><p>Publish specified printer using ADS.</p></div><div class="refsect3" lang="en"><a name="id301675"></a><h4>ADS PRINTER REMOVE <em class="replaceable"><code>PRINTER</code></em></h4><p>Remove specified printer from ADS directory.</p></div></div><div class="refsect2" lang="en"><a name="id301689"></a><h3>ADS SEARCH <em class="replaceable"><code>EXPRESSION</code></em> <em class="replaceable"><code>ATTRIBUTES...</code></em></h3><p>Perform a raw LDAP search on a ADS server and dump the results. The
    165165expression is a standard LDAP search expression, and the
    166166attributes are a list of LDAP fields to show in the results.</p><p>Example: <strong class="userinput"><code>net ads search '(objectCategory=group)' sAMAccountName</code></strong>
    167 </p></div><div class="refsect2" lang="en"><a name="id273016"></a><h3>ADS DN <em class="replaceable"><code>DN</code></em> <em class="replaceable"><code>(attributes)</code></em></h3><p>
     167</p></div><div class="refsect2" lang="en"><a name="id301716"></a><h3>ADS DN <em class="replaceable"><code>DN</code></em> <em class="replaceable"><code>(attributes)</code></em></h3><p>
    168168Perform a raw LDAP search on a ADS server and dump the results. The
    169169DN standard LDAP DN, and the attributes are a list of LDAP fields
    170170to show in the result.
    171 </p><p>Example: <strong class="userinput"><code>net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' SAMAccountName</code></strong></p></div><div class="refsect2" lang="en"><a name="id273042"></a><h3>ADS WORKGROUP</h3><p>Print out workgroup name for specified kerberos realm.</p></div><div class="refsect2" lang="en"><a name="id273052"></a><h3>SAM CREATEBUILTINGROUP &lt;NAME&gt;</h3><p>
     171</p><p>Example: <strong class="userinput"><code>net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' SAMAccountName</code></strong></p></div><div class="refsect2" lang="en"><a name="id301741"></a><h3>ADS WORKGROUP</h3><p>Print out workgroup name for specified kerberos realm.</p></div><div class="refsect2" lang="en"><a name="id301752"></a><h3>SAM CREATEBUILTINGROUP &lt;NAME&gt;</h3><p>
    172172(Re)Create a BUILTIN group.
    173173Only a wellknown set of BUILTIN groups can be created with this command.
     
    179179This command requires a running Winbindd with idmap allocation properly
    180180configured. The group gid will be allocated out of the winbindd range.
    181 </p></div><div class="refsect2" lang="en"><a name="id273067"></a><h3>SAM CREATELOCALGROUP &lt;NAME&gt;</h3><p>
     181</p></div><div class="refsect2" lang="en"><a name="id301766"></a><h3>SAM CREATELOCALGROUP &lt;NAME&gt;</h3><p>
    182182Create a LOCAL group (also known as Alias).
    183183
    184184This command requires a running Winbindd with idmap allocation properly
    185185configured. The group gid will be allocated out of the winbindd range.
    186 </p></div><div class="refsect2" lang="en"><a name="id273078"></a><h3>SAM MAPUNIXGROUP &lt;NAME&gt;</h3><p>
     186</p></div><div class="refsect2" lang="en"><a name="id301778"></a><h3>SAM DELETELOCALGROUP &lt;NAME&gt;</h3><p>
     187Delete an existing LOCAL group (also known as Alias).
     188
     189</p></div><div class="refsect2" lang="en"><a name="id301788"></a><h3>SAM MAPUNIXGROUP &lt;NAME&gt;</h3><p>
    187190Map an existing Unix group and make it a Domain Group, the domain group
    188191will have the same name.
    189 </p></div><div class="refsect2" lang="en"><a name="id273089"></a><h3>SAM ADDMEM &lt;GROUP&gt; &lt;MEMBER&gt;</h3><p>
     192</p></div><div class="refsect2" lang="en"><a name="id301799"></a><h3>SAM ADDMEM &lt;GROUP&gt; &lt;MEMBER&gt;</h3><p>
    190193Add a member to a Local group. The group can be specified only by name,
    191194the member can be specified by name or SID.
    192 </p></div><div class="refsect2" lang="en"><a name="id273101"></a><h3>SAM DELMEM  &lt;GROUP&gt; &lt;MEMBER&gt;</h3><p>
     195</p></div><div class="refsect2" lang="en"><a name="id301811"></a><h3>SAM DELMEM  &lt;GROUP&gt; &lt;MEMBER&gt;</h3><p>
    193196Remove a member from a Local group. The group and the member must be
    194197specified by name.
    195 </p></div><div class="refsect2" lang="en"><a name="id273112"></a><h3>SAM LISTMEM &lt;GROUP&gt;</h3><p>
     198</p></div><div class="refsect2" lang="en"><a name="id301822"></a><h3>SAM LISTMEM &lt;GROUP&gt;</h3><p>
    196199List Local group members. The group must be specified by name.
    197 </p></div><div class="refsect2" lang="en"><a name="id273123"></a><h3>SAM LIST &lt;users|groups|localgroups|builtin|workstations&gt; [verbose]</h3><p>
     200</p></div><div class="refsect2" lang="en"><a name="id301833"></a><h3>SAM LIST &lt;users|groups|localgroups|builtin|workstations&gt; [verbose]</h3><p>
    198201List the specified set of accounts by name. If verbose is specified,
    199202the rid and description is also provided for each account.
    200 </p></div><div class="refsect2" lang="en"><a name="id273135"></a><h3>SAM SHOW &lt;NAME&gt;</h3><p>
     203</p></div><div class="refsect2" lang="en"><a name="id301845"></a><h3>SAM SHOW &lt;NAME&gt;</h3><p>
    201204Show the full DOMAIN\\NAME the SID and the type for the corrisponding
    202205account.
    203 </p></div><div class="refsect2" lang="en"><a name="id273145"></a><h3>SAM SET HOMEDIR &lt;NAME&gt; &lt;DIRECTORY&gt;</h3><p>
     206</p></div><div class="refsect2" lang="en"><a name="id301855"></a><h3>SAM SET HOMEDIR &lt;NAME&gt; &lt;DIRECTORY&gt;</h3><p>
    204207Set the home directory for a user account.
    205 </p></div><div class="refsect2" lang="en"><a name="id273156"></a><h3>SAM SET PROFILEPATH &lt;NAME&gt; &lt;PATH&gt;</h3><p>
     208</p></div><div class="refsect2" lang="en"><a name="id301866"></a><h3>SAM SET PROFILEPATH &lt;NAME&gt; &lt;PATH&gt;</h3><p>
    206209Set the profile path for a user account.
    207 </p></div><div class="refsect2" lang="en"><a name="id273166"></a><h3>SAM SET COMMENT &lt;NAME&gt; &lt;COMMENT&gt;</h3><p>
     210</p></div><div class="refsect2" lang="en"><a name="id301876"></a><h3>SAM SET COMMENT &lt;NAME&gt; &lt;COMMENT&gt;</h3><p>
    208211Set the comment for a user or group account.
    209 </p></div><div class="refsect2" lang="en"><a name="id273177"></a><h3>SAM SET FULLNAME &lt;NAME&gt; &lt;FULL NAME&gt;</h3><p>
     212</p></div><div class="refsect2" lang="en"><a name="id301887"></a><h3>SAM SET FULLNAME &lt;NAME&gt; &lt;FULL NAME&gt;</h3><p>
    210213Set the full name for a user account.
    211 </p></div><div class="refsect2" lang="en"><a name="id273187"></a><h3>SAM SET LOGONSCRIPT &lt;NAME&gt; &lt;SCRIPT&gt;</h3><p>
     214</p></div><div class="refsect2" lang="en"><a name="id301897"></a><h3>SAM SET LOGONSCRIPT &lt;NAME&gt; &lt;SCRIPT&gt;</h3><p>
    212215Set the logon script for a user account.
    213 </p></div><div class="refsect2" lang="en"><a name="id273198"></a><h3>SAM SET HOMEDRIVE &lt;NAME&gt; &lt;DRIVE&gt;</h3><p>
     216</p></div><div class="refsect2" lang="en"><a name="id301908"></a><h3>SAM SET HOMEDRIVE &lt;NAME&gt; &lt;DRIVE&gt;</h3><p>
    214217Set the home drive for a user account.
    215 </p></div><div class="refsect2" lang="en"><a name="id273209"></a><h3>SAM SET WORKSTATIONS &lt;NAME&gt; &lt;WORKSTATIONS&gt;</h3><p>
     218</p></div><div class="refsect2" lang="en"><a name="id301919"></a><h3>SAM SET WORKSTATIONS &lt;NAME&gt; &lt;WORKSTATIONS&gt;</h3><p>
    216219Set the workstations a user account is allowed to log in from.
    217 </p></div><div class="refsect2" lang="en"><a name="id273219"></a><h3>SAM SET DISABLE &lt;NAME&gt;</h3><p>
     220</p></div><div class="refsect2" lang="en"><a name="id301929"></a><h3>SAM SET DISABLE &lt;NAME&gt;</h3><p>
    218221Set the "disabled" flag for a user account.
    219 </p></div><div class="refsect2" lang="en"><a name="id273230"></a><h3>SAM SET PWNOTREQ &lt;NAME&gt;</h3><p>
     222</p></div><div class="refsect2" lang="en"><a name="id301940"></a><h3>SAM SET PWNOTREQ &lt;NAME&gt;</h3><p>
    220223Set the "password not required" flag for a user account.
    221 </p></div><div class="refsect2" lang="en"><a name="id273241"></a><h3>SAM SET AUTOLOCK &lt;NAME&gt;</h3><p>
     224</p></div><div class="refsect2" lang="en"><a name="id301951"></a><h3>SAM SET AUTOLOCK &lt;NAME&gt;</h3><p>
    222225Set the "autolock" flag for a user account.
    223 </p></div><div class="refsect2" lang="en"><a name="id273251"></a><h3>SAM SET PWNOEXP &lt;NAME&gt;</h3><p>
     226</p></div><div class="refsect2" lang="en"><a name="id301961"></a><h3>SAM SET PWNOEXP &lt;NAME&gt;</h3><p>
    224227Set the "password do not expire" flag for a user account.
    225 </p></div><div class="refsect2" lang="en"><a name="id273262"></a><h3>SAM SET PWMUSTCHANGENOW &lt;NAME&gt; [yes|no]</h3><p>
     228</p></div><div class="refsect2" lang="en"><a name="id301972"></a><h3>SAM SET PWMUSTCHANGENOW &lt;NAME&gt; [yes|no]</h3><p>
    226229Set or unset the "password must change" flag fro a user account.
    227 </p></div><div class="refsect2" lang="en"><a name="id273273"></a><h3>SAM POLICY LIST</h3><p>
     230</p></div><div class="refsect2" lang="en"><a name="id301983"></a><h3>SAM POLICY LIST</h3><p>
    228231List the avilable account policies.
    229 </p></div><div class="refsect2" lang="en"><a name="id273283"></a><h3>SAM POLICY SHOW &lt;account policy&gt;</h3><p>
     232</p></div><div class="refsect2" lang="en"><a name="id301993"></a><h3>SAM POLICY SHOW &lt;account policy&gt;</h3><p>
    230233Show the account policy value.
    231 </p></div><div class="refsect2" lang="en"><a name="id273293"></a><h3>SAM POLICY SET &lt;account policy&gt; &lt;value&gt;</h3><p>
     234</p></div><div class="refsect2" lang="en"><a name="id302003"></a><h3>SAM POLICY SET &lt;account policy&gt; &lt;value&gt;</h3><p>
    232235Set a value for the account policy.
    233236Valid values can be: "forever", "never", "off", or a number.
    234 </p></div><div class="refsect2" lang="en"><a name="id273305"></a><h3>SAM PROVISION</h3><p>
     237</p></div><div class="refsect2" lang="en"><a name="id302015"></a><h3>SAM PROVISION</h3><p>
    235238Only available if ldapsam:editposix is set and winbindd is running.
    236239Properly populates the ldap tree with the basic accounts (Administrator)
    237240and groups (Domain Users, Domain Admins, Domain Guests) on the ldap tree.
    238 </p></div><div class="refsect2" lang="en"><a name="id273316"></a><h3>IDMAP DUMP &lt;output file&gt;</h3><p>
     241</p></div><div class="refsect2" lang="en"><a name="id302026"></a><h3>IDMAP DUMP &lt;output file&gt;</h3><p>
    239242Dumps the mappings in the specified output file.
    240 </p></div><div class="refsect2" lang="en"><a name="id273327"></a><h3>IDMAP RESTORE [input file]</h3><p>
     243</p></div><div class="refsect2" lang="en"><a name="id302037"></a><h3>IDMAP RESTORE [input file]</h3><p>
    241244Restore the mappings from the specified file or stdin.
    242 </p></div><div class="refsect2" lang="en"><a name="id273338"></a><h3>IDMAP SECRET &lt;DOMAIN&gt;|ALLOC &lt;secret&gt;</h3><p>
     245</p></div><div class="refsect2" lang="en"><a name="id302048"></a><h3>IDMAP SECRET &lt;DOMAIN&gt;|ALLOC &lt;secret&gt;</h3><p>
    243246Store a secret for the sepcified domain, used primarily for domains
    244247that use idmap_ldap as a backend. In this case the secret is used
    245248as the password for the user DN used to bind to the ldap server.
    246 </p></div><div class="refsect2" lang="en"><a name="id273350"></a><h3>USERSHARE</h3><p>Starting with version 3.0.23, a Samba server now supports the ability for
     249</p></div><div class="refsect2" lang="en"><a name="id302060"></a><h3>USERSHARE</h3><p>Starting with version 3.0.23, a Samba server now supports the ability for
    247250non-root users to add user define shares to be exported using the "net usershare"
    248251commands.
     
    273276</p><table class="simplelist" border="0" summary="Simple list"><tr><td>net usershare add sharename path [comment] [acl] [guest_ok=[y|n]] - to add or change a user defined share.</td></tr><tr><td>net usershare delete sharename - to delete a user defined share.</td></tr><tr><td>net usershare info [-l|--long] [wildcard sharename] - to print info about a user defined share.</td></tr><tr><td>net usershare list [-l|--long] [wildcard sharename] - to list user defined shares.</td></tr></table><p>
    274277
    275 </p><div class="refsect3" lang="en"><a name="id273396"></a><h4>USERSHARE ADD <em class="replaceable"><code>sharename</code></em> <em class="replaceable"><code>path</code></em> <em class="replaceable"><code>[comment]</code></em> <em class="replaceable"><code>[acl]</code></em> <em class="replaceable"><code>[guest_ok=[y|n]]</code></em></h4><p>
     278</p><div class="refsect3" lang="en"><a name="id302106"></a><h4>USERSHARE ADD <em class="replaceable"><code>sharename</code></em> <em class="replaceable"><code>path</code></em> <em class="replaceable"><code>[comment]</code></em> <em class="replaceable"><code>[acl]</code></em> <em class="replaceable"><code>[guest_ok=[y|n]]</code></em></h4><p>
    276279Add or replace a new user defined share, with name "sharename".
    277280</p><p>
     
    310313at connect time so will see the change immediately, there is no need
    311314to restart smbd on adding, deleting or changing a user defined share.
    312 </div><div class="refsect3" lang="en"><a name="id273460"></a><h4>USERSHARE DELETE <em class="replaceable"><code>sharename</code></em></h4><p>
     315</div><div class="refsect3" lang="en"><a name="id302170"></a><h4>USERSHARE DELETE <em class="replaceable"><code>sharename</code></em></h4><p>
    313316Deletes the user defined share by name. The Samba smbd daemon
    314317immediately notices this change, although it will not disconnect
    315318any users currently connected to the deleted share.
    316 </p></div><div class="refsect3" lang="en"><a name="id273474"></a><h4>USERSHARE INFO <em class="replaceable"><code>[-l|--long]</code></em> <em class="replaceable"><code>[wildcard sharename]</code></em></h4><p>
     319</p></div><div class="refsect3" lang="en"><a name="id302184"></a><h4>USERSHARE INFO <em class="replaceable"><code>[-l|--long]</code></em> <em class="replaceable"><code>[wildcard sharename]</code></em></h4><p>
    317320Get info on user defined shares owned by the current user matching the given pattern, or all users.
    318321</p><p>
     
    333336And is a list of the current settings of the user defined share that can be
    334337modified by the "net usershare add" command.
    335 </p></div><div class="refsect3" lang="en"><a name="id273502"></a><h4>USERSHARE LIST <em class="replaceable"><code>[-l|--long]</code></em> <em class="replaceable"><code>wildcard sharename</code></em></h4><p>
     338</p></div><div class="refsect3" lang="en"><a name="id302212"></a><h4>USERSHARE LIST <em class="replaceable"><code>[-l|--long]</code></em> <em class="replaceable"><code>wildcard sharename</code></em></h4><p>
    336339List all the user defined shares owned by the current user matching the given pattern, or all users.
    337340</p><p>
     
    341344If the '-l' or '--long' option is also given, it includes the names of user defined
    342345shares created by other users.
    343 </p></div></div><div class="refsect2" lang="en"><a name="id273526"></a><h3>HELP [COMMAND]</h3><p>Gives usage information for the specified command.</p></div></div><div class="refsect1" lang="en"><a name="id273538"></a><h2>VERSION</h2><p>This man page is complete for version 3.0 of the Samba
    344         suite.</p></div><div class="refsect1" lang="en"><a name="id273548"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     346</p></div></div><div class="refsect2" lang="en"><a name="id302236"></a><h3>HELP [COMMAND]</h3><p>Gives usage information for the specified command.</p></div></div><div class="refsect1" lang="en"><a name="id302248"></a><h2>VERSION</h2><p>This man page is complete for version 3.0 of the Samba
     347        suite.</p></div><div class="refsect1" lang="en"><a name="id302258"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    345348        were created by Andrew Tridgell. Samba is now developed
    346349        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/nmbd.8.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>nmbd</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="nmbd.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>nmbd &#8212; NetBIOS name server to provide NetBIOS
    2         over IP naming services to clients</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">nmbd</code>  [-D] [-F] [-S] [-a] [-i] [-o] [-h] [-V] [-d &lt;debug level&gt;] [-H &lt;lmhosts file&gt;] [-l &lt;log directory&gt;] [-p &lt;port number&gt;] [-s &lt;configuration file&gt;]</p></div></div><div class="refsect1" lang="en"><a name="id231186"></a><h2>DESCRIPTION</h2><p>This program is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">nmbd</strong></span> is a server that understands
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>nmbd</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="nmbd.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>nmbd &#8212; NetBIOS name server to provide NetBIOS
     2        over IP naming services to clients</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">nmbd</code>  [-D] [-F] [-S] [-a] [-i] [-o] [-h] [-V] [-d &lt;debug level&gt;] [-H &lt;lmhosts file&gt;] [-l &lt;log directory&gt;] [-p &lt;port number&gt;] [-s &lt;configuration file&gt;]</p></div></div><div class="refsect1" lang="en"><a name="id259605"></a><h2>DESCRIPTION</h2><p>This program is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">nmbd</strong></span> is a server that understands
    33        and can reply to NetBIOS over IP name service requests, like
    44        those produced by SMB/CIFS clients such as Windows 95/98/ME,
     
    1212        is running on.  Its "own NetBIOS name" is by
    1313        default the primary DNS name of the host it is running on,
    14         but this can be overridden by the <a class="indexterm" name="id231429"></a>netbios name
     14        but this can be overridden by the <a class="indexterm" name="id259397"></a>netbios name
    1515        in <code class="filename">smb.conf</code>. Thus <span><strong class="command">nmbd</strong></span> will
    1616        reply to broadcast queries for its own name(s). Additional
     
    2323        proxy, relaying broadcast queries from clients that do
    2424        not understand how to talk the WINS protocol to a WINS
    25         server.</p></div><div class="refsect1" lang="en"><a name="id231484"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-D</span></dt><dd><p>If specified, this parameter causes
     25        server.</p></div><div class="refsect1" lang="en"><a name="id260369"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-D</span></dt><dd><p>If specified, this parameter causes
    2626                <span><strong class="command">nmbd</strong></span> to operate as a daemon. That is,
    2727                it detaches itself and runs in the background, fielding
     
    5252                file is a list of NetBIOS names to IP addresses that
    5353                is loaded by the nmbd server and used via the name
    54                 resolution mechanism <a class="indexterm" name="id230575"></a>name resolve order described in <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a> to resolve any
     54                resolution mechanism <a class="indexterm" name="id260151"></a>name resolve order described in <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a> to resolve any
    5555                NetBIOS name queries needed by the server. Note
    5656                that the contents of this file are <span class="emphasis"><em>NOT</em></span>
     
    8181use only by developers and generate HUGE amounts of log
    8282data, most of which is extremely cryptic.</p><p>Note that specifying this parameter here will
    83 override the <a class="indexterm" name="id271795"></a> parameter
     83override the <a class="indexterm" name="id300494"></a> parameter
    8484in the <code class="filename">smb.conf</code> file.</p></dd><dt><span class="term">-l|--logfile=logdirectory</span></dt><dd><p>Base directory name for log/debug files. The extension
    8585<code class="constant">".progname"</code> will be appended (e.g. log.smbclient,
     
    8989                that <span><strong class="command">nmbd</strong></span> responds to name queries on. Don't
    9090                use this option unless you are an expert, in which case you
    91                 won't need help!</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id271847"></a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term"><code class="filename">/etc/inetd.conf</code></span></dt><dd><p>If the server is to be run by the
     91                won't need help!</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id300546"></a><h2>FILES</h2><div class="variablelist"><dl><dt><span class="term"><code class="filename">/etc/inetd.conf</code></span></dt><dd><p>If the server is to be run by the
    9292                <span><strong class="command">inetd</strong></span> meta-daemon, this file
    9393                must contain suitable startup information for the
     
    105105                install this file are <code class="filename">/usr/samba/lib/smb.conf</code>
    106106                and <code class="filename">/etc/samba/smb.conf</code>.</p><p>When run as a WINS server (see the
    107                         <a class="indexterm" name="id271954"></a>wins support
     107                        <a class="indexterm" name="id300653"></a>wins support
    108108                parameter in the <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a> man page),
    109109                <span><strong class="command">nmbd</strong></span>
     
    111111                in the <code class="filename">var/locks</code> directory configured under
    112112                wherever Samba was configured to install itself.</p><p>If <span><strong class="command">nmbd</strong></span> is acting as a <span class="emphasis"><em>
    113                                 browse master</em></span> (see the <a class="indexterm" name="id272001"></a>local master
     113                                browse master</em></span> (see the <a class="indexterm" name="id300700"></a>local master
    114114                parameter in the <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a> man page, <span><strong class="command">nmbd</strong></span>
    115115                will store the browsing database in the file <code class="filename">browse.dat
    116116                </code> in the <code class="filename">var/locks</code> directory
    117117                configured under wherever Samba was configured to install itself.
    118                 </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id272039"></a><h2>SIGNALS</h2><p>To shut down an <span><strong class="command">nmbd</strong></span> process it is recommended
     118                </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id300739"></a><h2>SIGNALS</h2><p>To shut down an <span><strong class="command">nmbd</strong></span> process it is recommended
    119119        that SIGKILL (-9) <span class="emphasis"><em>NOT</em></span> be used, except as a last
    120120        resort, as this may leave the name database in an inconsistent state.
     
    130130        are no longer used since Samba 2.2). This is to allow
    131131        transient problems to be diagnosed, whilst still running
    132         at a normally low log level.</p></div><div class="refsect1" lang="en"><a name="id272119"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of
    133         the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id272130"></a><h2>SEE ALSO</h2><p>
     132        at a normally low log level.</p></div><div class="refsect1" lang="en"><a name="id300819"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of
     133        the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id300829"></a><h2>SEE ALSO</h2><p>
    134134        <a href="inetd.8.html"><span class="citerefentry"><span class="refentrytitle">inetd</span>(8)</span></a>, <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>, <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a>, <a href="smbclient.1.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(1)</span></a>, <a href="testparm.1.html"><span class="citerefentry"><span class="refentrytitle">testparm</span>(1)</span></a>, <a href="testprns.1.html"><span class="citerefentry"><span class="refentrytitle">testprns</span>(1)</span></a>, and the Internet
    135135        RFC's <code class="filename">rfc1001.txt</code>, <code class="filename">rfc1002.txt</code>.
    136136        In addition the CIFS (formerly SMB) specification is available
    137137        as a link from the Web page <a href="http://samba.org/cifs/" target="_top">
    138         http://samba.org/cifs/</a>.</p></div><div class="refsect1" lang="en"><a name="id272207"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     138        http://samba.org/cifs/</a>.</p></div><div class="refsect1" lang="en"><a name="id300907"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    139139        were created by Andrew Tridgell. Samba is now developed
    140140        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/nmblookup.1.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>nmblookup</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="nmblookup"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>nmblookup &#8212; NetBIOS over TCP/IP client used to lookup NetBIOS
    2         names</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">nmblookup</code>  [-M] [-R] [-S] [-r] [-A] [-h] [-B &lt;broadcast address&gt;] [-U &lt;unicast address&gt;] [-d &lt;debug level&gt;] [-s &lt;smb config file&gt;] [-i &lt;NetBIOS scope&gt;] [-T] [-f] {name}</p></div></div><div class="refsect1" lang="en"><a name="id231195"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">nmblookup</strong></span> is used to query NetBIOS names
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>nmblookup</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="nmblookup"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>nmblookup &#8212; NetBIOS over TCP/IP client used to lookup NetBIOS
     2        names</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">nmblookup</code>  [-M] [-R] [-S] [-r] [-A] [-h] [-B &lt;broadcast address&gt;] [-U &lt;unicast address&gt;] [-d &lt;debug level&gt;] [-s &lt;smb config file&gt;] [-i &lt;NetBIOS scope&gt;] [-T] [-f] {name}</p></div></div><div class="refsect1" lang="en"><a name="id259363"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">nmblookup</strong></span> is used to query NetBIOS names
    33        and map them to IP addresses in a network using NetBIOS over TCP/IP
    44        queries. The options allow the name queries to be directed at a
    55        particular IP broadcast area or to a particular machine. All queries
    6         are done over UDP.</p></div><div class="refsect1" lang="en"><a name="id231422"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-M</span></dt><dd><p>Searches for a master browser by looking
     6        are done over UDP.</p></div><div class="refsect1" lang="en"><a name="id259391"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-M</span></dt><dd><p>Searches for a master browser by looking
    77                up the  NetBIOS name <em class="replaceable"><code>name</code></em> with a
    88                type of <code class="constant">0x1d</code>. If <em class="replaceable"><code>
     
    2929                an IP Address and do a node status query on this address.</p></dd><dt><span class="term">-n &lt;primary NetBIOS name&gt;</span></dt><dd><p>This option allows you to override
    3030the NetBIOS name that Samba uses for itself. This is identical
    31 to setting the <a class="indexterm" name="id231536"></a> parameter in the <code class="filename">smb.conf</code> file.
     31to setting the <a class="indexterm" name="id260420"></a> parameter in the <code class="filename">smb.conf</code> file.
    3232However, a command
    3333line setting will take precedence over settings in
     
    7474use only by developers and generate HUGE amounts of log
    7575data, most of which is extremely cryptic.</p><p>Note that specifying this parameter here will
    76 override the <a class="indexterm" name="id271780"></a> parameter
     76override the <a class="indexterm" name="id300479"></a> parameter
    7777in the <code class="filename">smb.conf</code> file.</p></dd><dt><span class="term">-l|--logfile=logdirectory</span></dt><dd><p>Base directory name for log/debug files. The extension
    7878<code class="constant">".progname"</code> will be appended (e.g. log.smbclient,
     
    8989                by appending '#&lt;type&gt;' to the name. This name may also be
    9090                '*', which will return all registered names within a broadcast
    91                 area.</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id271859"></a><h2>EXAMPLES</h2><p><span><strong class="command">nmblookup</strong></span> can be used to query
     91                area.</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id300559"></a><h2>EXAMPLES</h2><p><span><strong class="command">nmblookup</strong></span> can be used to query
    9292                a WINS server (in the same way <span><strong class="command">nslookup</strong></span> is
    9393                used to query DNS servers). To query a WINS server, <span><strong class="command">nmblookup</strong></span>
    9494                must be called like this:</p><p><span><strong class="command">nmblookup -U server -R 'name'</strong></span></p><p>For example, running :</p><p><span><strong class="command">nmblookup -U samba.org -R 'IRIX#1B'</strong></span></p><p>would query the WINS server samba.org for the domain
    95                 master browser (1B name type) for the IRIX workgroup.</p></div><div class="refsect1" lang="en"><a name="id271909"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of
    96         the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id271919"></a><h2>SEE ALSO</h2><p><a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a>, <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a>, and <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a>.</p></div><div class="refsect1" lang="en"><a name="id271952"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     95                master browser (1B name type) for the IRIX workgroup.</p></div><div class="refsect1" lang="en"><a name="id300608"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of
     96        the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id300619"></a><h2>SEE ALSO</h2><p><a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a>, <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a>, and <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a>.</p></div><div class="refsect1" lang="en"><a name="id300651"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    9797        were created by Andrew Tridgell. Samba is now developed
    9898        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/ntlm_auth.1.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>ntlm_auth</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="ntlm-auth.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>ntlm_auth &#8212; tool to allow external access to Winbind's NTLM authentication function</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">ntlm_auth</code>  [-d debuglevel] [-l logdir] [-s &lt;smb config file&gt;]</p></div></div><div class="refsect1" lang="en"><a name="id230785"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">ntlm_auth</strong></span> is a helper utility that authenticates
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>ntlm_auth</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="ntlm-auth.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>ntlm_auth &#8212; tool to allow external access to Winbind's NTLM authentication function</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">ntlm_auth</code>  [-d debuglevel] [-l logdir] [-s &lt;smb config file&gt;]</p></div></div><div class="refsect1" lang="en"><a name="id259314"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">ntlm_auth</strong></span> is a helper utility that authenticates
    22        users using NT/LM authentication. It returns 0 if the users is authenticated
    33        successfully and 1 if access was denied. ntlm_auth uses winbind to access
     
    66        <a href="http://www.squid-cache.org/" target="_top">Squid</a>
    77        and <a href="http://download.samba.org/ftp/unpacked/lorikeet/trunk/mod_ntlm_winbind/" target="_top">mod_ntlm_winbind</a>)
    8         </p></div><div class="refsect1" lang="en"><a name="id231151"></a><h2>OPERATIONAL REQUIREMENTS</h2><p>
     8        </p></div><div class="refsect1" lang="en"><a name="id259568"></a><h2>OPERATIONAL REQUIREMENTS</h2><p>
    99    The <a href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> daemon must be operational
    1010    for many of these commands to function.</p><p>Some of these commands also require access to the directory
     
    1313    this command as root or providing group access
    1414    to the <code class="filename">winbindd_privileged</code> directory.  For
    15     security reasons, this directory should not be world-accessable. </p></div><div class="refsect1" lang="en"><a name="id231192"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">--helper-protocol=PROTO</span></dt><dd><p>
     15    security reasons, this directory should not be world-accessable. </p></div><div class="refsect1" lang="en"><a name="id259359"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">--helper-protocol=PROTO</span></dt><dd><p>
    1616        Operate as a stdio-based helper.  Valid helper protocols are:
    1717        </p><div class="variablelist"><dl><dt><span class="term">squid-2.4-basic</span></dt><dd><p>
     
    6565                a newline.  They may also need to decode strings from
    6666                the helper, which likewise may have been base64 encoded.</div><dl><dt><span class="term">Username</span></dt><dd><p>The username, expected to be in
    67                 Samba's <a class="indexterm" name="id230552"></a>unix charset.
    68                 </p><div class="example"><a name="id230560"></a><p class="title"><b>Example 1. </b></p>Username: bob</div><div class="example"><a name="id230565"></a><p class="title"><b>Example 2. </b></p>Username:: Ym9i</div></dd><dt><span class="term">Username</span></dt><dd><p>The user's domain, expected to be in
    69                 Samba's <a class="indexterm" name="id230579"></a>unix charset.
    70                 </p><div class="example"><a name="id230588"></a><p class="title"><b>Example 3. </b></p>Domain: WORKGROUP</div><div class="example"><a name="id230593"></a><p class="title"><b>Example 4. </b></p>Domain:: V09SS0dST1VQ</div></dd><dt><span class="term">Full-Username</span></dt><dd><p>The fully qualified username, expected to be in
    71                 Samba's <a class="indexterm" name="id230606"></a> and qualified with the
    72                 <a class="indexterm" name="id230612"></a>winbind separator.
    73                 </p><div class="example"><a name="id230622"></a><p class="title"><b>Example 5. </b></p>Full-Username: WORKGROUP\bob</div><div class="example"><a name="id230626"></a><p class="title"><b>Example 6. </b></p>Full-Username:: V09SS0dST1VQYm9i</div></dd><dt><span class="term">LANMAN-Challenge</span></dt><dd><p>The 8 byte <span><strong class="command">LANMAN Challenge</strong></span> value,
     67                Samba's <a class="indexterm" name="id260130"></a>unix charset.
     68                </p><div class="example"><a name="id260139"></a><p class="title"><b>Example 1. </b></p><div class="example-contents">Username: bob</div></div><p><br class="example-break"></p><div class="example"><a name="id260143"></a><p class="title"><b>Example 2. </b></p><div class="example-contents">Username:: Ym9i</div></div><p><br class="example-break"></p></dd><dt><span class="term">Username</span></dt><dd><p>The user's domain, expected to be in
     69                Samba's <a class="indexterm" name="id260157"></a>unix charset.
     70                </p><div class="example"><a name="id260167"></a><p class="title"><b>Example 3. </b></p><div class="example-contents">Domain: WORKGROUP</div></div><p><br class="example-break"></p><div class="example"><a name="id260171"></a><p class="title"><b>Example 4. </b></p><div class="example-contents">Domain:: V09SS0dST1VQ</div></div><p><br class="example-break"></p></dd><dt><span class="term">Full-Username</span></dt><dd><p>The fully qualified username, expected to be in
     71                Samba's <a class="indexterm" name="id260184"></a> and qualified with the
     72                <a class="indexterm" name="id260190"></a>winbind separator.
     73                </p><div class="example"><a name="id260199"></a><p class="title"><b>Example 5. </b></p><div class="example-contents">Full-Username: WORKGROUP\bob</div></div><p><br class="example-break"></p><div class="example"><a name="id260204"></a><p class="title"><b>Example 6. </b></p><div class="example-contents">Full-Username:: V09SS0dST1VQYm9i</div></div><p><br class="example-break"></p></dd><dt><span class="term">LANMAN-Challenge</span></dt><dd><p>The 8 byte <span><strong class="command">LANMAN Challenge</strong></span> value,
    7474                generated randomly by the server, or (in cases such as
    7575                MSCHAPv2) generated in some way by both the server and
    7676                the client.
    77                 </p><div class="example"><a name="id271749"></a><p class="title"><b>Example 7. </b></p>LANMAN-Challege: 0102030405060708</div></dd><dt><span class="term">LANMAN-Response</span></dt><dd><p>The 24 byte <span><strong class="command">LANMAN Response</strong></span> value,
     77                </p><div class="example"><a name="id300450"></a><p class="title"><b>Example 7. </b></p><div class="example-contents">LANMAN-Challege: 0102030405060708</div></div><p><br class="example-break"></p></dd><dt><span class="term">LANMAN-Response</span></dt><dd><p>The 24 byte <span><strong class="command">LANMAN Response</strong></span> value,
    7878                calculated from the user's password and the supplied
    7979                <span><strong class="command">LANMAN Challenge</strong></span>.  Typically, this
    8080                is provided over the network by a client wishing to authenticate.
    81                 </p><div class="example"><a name="id271778"></a><p class="title"><b>Example 8. </b></p>LANMAN-Response: 0102030405060708090A0B0C0D0E0F101112131415161718</div></dd><dt><span class="term">NT-Response</span></dt><dd><p>The &gt;= 24 byte <span><strong class="command">NT Response</strong></span>
     81                </p><div class="example"><a name="id300478"></a><p class="title"><b>Example 8. </b></p><div class="example-contents">LANMAN-Response: 0102030405060708090A0B0C0D0E0F101112131415161718</div></div><p><br class="example-break"></p></dd><dt><span class="term">NT-Response</span></dt><dd><p>The &gt;= 24 byte <span><strong class="command">NT Response</strong></span>
    8282                calculated from the user's password and the supplied
    8383                <span><strong class="command">LANMAN Challenge</strong></span>.  Typically, this is
    8484                provided over the network by a client wishing to authenticate.
    85                  </p><div class="example"><a name="id271808"></a><p class="title"><b>Example 9. </b></p>NT-Response: 0102030405060708090A0B0C0D0E0F101112131415161718</div></dd><dt><span class="term">Password</span></dt><dd><p>The user's password.  This would be
     85                 </p><div class="example"><a name="id300508"></a><p class="title"><b>Example 9. </b></p><div class="example-contents">NT-Response: 0102030405060708090A0B0C0D0E0F101112131415161718</div></div><p><br class="example-break"></p></dd><dt><span class="term">Password</span></dt><dd><p>The user's password.  This would be
    8686                provided by a network client, if the helper is being
    8787                used in a legacy situation that exposes plaintext
    8888                passwords in this way.
    89                  </p><div class="example"><a name="id271826"></a><p class="title"><b>Example 10. </b></p>Password: samba2</div><div class="example"><a name="id271830"></a><p class="title"><b>Example 11. </b></p>Password:: c2FtYmEy</div></dd><dt><span class="term">Request-User-Session-Key</span></dt><dd><p>Apon sucessful authenticaiton, return
     89                 </p><div class="example"><a name="id300526"></a><p class="title"><b>Example 10. </b></p><div class="example-contents">Password: samba2</div></div><p><br class="example-break"></p><div class="example"><a name="id300530"></a><p class="title"><b>Example 11. </b></p><div class="example-contents">Password:: c2FtYmEy</div></div><p><br class="example-break"></p></dd><dt><span class="term">Request-User-Session-Key</span></dt><dd><p>Apon sucessful authenticaiton, return
    9090                the user session key associated with the login.
    91                  </p><div class="example"><a name="id271847"></a><p class="title"><b>Example 12. </b></p>Request-User-Session-Key: Yes</div></dd><dt><span class="term">Request-LanMan-Session-Key</span></dt><dd><p>Apon sucessful authenticaiton, return
     91                 </p><div class="example"><a name="id300547"></a><p class="title"><b>Example 12. </b></p><div class="example-contents">Request-User-Session-Key: Yes</div></div><p><br class="example-break"></p></dd><dt><span class="term">Request-LanMan-Session-Key</span></dt><dd><p>Apon sucessful authenticaiton, return
    9292                the LANMAN session key associated with the login.
    93                  </p><div class="example"><a name="id271864"></a><p class="title"><b>Example 13. </b></p>Request-LanMan-Session-Key: Yes</div></dd></dl></div></dd></dl></div></dd><dt><span class="term">--username=USERNAME</span></dt><dd><p>
     93                 </p><div class="example"><a name="id300564"></a><p class="title"><b>Example 13. </b></p><div class="example-contents">Request-LanMan-Session-Key: Yes</div></div><p><br class="example-break"></p></dd></dl></div></dd></dl></div></dd><dt><span class="term">--username=USERNAME</span></dt><dd><p>
    9494        Specify username of user to authenticate
    9595        </p></dd><dt><span class="term">--domain=DOMAIN</span></dt><dd><p>
     
    124124use only by developers and generate HUGE amounts of log
    125125data, most of which is extremely cryptic.</p><p>Note that specifying this parameter here will
    126 override the <a class="indexterm" name="id272086"></a> parameter
     126override the <a class="indexterm" name="id300786"></a> parameter
    127127in the <code class="filename">smb.conf</code> file.</p></dd><dt><span class="term">-l|--logfile=logdirectory</span></dt><dd><p>Base directory name for log/debug files. The extension
    128128<code class="constant">".progname"</code> will be appended (e.g. log.smbclient,
    129129log.smbd, etc...). The log file is never removed by the client.
    130130</p></dd><dt><span class="term">-h|--help</span></dt><dd><p>Print a summary of command line options.
    131 </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id272131"></a><h2>EXAMPLE SETUP</h2><p>To setup ntlm_auth for use by squid 2.5, with both basic and
     131</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id300830"></a><h2>EXAMPLE SETUP</h2><p>To setup ntlm_auth for use by squid 2.5, with both basic and
    132132        NTLMSSP authentication, the following
    133133        should be placed in the <code class="filename">squid.conf</code> file.
     
    145145auth_param ntlm program ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of='WORKGROUP\Domain Users'
    146146auth_param basic program ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of='WORKGROUP\Domain Users'
    147 </pre></div><div class="refsect1" lang="en"><a name="id272183"></a><h2>TROUBLESHOOTING</h2><p>If you're experiencing problems with authenticating Internet Explorer running
     147</pre></div><div class="refsect1" lang="en"><a name="id300883"></a><h2>TROUBLESHOOTING</h2><p>If you're experiencing problems with authenticating Internet Explorer running
    148148        under MS Windows 9X or Millenium Edition against ntlm_auth's NTLMSSP authentication
    149149        helper (--helper-protocol=squid-2.5-ntlmssp), then please read
    150150        <a href="http://support.microsoft.com/support/kb/articles/Q239/8/69.ASP" target="_top">
    151151        the Microsoft Knowledge Base article #239869 and follow instructions described there</a>.
    152         </p></div><div class="refsect1" lang="en"><a name="id272202"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba
    153         suite.</p></div><div class="refsect1" lang="en"><a name="id272212"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     152        </p></div><div class="refsect1" lang="en"><a name="id300901"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba
     153        suite.</p></div><div class="refsect1" lang="en"><a name="id300912"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    154154        were created by Andrew Tridgell. Samba is now developed
    155155        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/pam_winbind.7.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>pam_winbind</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="pam_winbind.7"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pam_winbind &#8212; PAM module for Winbind</p></div><div class="refsect1" lang="en"><a name="id263105"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>pam_winbind</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="pam_winbind.7"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pam_winbind &#8212; PAM module for Winbind</p></div><div class="refsect1" lang="en"><a name="id291806"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>
    22        pam_winbind is a PAM module that can authenticate users against the local domain by talking to the Winbind daemon.
    3         </p></div><div class="refsect1" lang="en"><a name="id230771"></a><h2>OPTIONS</h2><p>
     3        </p></div><div class="refsect1" lang="en"><a name="id259300"></a><h2>OPTIONS</h2><p>
    44       
    55                pam_winbind supports several options which can either be set in
     
    5656
    5757
    58         </p></div><div class="refsect1" lang="en"><a name="id231473"></a><h2>SEE ALSO</h2><p><a href="wbinfo.1.html"><span class="citerefentry"><span class="refentrytitle">wbinfo</span>(1)</span></a>, <a href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a>, <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a></p></div><div class="refsect1" lang="en"><a name="id231508"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of Samba.</p></div><div class="refsect1" lang="en"><a name="id231517"></a><h2>AUTHOR</h2><p>
     58        </p></div><div class="refsect1" lang="en"><a name="id260355"></a><h2>SEE ALSO</h2><p><a href="wbinfo.1.html"><span class="citerefentry"><span class="refentrytitle">wbinfo</span>(1)</span></a>, <a href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a>, <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a></p></div><div class="refsect1" lang="en"><a name="id260390"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of Samba.</p></div><div class="refsect1" lang="en"><a name="id260399"></a><h2>AUTHOR</h2><p>
    5959        The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by
    6060        the Samba Team as an Open Source project similar to the way the Linux kernel is developed.
  • trunk/samba/docs/htmldocs/manpages/pdbedit.8.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>pdbedit</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="pdbedit.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pdbedit &#8212; manage the SAM database (Database of Samba Users)</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pdbedit</code>  [-L] [-v] [-w] [-u username] [-f fullname] [-h homedir] [-D drive] [-S script] [-p profile] [-a] [-t, --password-from-stdin] [-m] [-r] [-x] [-i passdb-backend] [-e passdb-backend] [-b passdb-backend] [-g] [-d debuglevel] [-s configfile] [-P account-policy] [-C value] [-c account-control] [-y]</p></div></div><div class="refsect1" lang="en"><a name="id231471"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>The pdbedit program is used to manage the users accounts
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>pdbedit</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="pdbedit.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>pdbedit &#8212; manage the SAM database (Database of Samba Users)</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">pdbedit</code>  [-L] [-v] [-w] [-u username] [-f fullname] [-h homedir] [-D drive] [-S script] [-p profile] [-a] [-t, --password-from-stdin] [-m] [-r] [-x] [-i passdb-backend] [-e passdb-backend] [-b passdb-backend] [-g] [-d debuglevel] [-s configfile] [-P account-policy] [-C value] [-c account-control] [-y]</p></div></div><div class="refsect1" lang="en"><a name="id259437"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>The pdbedit program is used to manage the users accounts
    22        stored in the sam database and can only be run by root.</p><p>The pdbedit tool uses the passdb modular interface and is
    33        independent from the kind of users database used (currently there
     
    55        without changing the tool).</p><p>There are five main ways to use pdbedit: adding a user account,
    66        removing a user account, modifing a user account, listing user
    7         accounts, importing users accounts.</p></div><div class="refsect1" lang="en"><a name="id231503"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-L</span></dt><dd><p>This option lists all the user accounts
     7        accounts, importing users accounts.</p></div><div class="refsect1" lang="en"><a name="id260385"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-L</span></dt><dd><p>This option lists all the user accounts
    88                present in the users database.
    99                This option prints a list of user/uid pairs separated by
     
    7979</pre><p>
    8080</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>pdbedit does not call the unix password syncronisation
    81                                 script if <a class="indexterm" name="id271940"></a>unix password sync
     81                                script if <a class="indexterm" name="id300639"></a>unix password sync
    8282                                has been set. It only updates the data in the Samba
    8383                                user database.
     
    141141use only by developers and generate HUGE amounts of log
    142142data, most of which is extremely cryptic.</p><p>Note that specifying this parameter here will
    143 override the <a class="indexterm" name="id272324"></a> parameter
     143override the <a class="indexterm" name="id301024"></a> parameter
    144144in the <code class="filename">smb.conf</code> file.</p></dd><dt><span class="term">-l|--logfile=logdirectory</span></dt><dd><p>Base directory name for log/debug files. The extension
    145145<code class="constant">".progname"</code> will be appended (e.g. log.smbclient,
    146146log.smbd, etc...). The log file is never removed by the client.
    147 </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id272358"></a><h2>NOTES</h2><p>This command may be used only by root.</p></div><div class="refsect1" lang="en"><a name="id272368"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of
    148         the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id272379"></a><h2>SEE ALSO</h2><p><a href="smbpasswd.5.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(5)</span></a>, <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a></p></div><div class="refsect1" lang="en"><a name="id272402"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     147</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id301057"></a><h2>NOTES</h2><p>This command may be used only by root.</p></div><div class="refsect1" lang="en"><a name="id301067"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of
     148        the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id301078"></a><h2>SEE ALSO</h2><p><a href="smbpasswd.5.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(5)</span></a>, <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a></p></div><div class="refsect1" lang="en"><a name="id301101"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    149149        were created by Andrew Tridgell. Samba is now developed
    150150        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/profiles.1.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>profiles</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="profiles.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>profiles &#8212; A utility to report and change SIDs in registry files
    2         </p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">profiles</code>  [-v] [-c SID] [-n SID] {file}</p></div></div><div class="refsect1" lang="en"><a name="id230792"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">profiles</strong></span> is a utility that
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>profiles</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="profiles.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>profiles &#8212; A utility to report and change SIDs in registry files
     2        </p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">profiles</code>  [-v] [-c SID] [-n SID] {file}</p></div></div><div class="refsect1" lang="en"><a name="id259321"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">profiles</strong></span> is a utility that
    33        reports and changes SIDs in windows registry files. It currently only
    44        supports NT.
    5         </p></div><div class="refsect1" lang="en"><a name="id231145"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">file</span></dt><dd><p>Registry file to view or edit.  </p></dd><dt><span class="term">-v,--verbose</span></dt><dd><p>Increases verbosity of messages.
     5        </p></div><div class="refsect1" lang="en"><a name="id259563"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">file</span></dt><dd><p>Registry file to view or edit.  </p></dd><dt><span class="term">-v,--verbose</span></dt><dd><p>Increases verbosity of messages.
    66                </p></dd><dt><span class="term">-c SID1 -n SID2</span></dt><dd><p>Change all occurences of SID1 in <code class="filename">file</code> by SID2.
    77                </p></dd><dt><span class="term">-h|--help</span></dt><dd><p>Print a summary of command line options.
    8 </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id231406"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba
    9         suite.</p></div><div class="refsect1" lang="en"><a name="id231415"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     8</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id259374"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba
     9        suite.</p></div><div class="refsect1" lang="en"><a name="id259384"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    1010        were created by Andrew Tridgell. Samba is now developed
    1111        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/rpcclient.1.html

    r26 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>rpcclient</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="rpcclient.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>rpcclient &#8212; tool for executing client side
    2         MS-RPC functions</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">rpcclient</code>  [-A authfile] [-c &lt;command string&gt;] [-d debuglevel] [-h] [-l logdir] [-N] [-s &lt;smb config file&gt;] [-U username[%password]] [-W workgroup] [-N] [-I destinationIP] {server}</p></div></div><div class="refsect1" lang="en"><a name="id231180"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">rpcclient</strong></span> is a utility initially developed
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>rpcclient</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="rpcclient.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>rpcclient &#8212; tool for executing client side
     2        MS-RPC functions</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">rpcclient</code>  [-A authfile] [-c &lt;command string&gt;] [-d debuglevel] [-h] [-l logdir] [-N] [-s &lt;smb config file&gt;] [-U username[%password]] [-W workgroup] [-N] [-I destinationIP] {server}</p></div></div><div class="refsect1" lang="en"><a name="id259598"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">rpcclient</strong></span> is a utility initially developed
    33        to test MS-RPC functionality in Samba itself.  It has undergone
    44        several stages of development and stability.  Many system administrators
    55        have now written scripts around it to manage Windows NT clients from
    6         their UNIX workstation. </p></div><div class="refsect1" lang="en"><a name="id231409"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">server</span></dt><dd><p>NetBIOS name of Server to which to connect.
     6        their UNIX workstation. </p></div><div class="refsect1" lang="en"><a name="id259376"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">server</span></dt><dd><p>NetBIOS name of Server to which to connect.
    77                The server can be  any SMB/CIFS server.  The name is
    8                 resolved using the <a class="indexterm" name="id231427"></a>name resolve order line from <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a>.</p></dd><dt><span class="term">-c|--command='command string'</span></dt><dd><p>execute semicolon separated commands (listed
     8                resolved using the <a class="indexterm" name="id259394"></a>name resolve order line from <a href="smb.conf.5.html"><span class="citerefentry"><span class="refentrytitle">smb.conf</span>(5)</span></a>.</p></dd><dt><span class="term">-c|--command='command string'</span></dt><dd><p>execute semicolon separated commands (listed
    99                below)) </p></dd><dt><span class="term">-I IP-address</span></dt><dd><p><em class="replaceable"><code>IP address</code></em> is the address of the server to connect to.
    1010                It should be specified in standard "a.b.c.d" notation. </p><p>Normally the client would attempt to locate a named
     
    3636use only by developers and generate HUGE amounts of log
    3737data, most of which is extremely cryptic.</p><p>Note that specifying this parameter here will
    38 override the <a class="indexterm" name="id230492"></a> parameter
     38override the <a class="indexterm" name="id260427"></a> parameter
    3939in the <code class="filename">smb.conf</code> file.</p></dd><dt><span class="term">-l|--logfile=logdirectory</span></dt><dd><p>Base directory name for log/debug files. The extension
    4040<code class="constant">".progname"</code> will be appended (e.g. log.smbclient,
     
    7373it in directly. </p></dd><dt><span class="term">-n &lt;primary NetBIOS name&gt;</span></dt><dd><p>This option allows you to override
    7474the NetBIOS name that Samba uses for itself. This is identical
    75 to setting the <a class="indexterm" name="id271744"></a> parameter in the <code class="filename">smb.conf</code> file.
     75to setting the <a class="indexterm" name="id300444"></a> parameter in the <code class="filename">smb.conf</code> file.
    7676However, a command
    7777line setting will take precedence over settings in
     
    9090the <code class="filename">smb.conf</code> manual page for the list of valid
    9191options. </p></dd><dt><span class="term">-h|--help</span></dt><dd><p>Print a summary of command line options.
    92 </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id271829"></a><h2>COMMANDS</h2><div class="refsect2" lang="en"><a name="id271835"></a><h3>LSARPC</h3><div class="variablelist"><dl><dt><span class="term">lsaquery</span></dt><dd><p>Query info policy</p></dd><dt><span class="term">lookupsids</span></dt><dd><p>Resolve a list
     92</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id300529"></a><h2>COMMANDS</h2><div class="refsect2" lang="en"><a name="id300535"></a><h3>LSARPC</h3><div class="variablelist"><dl><dt><span class="term">lsaquery</span></dt><dd><p>Query info policy</p></dd><dt><span class="term">lookupsids</span></dt><dd><p>Resolve a list
    9393                of SIDs to usernames.
    9494                </p></dd><dt><span class="term">lookupnames</span></dt><dd><p>Resolve a list
    9595                of usernames to SIDs.
    96                 </p></dd><dt><span class="term">enumtrusts</span></dt><dd><p>Enumerate trusted domains</p></dd><dt><span class="term">enumprivs</span></dt><dd><p>Enumerate privileges</p></dd><dt><span class="term">getdispname</span></dt><dd><p>Get the privilege name</p></dd><dt><span class="term">lsaenumsid</span></dt><dd><p>Enumerate the LSA SIDS</p></dd><dt><span class="term">lsaenumprivsaccount</span></dt><dd><p>Enumerate the privileges of an SID</p></dd><dt><span class="term">lsaenumacctrights</span></dt><dd><p>Enumerate the rights of an SID</p></dd><dt><span class="term">lsaenumacctwithright</span></dt><dd><p>Enumerate accounts with a right</p></dd><dt><span class="term">lsaaddacctrights</span></dt><dd><p>Add rights to an account</p></dd><dt><span class="term">lsaremoveacctrights</span></dt><dd><p>Remove rights from an account</p></dd><dt><span class="term">lsalookupprivvalue</span></dt><dd><p>Get a privilege value given its name</p></dd><dt><span class="term">lsaquerysecobj</span></dt><dd><p>Query LSA security object</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id271959"></a><h3>LSARPC-DS</h3><div class="variablelist"><dl><dt><span class="term">dsroledominfo</span></dt><dd><p>Get Primary Domain Information</p></dd></dl></div><p> </p><p><span class="emphasis"><em>DFS</em></span></p><div class="variablelist"><dl><dt><span class="term">dfsexist</span></dt><dd><p>Query DFS support</p></dd><dt><span class="term">dfsadd</span></dt><dd><p>Add a DFS share</p></dd><dt><span class="term">dfsremove</span></dt><dd><p>Remove a DFS share</p></dd><dt><span class="term">dfsgetinfo</span></dt><dd><p>Query DFS share info</p></dd><dt><span class="term">dfsenum</span></dt><dd><p>Enumerate dfs shares</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id272028"></a><h3>REG</h3><div class="variablelist"><dl><dt><span class="term">shutdown</span></dt><dd><p>Remote Shutdown</p></dd><dt><span class="term">abortshutdown</span></dt><dd><p>Abort Shutdown</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id272053"></a><h3>SRVSVC</h3><div class="variablelist"><dl><dt><span class="term">srvinfo</span></dt><dd><p>Server query info</p></dd><dt><span class="term">netshareenum</span></dt><dd><p>Enumerate shares</p></dd><dt><span class="term">netfileenum</span></dt><dd><p>Enumerate open files</p></dd><dt><span class="term">netremotetod</span></dt><dd><p>Fetch remote time of day</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id272095"></a><h3>SAMR</h3><div class="variablelist"><dl><dt><span class="term">queryuser</span></dt><dd><p>Query user info</p></dd><dt><span class="term">querygroup</span></dt><dd><p>Query group info</p></dd><dt><span class="term">queryusergroups</span></dt><dd><p>Query user groups</p></dd><dt><span class="term">querygroupmem</span></dt><dd><p>Query group membership</p></dd><dt><span class="term">queryaliasmem</span></dt><dd><p>Query alias membership</p></dd><dt><span class="term">querydispinfo</span></dt><dd><p>Query display info</p></dd><dt><span class="term">querydominfo</span></dt><dd><p>Query domain info</p></dd><dt><span class="term">enumdomusers</span></dt><dd><p>Enumerate domain users</p></dd><dt><span class="term">enumdomgroups</span></dt><dd><p>Enumerate domain groups</p></dd><dt><span class="term">enumalsgroups</span></dt><dd><p>Enumerate alias groups</p></dd><dt><span class="term">createdomuser</span></dt><dd><p>Create domain user</p></dd><dt><span class="term">samlookupnames</span></dt><dd><p>Look up names</p></dd><dt><span class="term">samlookuprids</span></dt><dd><p>Look up names</p></dd><dt><span class="term">deletedomuser</span></dt><dd><p>Delete domain user</p></dd><dt><span class="term">samquerysecobj</span></dt><dd><p>Query SAMR security object</p></dd><dt><span class="term">getdompwinfo</span></dt><dd><p>Retrieve domain password info</p></dd><dt><span class="term">lookupdomain</span></dt><dd><p>Look up domain</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id272241"></a><h3>SPOOLSS</h3><div class="variablelist"><dl><dt><span class="term">adddriver &lt;arch&gt; &lt;config&gt; [&lt;version&gt;]</span></dt><dd><p>
     96                </p></dd><dt><span class="term">enumtrusts</span></dt><dd><p>Enumerate trusted domains</p></dd><dt><span class="term">enumprivs</span></dt><dd><p>Enumerate privileges</p></dd><dt><span class="term">getdispname</span></dt><dd><p>Get the privilege name</p></dd><dt><span class="term">lsaenumsid</span></dt><dd><p>Enumerate the LSA SIDS</p></dd><dt><span class="term">lsaenumprivsaccount</span></dt><dd><p>Enumerate the privileges of an SID</p></dd><dt><span class="term">lsaenumacctrights</span></dt><dd><p>Enumerate the rights of an SID</p></dd><dt><span class="term">lsaenumacctwithright</span></dt><dd><p>Enumerate accounts with a right</p></dd><dt><span class="term">lsaaddacctrights</span></dt><dd><p>Add rights to an account</p></dd><dt><span class="term">lsaremoveacctrights</span></dt><dd><p>Remove rights from an account</p></dd><dt><span class="term">lsalookupprivvalue</span></dt><dd><p>Get a privilege value given its name</p></dd><dt><span class="term">lsaquerysecobj</span></dt><dd><p>Query LSA security object</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id300659"></a><h3>LSARPC-DS</h3><div class="variablelist"><dl><dt><span class="term">dsroledominfo</span></dt><dd><p>Get Primary Domain Information</p></dd></dl></div><p> </p><p><span class="emphasis"><em>DFS</em></span></p><div class="variablelist"><dl><dt><span class="term">dfsexist</span></dt><dd><p>Query DFS support</p></dd><dt><span class="term">dfsadd</span></dt><dd><p>Add a DFS share</p></dd><dt><span class="term">dfsremove</span></dt><dd><p>Remove a DFS share</p></dd><dt><span class="term">dfsgetinfo</span></dt><dd><p>Query DFS share info</p></dd><dt><span class="term">dfsenum</span></dt><dd><p>Enumerate dfs shares</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id300728"></a><h3>REG</h3><div class="variablelist"><dl><dt><span class="term">shutdown</span></dt><dd><p>Remote Shutdown</p></dd><dt><span class="term">abortshutdown</span></dt><dd><p>Abort Shutdown</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id300753"></a><h3>SRVSVC</h3><div class="variablelist"><dl><dt><span class="term">srvinfo</span></dt><dd><p>Server query info</p></dd><dt><span class="term">netshareenum</span></dt><dd><p>Enumerate shares</p></dd><dt><span class="term">netfileenum</span></dt><dd><p>Enumerate open files</p></dd><dt><span class="term">netremotetod</span></dt><dd><p>Fetch remote time of day</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id300795"></a><h3>SAMR</h3><div class="variablelist"><dl><dt><span class="term">queryuser</span></dt><dd><p>Query user info</p></dd><dt><span class="term">querygroup</span></dt><dd><p>Query group info</p></dd><dt><span class="term">queryusergroups</span></dt><dd><p>Query user groups</p></dd><dt><span class="term">querygroupmem</span></dt><dd><p>Query group membership</p></dd><dt><span class="term">queryaliasmem</span></dt><dd><p>Query alias membership</p></dd><dt><span class="term">querydispinfo</span></dt><dd><p>Query display info</p></dd><dt><span class="term">querydominfo</span></dt><dd><p>Query domain info</p></dd><dt><span class="term">enumdomusers</span></dt><dd><p>Enumerate domain users</p></dd><dt><span class="term">enumdomgroups</span></dt><dd><p>Enumerate domain groups</p></dd><dt><span class="term">enumalsgroups</span></dt><dd><p>Enumerate alias groups</p></dd><dt><span class="term">createdomuser</span></dt><dd><p>Create domain user</p></dd><dt><span class="term">samlookupnames</span></dt><dd><p>Look up names</p></dd><dt><span class="term">samlookuprids</span></dt><dd><p>Look up names</p></dd><dt><span class="term">deletedomuser</span></dt><dd><p>Delete domain user</p></dd><dt><span class="term">samquerysecobj</span></dt><dd><p>Query SAMR security object</p></dd><dt><span class="term">getdompwinfo</span></dt><dd><p>Retrieve domain password info</p></dd><dt><span class="term">lookupdomain</span></dt><dd><p>Look up domain</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id300941"></a><h3>SPOOLSS</h3><div class="variablelist"><dl><dt><span class="term">adddriver &lt;arch&gt; &lt;config&gt; [&lt;version&gt;]</span></dt><dd><p>
    9797                Execute an AddPrinterDriver() RPC to install the printer driver
    9898                information on the server.  Note that the driver files should
     
    179179                <span><strong class="command">enumdrivers</strong></span> commands for obtaining a list of
    180180                of installed printers and drivers.</p></dd><dt><span class="term">addform</span></dt><dd><p>Add form</p></dd><dt><span class="term">setform</span></dt><dd><p>Set form</p></dd><dt><span class="term">getform</span></dt><dd><p>Get form</p></dd><dt><span class="term">deleteform</span></dt><dd><p>Delete form</p></dd><dt><span class="term">enumforms</span></dt><dd><p>Enumerate form</p></dd><dt><span class="term">setprinter</span></dt><dd><p>Set printer comment</p></dd><dt><span class="term">setprinterdata</span></dt><dd><p>Set REG_SZ printer data</p></dd><dt><span class="term">setprintername &lt;printername&gt;
    181                 &lt;newprintername&gt;</span></dt><dd><p>Set printer name</p></dd><dt><span class="term">rffpcnex</span></dt><dd><p>Rffpcnex test</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id272617"></a><h3>NETLOGON</h3><div class="variablelist"><dl><dt><span class="term">logonctrl2</span></dt><dd><p>Logon Control 2</p></dd><dt><span class="term">logonctrl</span></dt><dd><p>Logon Control</p></dd><dt><span class="term">samsync</span></dt><dd><p>Sam Synchronisation</p></dd><dt><span class="term">samdeltas</span></dt><dd><p>Query Sam Deltas</p></dd><dt><span class="term">samlogon</span></dt><dd><p>Sam Logon</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id272677"></a><h3>GENERAL COMMANDS</h3><div class="variablelist"><dl><dt><span class="term">debuglevel</span></dt><dd><p>Set the current
     181                &lt;newprintername&gt;</span></dt><dd><p>Set printer name</p></dd><dt><span class="term">rffpcnex</span></dt><dd><p>Rffpcnex test</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id301317"></a><h3>NETLOGON</h3><div class="variablelist"><dl><dt><span class="term">logonctrl2</span></dt><dd><p>Logon Control 2</p></dd><dt><span class="term">logonctrl</span></dt><dd><p>Logon Control</p></dd><dt><span class="term">samsync</span></dt><dd><p>Sam Synchronisation</p></dd><dt><span class="term">samdeltas</span></dt><dd><p>Query Sam Deltas</p></dd><dt><span class="term">samlogon</span></dt><dd><p>Sam Logon</p></dd></dl></div></div><div class="refsect2" lang="en"><a name="id301377"></a><h3>GENERAL COMMANDS</h3><div class="variablelist"><dl><dt><span class="term">debuglevel</span></dt><dd><p>Set the current
    182182                debug level used to log information.</p></dd><dt><span class="term">help (?)</span></dt><dd><p>Print a listing of all
    183183                known commands or extended help  on a particular command.
    184184                </p></dd><dt><span class="term">quit (exit)</span></dt><dd><p>Exit <span><strong class="command">rpcclient
    185                 </strong></span>.</p></dd></dl></div></div></div><div class="refsect1" lang="en"><a name="id272719"></a><h2>BUGS</h2><p><span><strong class="command">rpcclient</strong></span> is designed as a developer testing tool
     185                </strong></span>.</p></dd></dl></div></div></div><div class="refsect1" lang="en"><a name="id301419"></a><h2>BUGS</h2><p><span><strong class="command">rpcclient</strong></span> is designed as a developer testing tool
    186186        and may not be robust in certain areas (such as command line parsing). 
    187187        It has been known to  generate a core dump upon failures when invalid
     
    196196        the developers are sending reports to Microsoft,  and problems found
    197197        or reported to Microsoft are fixed in Service Packs,  which may
    198         result in incompatibilities.</p></div><div class="refsect1" lang="en"><a name="id272770"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba
    199         suite.</p></div><div class="refsect1" lang="en"><a name="id272781"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     198        result in incompatibilities.</p></div><div class="refsect1" lang="en"><a name="id301470"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba
     199        suite.</p></div><div class="refsect1" lang="en"><a name="id301481"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    200200        were created by Andrew Tridgell. Samba is now developed
    201201        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/samba.7.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>samba</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="samba.7"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>samba &#8212; A Windows SMB/CIFS fileserver for UNIX</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">samba</code> </p></div></div><div class="refsect1" lang="en"><a name="id263116"></a><h2>DESCRIPTION</h2><p>The Samba software suite is a collection of programs
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>samba</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="samba.7"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>samba &#8212; A Windows SMB/CIFS fileserver for UNIX</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">samba</code> </p></div></div><div class="refsect1" lang="en"><a name="id291817"></a><h2>DESCRIPTION</h2><p>The Samba software suite is a collection of programs
    22        that implements the Server Message Block (commonly abbreviated
    33        as SMB) protocol for UNIX systems. This protocol is sometimes
     
    6464                mount CIFS/SMB shares on Linux.
    6565                </p></dd><dt><span class="term"><a href="smbcquotas.1.html"><span class="citerefentry"><span class="refentrytitle">smbcquotas</span>(1)</span></a></span></dt><dd><p><span><strong class="command">smbcquotas</strong></span> is a tool that
    66                 can set remote QUOTA's on server with NTFS 5. </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id272028"></a><h2>COMPONENTS</h2><p>The Samba suite is made up of several components. Each
     66                can set remote QUOTA's on server with NTFS 5. </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id300727"></a><h2>COMPONENTS</h2><p>The Samba suite is made up of several components. Each
    6767        component is described in a separate manual page. It is strongly
    6868        recommended that you read the documentation that comes with Samba
     
    7373        <a href="http://samba.org/" target="_top">http://www.samba.org/</a> and
    7474        explore the many option available to you.
    75         </p></div><div class="refsect1" lang="en"><a name="id272057"></a><h2>AVAILABILITY</h2><p>The Samba software suite is licensed under the
     75        </p></div><div class="refsect1" lang="en"><a name="id300756"></a><h2>AVAILABILITY</h2><p>The Samba software suite is licensed under the
    7676        GNU Public License(GPL). A copy of that license should
    7777        have come with the package in the file COPYING. You are
     
    8787        or Konqueror) then you will also find lots of useful information,
    8888        including back issues of the Samba mailing list, at
    89         <a href="http://lists.samba.org/" target="_top">http://lists.samba.org</a>.</p></div><div class="refsect1" lang="en"><a name="id272095"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the
    90         Samba suite. </p></div><div class="refsect1" lang="en"><a name="id272105"></a><h2>CONTRIBUTIONS</h2><p>If you wish to contribute to the Samba project,
     89        <a href="http://lists.samba.org/" target="_top">http://lists.samba.org</a>.</p></div><div class="refsect1" lang="en"><a name="id300794"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the
     90        Samba suite. </p></div><div class="refsect1" lang="en"><a name="id300805"></a><h2>CONTRIBUTIONS</h2><p>If you wish to contribute to the Samba project,
    9191        then I suggest you join the Samba mailing list at
    9292        <a href="http://lists.samba.org/" target="_top">http://lists.samba.org</a>.
     
    9494        <a href="http://devel.samba.org/" target="_top">http://devel.samba.org/</a>
    9595        for information on how to do it properly. We prefer patches
    96         in <span><strong class="command">diff -u</strong></span> format.</p></div><div class="refsect1" lang="en"><a name="id272138"></a><h2>CONTRIBUTORS</h2><p>Contributors to the project are now too numerous
     96        in <span><strong class="command">diff -u</strong></span> format.</p></div><div class="refsect1" lang="en"><a name="id300837"></a><h2>CONTRIBUTORS</h2><p>Contributors to the project are now too numerous
    9797        to mention here but all deserve the thanks of all Samba
    9898        users. To see a full list, look at the
     
    102102        for the contributors to Samba post-CVS. CVS is the Open Source
    103103        source code control system used by the Samba Team to develop
    104         Samba. The project would have been unmanageable without it.</p></div><div class="refsect1" lang="en"><a name="id272163"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     104        Samba. The project would have been unmanageable without it.</p></div><div class="refsect1" lang="en"><a name="id300862"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    105105        were created by Andrew Tridgell. Samba is now developed
    106106        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/smb.conf.5.html

    r30 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smb.conf</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="smb.conf.5"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>smb.conf &#8212; The configuration file for the Samba suite</p></div><div class="refsect1" lang="en"><a name="id263106"></a><h2>SYNOPSIS</h2><p>
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smb.conf</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="smb.conf.5"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>smb.conf &#8212; The configuration file for the Samba suite</p></div><div class="refsect1" lang="en"><a name="id291806"></a><h2>SYNOPSIS</h2><p>
    22        The <code class="filename">smb.conf</code> file is a configuration  file for the Samba suite. <code class="filename">smb.conf</code> contains  runtime configuration information for the Samba programs. The
    33         <code class="filename">smb.conf</code> file is designed to be configured and administered by the
     
    2727        which may be given as yes/no, 0/1 or true/false. Case is not significant in boolean values, but is preserved
    2828        in string values. Some items such as create masks are numeric.
    29         </p></div><div class="refsect1" lang="en"><a name="id231177"></a><h2>SECTION DESCRIPTIONS</h2><p>
     29        </p></div><div class="refsect1" lang="en"><a name="id259593"></a><h2>SECTION DESCRIPTIONS</h2><p>
    3030        Each section in the configuration file (except for the [global] section) describes a shared resource (known as
    3131        a &#8220;<span class="quote">share</span>&#8221;). The section name is the name of the shared resource and the parameters within the
     
    5656</p><pre class="programlisting">
    5757        <em class="parameter"><code>[foo]</code></em>
    58         <a class="indexterm" name="id231463"></a>path = /home/bar
    59         <a class="indexterm" name="id231470"></a>read only = no
     58        <a class="indexterm" name="id259430"></a>path = /home/bar
     59        <a class="indexterm" name="id259437"></a>read only = no
    6060</pre><p>
    6161        </p><p>
     
    6565</p><pre class="programlisting">
    6666        <em class="parameter"><code>[aprinter]</code></em>
    67         <a class="indexterm" name="id231497"></a>path = /usr/spool/public
    68         <a class="indexterm" name="id231504"></a>read only = yes
    69         <a class="indexterm" name="id231512"></a>printable = yes
    70         <a class="indexterm" name="id231519"></a>guest ok = yes
     67        <a class="indexterm" name="id260380"></a>path = /usr/spool/public
     68        <a class="indexterm" name="id260387"></a>read only = yes
     69        <a class="indexterm" name="id260394"></a>printable = yes
     70        <a class="indexterm" name="id260401"></a>guest ok = yes
    7171</pre><p>
    72         </p></div><div class="refsect1" lang="en"><a name="id231529"></a><h2>SPECIAL SECTIONS</h2><div class="refsect2" lang="en"><a name="id231534"></a><h3>The [global] section</h3><p>
     72        </p></div><div class="refsect1" lang="en"><a name="id260411"></a><h2>SPECIAL SECTIONS</h2><div class="refsect2" lang="en"><a name="id260417"></a><h3>The [global] section</h3><p>
    7373                Parameters in this section apply to the server as a whole, or are defaults for sections that do not
    7474                specifically define certain items. See the notes under PARAMETERS for more information.
     
    106106</p><pre class="programlisting">
    107107<em class="parameter"><code>[homes]</code></em>
    108 <a class="indexterm" name="id230577"></a>read only = no
     108<a class="indexterm" name="id260154"></a>read only = no
    109109</pre><p>
    110110                </p><p>
     
    138138</p><pre class="programlisting">
    139139<em class="parameter"><code>[printers]</code></em>
    140 <a class="indexterm" name="id271778"></a>path = /usr/spool/public
    141 <a class="indexterm" name="id271785"></a>guest ok = yes
    142 <a class="indexterm" name="id271792"></a>printable = yes
     140<a class="indexterm" name="id300477"></a>path = /usr/spool/public
     141<a class="indexterm" name="id300484"></a>guest ok = yes
     142<a class="indexterm" name="id300492"></a>printable = yes
    143143</pre><p>
    144144                </p><p>
     
    161161                <code class="literal">printcap name = lpstat</code> to automatically obtain a list of printers. See the
    162162                <code class="literal">printcap name</code> option for more details.
    163                 </p></div></div></div><div class="refsect1" lang="en"><a name="id271850"></a><h2>USERSHARES</h2><p>Starting with Samba version 3.0.23 the capability for non-root users to add, modify, and delete
     163                </p></div></div></div><div class="refsect1" lang="en"><a name="id300549"></a><h2>USERSHARES</h2><p>Starting with Samba version 3.0.23 the capability for non-root users to add, modify, and delete
    164164        their own share definitions has been added. This capability is called <span class="emphasis"><em>usershares</em></span> and
    165165        is controlled by a set of parameters in the [global] section of the smb.conf.
     
    179179
    180180</p><pre class="programlisting">
    181         <a class="indexterm" name="id271980"></a>usershare path = /usr/local/samba/lib/usershares
    182         <a class="indexterm" name="id271987"></a>usershare max shares = 10 # (or the desired number of shares)
     181        <a class="indexterm" name="id300679"></a>usershare path = /usr/local/samba/lib/usershares
     182        <a class="indexterm" name="id300686"></a>usershare max shares = 10 # (or the desired number of shares)
    183183</pre><p>
    184184
    185185        to the global
    186186        section of your <code class="filename">smb.conf</code>. Members of the group foo may then manipulate the user defined shares
    187         using the following commands.</p><div class="variablelist"><dl><dt><span class="term">net usershare add sharename path [comment] [acl] [guest_ok=[y|n]]</span></dt><dd><p>To create or modify (overwrite) a user defined share.</p></dd><dt><span class="term">net usershare delete sharename</span></dt><dd><p>To delete a user defined share.</p></dd><dt><span class="term">net usershare list wildcard-sharename</span></dt><dd><p>To list user defined shares.</p></dd><dt><span class="term">net usershare info wildcard-sharename</span></dt><dd><p>To print information about user defined shares.</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id272054"></a><h2>PARAMETERS</h2><p>Parameters define the specific attributes of sections.</p><p>
     187        using the following commands.</p><div class="variablelist"><dl><dt><span class="term">net usershare add sharename path [comment] [acl] [guest_ok=[y|n]]</span></dt><dd><p>To create or modify (overwrite) a user defined share.</p></dd><dt><span class="term">net usershare delete sharename</span></dt><dd><p>To delete a user defined share.</p></dd><dt><span class="term">net usershare list wildcard-sharename</span></dt><dd><p>To list user defined shares.</p></dd><dt><span class="term">net usershare info wildcard-sharename</span></dt><dd><p>To print information about user defined shares.</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id300754"></a><h2>PARAMETERS</h2><p>Parameters define the specific attributes of sections.</p><p>
    188188        Some parameters are specific to the [global] section (e.g., <span class="emphasis"><em>security</em></span>).  Some parameters
    189189        are usable in all sections (e.g., <span class="emphasis"><em>create mask</em></span>). All others are permissible only in normal
     
    197197        find them! Where there are synonyms, the preferred synonym is described, others refer to the preferred
    198198        synonym.
    199         </p></div><div class="refsect1" lang="en"><a name="id272095"></a><h2>VARIABLE SUBSTITUTIONS</h2><p>
     199        </p></div><div class="refsect1" lang="en"><a name="id300795"></a><h2>VARIABLE SUBSTITUTIONS</h2><p>
    200200        Many of the strings that are settable in the config file can take substitutions. For example the option
    201201        &#8220;<span class="quote">path = /tmp/%u</span>&#8221; is interpreted as &#8220;<span class="quote">path = /tmp/john</span>&#8221; if the user connected with the
     
    254254                controls what the default case is for new filenames (ie. files that don't currently exist in the filesystem).
    255255                Default <span class="emphasis"><em>lower</em></span>.  IMPORTANT NOTE: This option will be used to modify the case of
    256                 <span class="emphasis"><em>all</em></span> incoming client filenames, not just new filenames if the options <a class="indexterm" name="id272536"></a>case sensitive = yes, <a class="indexterm" name="id272543"></a>preserve case = No,
    257                 <a class="indexterm" name="id272550"></a>short preserve case = No are set.  This change is needed as part of the
     256                <span class="emphasis"><em>all</em></span> incoming client filenames, not just new filenames if the options <a class="indexterm" name="id301235"></a>case sensitive = yes, <a class="indexterm" name="id301242"></a>preserve case = No,
     257                <a class="indexterm" name="id301249"></a>short preserve case = No are set.  This change is needed as part of the
    258258                optimisations for directories containing large numbers of files.
    259259                </p></dd><dt><span class="term">preserve case = yes/no</span></dt><dd><p>
     
    301301                If the service is a guest service, a connection is made as the username given in the <code class="literal">guest account
    302302                =</code> for the service, irrespective of the supplied password.
    303                 </p></li></ol></div></div><div class="refsect1" lang="en"><a name="id272744"></a><h2>EXPLANATION OF EACH PARAMETER</h2><div class="variablelist"><dl><dt><span class="term"><a name="ABORTSHUTDOWNSCRIPT"></a>abort shutdown script (G)</span></dt><dd><p>This a full path name to a script called by <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> that
    304         should stop a shutdown procedure issued by the <a class="indexterm" name="id272784"></a>shutdown script.</p><p>If the connected user posseses the <code class="constant">SeRemoteShutdownPrivilege</code>,
     303                </p></li></ol></div></div><div class="refsect1" lang="en"><a name="id301444"></a><h2>EXPLANATION OF EACH PARAMETER</h2><div class="variablelist"><dl><dt><span class="term"><a name="ABORTSHUTDOWNSCRIPT"></a>abort shutdown script (G)</span></dt><dd><p>This a full path name to a script called by <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> that
     304        should stop a shutdown procedure issued by the <a class="indexterm" name="id301484"></a>shutdown script.</p><p>If the connected user posseses the <code class="constant">SeRemoteShutdownPrivilege</code>,
    305305        right, this command will be run as user.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>abort shutdown script</code></em> = ""
    306306</em></span>
     
    352352        control the permissions on a file or directory they have group ownership on.
    353353        </p><p>
    354         This parameter is best used with the <a class="indexterm" name="id272985"></a>inherit owner option and also
     354        This parameter is best used with the <a class="indexterm" name="id301685"></a>inherit owner option and also
    355355        on on a share containing directories with the UNIX <span class="emphasis"><em>setgid bit</em></span> bit set
    356356        on them, which causes new files and directories created within it to inherit the group
     
    384384        added to Samba's domain and a Unix account matching the machine's name appended with a "$" does not
    385385        already exist.
    386         </p><p>This option is very similar to the <a class="indexterm" name="id273163"></a>add user script, and likewise uses the %u
     386        </p><p>This option is very similar to the <a class="indexterm" name="id301862"></a>add user script, and likewise uses the %u
    387387        substitution for the account name.  Do not use the %m
    388388        substitution.  </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>add machine script</code></em> =
     
    454454                        </p></li></ul></div><p>
    455455        This parameter is only used for add file shares.  To add printer shares,
    456         see the <a class="indexterm" name="id273574"></a>addprinter command.
     456        see the <a class="indexterm" name="id302273"></a>addprinter command.
    457457        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>add share command</code></em> =
    458458</em></span>
     
    471471        </p><p>
    472472        In order to use this option, <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> must <span class="emphasis"><em>NOT</em></span> be set to
    473         <a class="indexterm" name="id229350"></a>security = share and <a class="indexterm" name="id229357"></a>add user script
     473        <a class="indexterm" name="id258179"></a>security = share and <a class="indexterm" name="id258186"></a>add user script
    474474        must be set to a full pathname for a script that will create a UNIX user given one argument of
    475475        <em class="parameter"><code>%u</code></em>, which expands into the UNIX user name to create.
    476476        </p><p>
    477477        When the Windows user attempts to access the Samba server, at login (session setup in
    478         the SMB protocol) time, <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> contacts the <a class="indexterm" name="id229383"></a>password server
     478        the SMB protocol) time, <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> contacts the <a class="indexterm" name="id258212"></a>password server
    479479        and attempts to authenticate the given user with the given password. If the authentication
    480480        succeeds then <span><strong class="command">smbd</strong></span> attempts to find a UNIX user in the UNIX
    481481        password database to map the Windows user into. If this lookup fails, and
    482         <a class="indexterm" name="id229398"></a>add user script is set then <span><strong class="command">smbd</strong></span> will
     482        <a class="indexterm" name="id258227"></a>add user script is set then <span><strong class="command">smbd</strong></span> will
    483483        call the specified script <span class="emphasis"><em>AS ROOT</em></span>, expanding any
    484484        <em class="parameter"><code>%u</code></em> argument to be the user name to create.
     
    488488        match existing Windows NT accounts.
    489489        </p><p>
    490         See also <a class="indexterm" name="id273817"></a>security, <a class="indexterm" name="id273824"></a>password server,
    491         <a class="indexterm" name="id273831"></a>delete user script.
     490        See also <a class="indexterm" name="id302516"></a>security, <a class="indexterm" name="id302523"></a>password server,
     491        <a class="indexterm" name="id302530"></a>delete user script.
    492492        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>add user script</code></em> =
    493493</em></span>
     
    510510    will do all file operations as the super-user (root).</p><p>You should use this option very carefully, as any user in
    511511    this list will be able to do anything they like on the share,
    512     irrespective of file permissions.</p><p>This parameter will not work with the <a class="indexterm" name="id273971"></a>security = share in
     512    irrespective of file permissions.</p><p>This parameter will not work with the <a class="indexterm" name="id302671"></a>security = share in
    513513    Samba 3.0.  This is by design.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>admin users</code></em> =
    514514</em></span>
     
    560560</em></span>
    561561</p></dd><dt><span class="term"><a name="ALLOWTRUSTEDDOMAINS"></a>allow trusted domains (G)</span></dt><dd><p>
    562     This option only takes effect when the <a class="indexterm" name="id274224"></a>security option is set to
     562    This option only takes effect when the <a class="indexterm" name="id302924"></a>security option is set to
    563563    <code class="constant">server</code>, <code class="constant">domain</code> or <code class="constant">ads</code>. 
    564564    If it is set to no, then attempts to connect to a resource from
     
    595595</p></dd><dt><span class="term"><a name="AUTHMETHODS"></a>auth methods (G)</span></dt><dd><p>
    596596    This option allows the administrator to chose what authentication methods <span><strong class="command">smbd</strong></span>
    597     will use when authenticating a user. This option defaults to sensible values based on <a class="indexterm" name="id274394"></a>security. 
     597    will use when authenticating a user. This option defaults to sensible values based on <a class="indexterm" name="id303094"></a>security. 
    598598    This should be considered a developer option and used only in rare circumstances.  In the majority (if not all)
    599599    of production servers, the default setting should be adequate.
     
    623623        affects file service <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> and name service <a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> in a slightly different ways.</p><p>
    624624        For name service it causes <span><strong class="command">nmbd</strong></span> to bind to ports 137 and 138 on the
    625         interfaces listed in the <a class="indexterm" name="id274548"></a>interfaces parameter. <span><strong class="command">nmbd</strong></span>
     625        interfaces listed in the <a class="indexterm" name="id303248"></a>interfaces parameter. <span><strong class="command">nmbd</strong></span>
    626626        also binds to the "all addresses" interface (0.0.0.0) on ports 137 and 138 for the purposes of
    627627        reading broadcast messages.  If this option is not set then <span><strong class="command">nmbd</strong></span> will
    628         service name requests on all of these sockets. If <a class="indexterm" name="id274569"></a>bind interfaces only is set then
     628        service name requests on all of these sockets. If <a class="indexterm" name="id303269"></a>bind interfaces only is set then
    629629         <span><strong class="command">nmbd</strong></span> will check the source address of any packets coming in on the
    630630        broadcast sockets and discard any that don't match the broadcast addresses of the interfaces in the
    631         <a class="indexterm" name="id274584"></a>interfaces parameter list.  As unicast packets are received on the other sockets it
     631        <a class="indexterm" name="id303283"></a>interfaces parameter list.  As unicast packets are received on the other sockets it
    632632        allows <span><strong class="command">nmbd</strong></span> to refuse to serve names to machines that send packets that
    633         arrive through any interfaces not listed in the <a class="indexterm" name="id274598"></a>interfaces list.  IP Source address
     633        arrive through any interfaces not listed in the <a class="indexterm" name="id303298"></a>interfaces list.  IP Source address
    634634        spoofing does defeat this simple check, however, so it must not be used seriously as a security feature for
    635635         <span><strong class="command">nmbd</strong></span>.
    636636        </p><p>
    637         For file service it causes <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> to bind only to the interface list given in the <a class="indexterm" name="id274624"></a>interfaces parameter. This restricts the networks that <span><strong class="command">smbd</strong></span> will
     637        For file service it causes <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> to bind only to the interface list given in the <a class="indexterm" name="id303323"></a>interfaces parameter. This restricts the networks that <span><strong class="command">smbd</strong></span> will
    638638        serve to packets coming in those interfaces.  Note that you should not use this parameter for machines that
    639639        are serving PPP or other intermittent or non-broadcast network interfaces as it will not cope with
    640640        non-permanent interfaces.
    641641        </p><p>
    642         If <a class="indexterm" name="id274642"></a>bind interfaces only is set then unless the network address
    643          <span class="emphasis"><em>127.0.0.1</em></span> is added to the <a class="indexterm" name="id274654"></a>interfaces parameter list
     642        If <a class="indexterm" name="id303342"></a>bind interfaces only is set then unless the network address
     643         <span class="emphasis"><em>127.0.0.1</em></span> is added to the <a class="indexterm" name="id303353"></a>interfaces parameter list
    644644         <a href="smbpasswd.8.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(8)</span></a> and
    645645         <a href="swat.8.html"><span class="citerefentry"><span class="refentrytitle">swat</span>(8)</span></a> may not work as
     
    648648        To change a users SMB password, the <span><strong class="command">smbpasswd</strong></span> by default connects to the
    649649         <span class="emphasis"><em>localhost - 127.0.0.1</em></span> address as an SMB client to issue the password change request. If
    650         <a class="indexterm" name="id274691"></a>bind interfaces only is set then unless the network address
    651          <span class="emphasis"><em>127.0.0.1</em></span> is added to the <a class="indexterm" name="id274702"></a>interfaces parameter list then <span><strong class="command"> smbpasswd</strong></span> will fail to connect in it's default mode.  <span><strong class="command">smbpasswd</strong></span> can be forced to use the primary IP interface of the local host by using
     650        <a class="indexterm" name="id303391"></a>bind interfaces only is set then unless the network address
     651         <span class="emphasis"><em>127.0.0.1</em></span> is added to the <a class="indexterm" name="id303402"></a>interfaces parameter list then <span><strong class="command"> smbpasswd</strong></span> will fail to connect in it's default mode.  <span><strong class="command">smbpasswd</strong></span> can be forced to use the primary IP interface of the local host by using
    652652        its <a href="smbpasswd.8.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(8)</span></a>    <em class="parameter"><code>-r <em class="replaceable"><code>remote machine</code></em></code></em> parameter, with <em class="replaceable"><code>remote
    653653        machine</code></em> set to the IP name of the primary interface of the local host.
     
    693693        this.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>browse list</code></em> = yes
    694694</em></span>
    695 </p></dd><dt><span class="term"><a name="CASESIGNAMES"></a>casesignames</span></dt><dd><p>This parameter is a synonym for case sensitive.</p></dd><dt><span class="term"><a name="CASESENSITIVE"></a>case sensitive (S)</span></dt><dd><p>See the discussion in the section <a class="indexterm" name="id275081"></a>name mangling.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>case sensitive</code></em> = no
     695</p></dd><dt><span class="term"><a name="CASESIGNAMES"></a>casesignames</span></dt><dd><p>This parameter is a synonym for case sensitive.</p></dd><dt><span class="term"><a name="CASESENSITIVE"></a>case sensitive (S)</span></dt><dd><p>See the discussion in the section <a class="indexterm" name="id303781"></a>name mangling.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>case sensitive</code></em> = no
    696696</em></span>
    697697</p></dd><dt><span class="term"><a name="CHANGENOTIFY"></a>change notify (S)</span></dt><dd><p>This parameter specifies whether Samba should reply
     
    768768</p></dd><dt><span class="term"><a name="CLIENTSCHANNEL"></a>client schannel (G)</span></dt><dd><p>
    769769    This controls whether the client offers or even demands the use of the netlogon schannel.
    770     <a class="indexterm" name="id275554"></a>client schannel = no does not offer the schannel,
    771     <a class="indexterm" name="id275561"></a>client schannel = auto offers the schannel but does not
    772     enforce it, and <a class="indexterm" name="id275569"></a>client schannel = yes denies access
     770    <a class="indexterm" name="id304254"></a>client schannel = no does not offer the schannel,
     771    <a class="indexterm" name="id304261"></a>client schannel = auto offers the schannel but does not
     772    enforce it, and <a class="indexterm" name="id304268"></a>client schannel = yes denies access
    773773    if the server is not able to speak netlogon schannel.
    774774    </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>client schannel</code></em> = auto
     
    794794        neighborhood or via <span><strong class="command">net view</strong></span> to list what shares
    795795        are available.</p><p>If you want to set the string that is displayed next to the
    796                 machine name then see the <a class="indexterm" name="id275717"></a>server string parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>comment</code></em> =
     796                machine name then see the <a class="indexterm" name="id304416"></a>server string parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>comment</code></em> =
    797797# No comment
    798798</em></span>
     
    829829        </p><p>
    830830        Following this Samba will bit-wise 'OR' the UNIX mode created from this parameter with the value of the
    831         <a class="indexterm" name="id275925"></a>force create mode parameter which is set to 000 by default.
    832         </p><p>
    833         This parameter does not affect directory masks. See the parameter <a class="indexterm" name="id275936"></a>directory mask
     831        <a class="indexterm" name="id304624"></a>force create mode parameter which is set to 000 by default.
     832        </p><p>
     833        This parameter does not affect directory masks. See the parameter <a class="indexterm" name="id304636"></a>directory mask
    834834        for details.
    835835        </p><p>
    836836        Note that this parameter does not apply to permissions set by Windows NT/2000 ACL editors. If the
    837         administrator wishes to enforce a mask on access control lists also, they need to set the <a class="indexterm" name="id275948"></a>security mask.
     837        administrator wishes to enforce a mask on access control lists also, they need to set the <a class="indexterm" name="id304648"></a>security mask.
    838838        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>create mask</code></em> = 0744
    839839</em></span>
     
    847847        </p><p>
    848848        For example, shares containing roaming profiles can have offline caching disabled using
    849         <a class="indexterm" name="id276013"></a>csc policy = disable.
     849        <a class="indexterm" name="id304713"></a>csc policy = disable.
    850850        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>csc policy</code></em> = manual
    851851</em></span>
     
    853853</em></span>
    854854</p></dd><dt><span class="term"><a name="CUPSOPTIONS"></a>cups options (S)</span></dt><dd><p>
    855     This parameter is only applicable if <a class="indexterm" name="id276066"></a>printing is
     855    This parameter is only applicable if <a class="indexterm" name="id304765"></a>printing is
    856856    set to <code class="constant">cups</code>.  Its value is a free form string of options
    857857    passed directly to the cups library. 
     
    872872</em></span>
    873873</p></dd><dt><span class="term"><a name="CUPSSERVER"></a>cups server (G)</span></dt><dd><p>
    874     This parameter is only applicable if <a class="indexterm" name="id276149"></a>printing is set to <code class="constant">cups</code>.
     874    This parameter is only applicable if <a class="indexterm" name="id304848"></a>printing is set to <code class="constant">cups</code>.
    875875    </p><p>
    876876   If set, this option overrides the ServerName option in the CUPS <code class="filename">client.conf</code>. This is
     
    901901    boolean parameter adds microsecond resolution to the timestamp  message header when turned on.
    902902    </p><p>
    903     Note that the parameter <a class="indexterm" name="id276299"></a>debug timestamp must be on for this to have an effect.
     903    Note that the parameter <a class="indexterm" name="id304999"></a>debug timestamp must be on for this to have an effect.
    904904    </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>debug hires timestamp</code></em> = no
    905905</em></span>
     
    909909    logfile when turned on.
    910910    </p><p>
    911     Note that the parameter <a class="indexterm" name="id276352"></a>debug timestamp must be on for this to have an effect.
     911    Note that the parameter <a class="indexterm" name="id305052"></a>debug timestamp must be on for this to have an effect.
    912912    </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>debug pid</code></em> = no
    913913</em></span>
    914914</p></dd><dt><span class="term"><a name="DEBUGPREFIXTIMESTAMP"></a>debug prefix timestamp (G)</span></dt><dd><p>
    915915    With this option enabled, the timestamp message header is prefixed to the debug message without the
    916     filename and function information that is included with the <a class="indexterm" name="id276395"></a>debug timestamp
     916    filename and function information that is included with the <a class="indexterm" name="id305095"></a>debug timestamp
    917917    parameter. This gives timestamps to the messages without adding an additional line.
    918918    </p><p>
    919     Note that this parameter overrides the <a class="indexterm" name="id276406"></a>debug timestamp parameter.
     919    Note that this parameter overrides the <a class="indexterm" name="id305106"></a>debug timestamp parameter.
    920920    </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>debug prefix timestamp</code></em> = no
    921921</em></span>
    922922</p></dd><dt><span class="term"><a name="TIMESTAMPLOGS"></a>timestamp logs</span></dt><dd><p>This parameter is a synonym for debug timestamp.</p></dd><dt><span class="term"><a name="DEBUGTIMESTAMP"></a>debug timestamp (G)</span></dt><dd><p>
    923923    Samba debug log messages are timestamped by default. If you are running at a high
    924     <a class="indexterm" name="id276468"></a>debug level these timestamps can be distracting. This
     924    <a class="indexterm" name="id305168"></a>debug level these timestamps can be distracting. This
    925925    boolean parameter allows timestamping to be turned off.
    926926        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>debug timestamp</code></em> = yes
     
    930930    current euid, egid, uid and gid to the timestamp message headers in the log file if turned on.
    931931    </p><p>
    932     Note that the parameter <a class="indexterm" name="id276514"></a>debug timestamp must be on for this to have an effect.
     932    Note that the parameter <a class="indexterm" name="id305213"></a>debug timestamp must be on for this to have an effect.
    933933    </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>debug uid</code></em> = no
    934934</em></span>
    935 </p></dd><dt><span class="term"><a name="DEFAULTCASE"></a>default case (S)</span></dt><dd><p>See the section on <a class="indexterm" name="id276554"></a>name mangling.
    936         Also note the <a class="indexterm" name="id276561"></a>short preserve case parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>default case</code></em> = lower
    937 </em></span>
    938 </p></dd><dt><span class="term"><a name="DEFAULTDEVMODE"></a>default devmode (S)</span></dt><dd><p>This parameter is only applicable to <a class="indexterm" name="id276602"></a>printable services.
     935</p></dd><dt><span class="term"><a name="DEFAULTCASE"></a>default case (S)</span></dt><dd><p>See the section on <a class="indexterm" name="id305254"></a>name mangling.
     936        Also note the <a class="indexterm" name="id305261"></a>short preserve case parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>default case</code></em> = lower
     937</em></span>
     938</p></dd><dt><span class="term"><a name="DEFAULTDEVMODE"></a>default devmode (S)</span></dt><dd><p>This parameter is only applicable to <a class="indexterm" name="id305301"></a>printable services.
    939939    When smbd is serving Printer Drivers to Windows NT/2k/XP clients, each printer on the Samba
    940940    server has a Device Mode which defines things such as paper size and
     
    965965        parameter is not given, attempting to connect to a nonexistent
    966966        service results in an error.</p><p>
    967         Typically the default service would be a <a class="indexterm" name="id276709"></a>guest ok, <a class="indexterm" name="id276716"></a>read-only service.</p><p>Also note that the apparent service name will be changed to equal
     967        Typically the default service would be a <a class="indexterm" name="id305408"></a>guest ok, <a class="indexterm" name="id305415"></a>read-only service.</p><p>Also note that the apparent service name will be changed to equal
    968968        that of the requested service, this is very useful as it allows you to use macros like <em class="parameter"><code>%S</code></em> to make a wildcard service.
    969969        </p><p>Note also that any "_" characters in the name of the service
     
    997997    DeletePrinter() RPC call.</p><p>For a Samba host this means that the printer must be
    998998    physically deleted from underlying printing system.  The
    999     <a class="indexterm" name="id276887"></a>deleteprinter command defines a script to be run which
     999    <a class="indexterm" name="id305586"></a>deleteprinter command defines a script to be run which
    10001000    will perform the necessary operations for removing the printer
    10011001    from the print system and from <code class="filename">smb.conf</code>.
    1002     </p><p>The <a class="indexterm" name="id276904"></a>deleteprinter command is
    1003     automatically called with only one parameter: <a class="indexterm" name="id276912"></a>printer name.
    1004         </p><p>Once the <a class="indexterm" name="id276922"></a>deleteprinter command has
     1002    </p><p>The <a class="indexterm" name="id305604"></a>deleteprinter command is
     1003    automatically called with only one parameter: <a class="indexterm" name="id305611"></a>printer name.
     1004        </p><p>Once the <a class="indexterm" name="id305622"></a>deleteprinter command has
    10051005    been executed, <span><strong class="command">smbd</strong></span> will reparse the <code class="filename">
    10061006    smb.conf</code> to associated printer no longer exists. 
     
    10321032                        </p></li></ul></div><p>
    10331033        This parameter is only used to remove file shares.  To delete printer shares,
    1034         see the <a class="indexterm" name="id277110"></a>deleteprinter command.
     1034        see the <a class="indexterm" name="id305810"></a>deleteprinter command.
    10351035        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>delete share command</code></em> =
    10361036</em></span>
     
    10571057</p></dd><dt><span class="term"><a name="DELETEVETOFILES"></a>delete veto files (S)</span></dt><dd><p>This option is used when Samba is attempting to
    10581058        delete a directory that contains one or more vetoed directories
    1059         (see the <a class="indexterm" name="id277300"></a>veto files
     1059        (see the <a class="indexterm" name="id306000"></a>veto files
    10601060        option).  If this option is set to <code class="constant">no</code> (the default) then if a vetoed
    10611061        directory contains any non-vetoed files or directories then the
     
    10651065        serving systems such as NetAtalk which create meta-files within
    10661066        directories you might normally veto DOS/Windows users from seeing
    1067         (e.g. <code class="filename">.AppleDouble</code>)</p><p>Setting <a class="indexterm" name="id277330"></a>delete veto files = yes allows these
     1067        (e.g. <code class="filename">.AppleDouble</code>)</p><p>Setting <a class="indexterm" name="id306030"></a>delete veto files = yes allows these
    10681068        directories to be  transparently deleted when the parent directory
    10691069        is deleted (so long as the user has permissions to do so).</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>delete veto files</code></em> = no
     
    10771077        This is a new parameter introduced in Samba version 3.0.21.  It specifies in seconds the time that smbd will
    10781078        cache the output of a disk free query. If set to zero (the default) no caching is done. This allows a heavily
    1079         loaded server to prevent rapid spawning of <a class="indexterm" name="id277385"></a>dfree command scripts increasing the load.
     1079        loaded server to prevent rapid spawning of <a class="indexterm" name="id306085"></a>dfree command scripts increasing the load.
    10801080        </p><p>
    10811081        By default this parameter is zero, meaning no caching will be done.
     
    10931093        </p><p>
    10941094        In Samba version 3.0.21 this parameter has been changed to be a per-share parameter, and in addition the
    1095         parameter <a class="indexterm" name="id277452"></a>dfree cache time was added to allow the output of this script to be cached
     1095        parameter <a class="indexterm" name="id306152"></a>dfree cache time was added to allow the output of this script to be cached
    10961096        for systems under heavy load.
    10971097        </p><p>
     
    11311131    and 'other' write bits from the UNIX mode, allowing only the
    11321132    user who owns the directory to modify it.</p><p>Following this Samba will bit-wise 'OR' the UNIX mode
    1133     created from this parameter with the value of the <a class="indexterm" name="id277580"></a>force directory mode parameter.
     1133    created from this parameter with the value of the <a class="indexterm" name="id306280"></a>force directory mode parameter.
    11341134    This parameter is set to 000 by default (i.e. no extra mode bits are added).</p><p>Note that this parameter does not apply to permissions
    11351135    set by Windows NT/2000 ACL editors. If the administrator wishes to enforce
    1136     a mask on access control lists also, they need to set the <a class="indexterm" name="id277593"></a>directory security mask.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>directory mask</code></em> = 0755
     1136    a mask on access control lists also, they need to set the <a class="indexterm" name="id306293"></a>directory security mask.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>directory mask</code></em> = 0755
    11371137</em></span>
    11381138</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>directory mask</code></em> = 0775
     
    11431143    box.</p><p>
    11441144        This parameter is applied as a mask (AND'ed with) to the changed permission bits, thus preventing any bits not
    1145         in this mask from being modified.  Make sure not to mix up this parameter with <a class="indexterm" name="id277652"></a>force  directory security mode, which works similar like this one but uses logical OR instead of AND.
     1145        in this mask from being modified.  Make sure not to mix up this parameter with <a class="indexterm" name="id306351"></a>force  directory security mode, which works similar like this one but uses logical OR instead of AND.
    11461146        Essentially, zero bits in this mask may be treated as a set of bits the user is not allowed to change.
    11471147        </p><p>If not set explicitly this parameter is set to 0777
     
    11771177        The default value is "LOCALE", which means automatically set, depending on the
    11781178        current locale. The value should generally be the same as the value of the parameter
    1179         <a class="indexterm" name="id277804"></a>unix charset.
     1179        <a class="indexterm" name="id306503"></a>unix charset.
    11801180        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>display charset</code></em> = "LOCALE" or "ASCII" (depending on the system)
    11811181</em></span>
     
    12091209        If set to <code class="constant">yes</code>, the Samba server will
    12101210        provide the netlogon service for Windows 9X network logons for the
    1211         <a class="indexterm" name="id277964"></a>workgroup it is in.
     1211        <a class="indexterm" name="id306664"></a>workgroup it is in.
    12121212        This will also cause the Samba server to act as a domain
    12131213        controller for NT4 style domain services. For more details on
     
    12201220        WAN-wide browse list collation. Setting this option causes <span><strong class="command">nmbd</strong></span> to claim a
    12211221        special domain specific NetBIOS name that identifies it as a domain master browser for its given
    1222         <a class="indexterm" name="id278022"></a>workgroup. Local master browsers in the same <a class="indexterm" name="id278029"></a>workgroup on
     1222        <a class="indexterm" name="id306721"></a>workgroup. Local master browsers in the same <a class="indexterm" name="id306728"></a>workgroup on
    12231223        broadcast-isolated subnets will give this <span><strong class="command">nmbd</strong></span> their local browse lists,
    12241224        and then ask <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> for a
     
    12271227        broadcast-isolated subnet.
    12281228        </p><p>
    1229         Note that Windows NT Primary Domain Controllers expect to be able to claim this <a class="indexterm" name="id278057"></a>workgroup specific special NetBIOS name that identifies them as domain master browsers for that
    1230         <a class="indexterm" name="id278064"></a>workgroup by default (i.e. there is no way to prevent a Windows NT PDC from attempting
     1229        Note that Windows NT Primary Domain Controllers expect to be able to claim this <a class="indexterm" name="id306756"></a>workgroup specific special NetBIOS name that identifies them as domain master browsers for that
     1230        <a class="indexterm" name="id306764"></a>workgroup by default (i.e. there is no way to prevent a Windows NT PDC from attempting
    12311231        to do this). This means that if this parameter is set and <span><strong class="command">nmbd</strong></span> claims the
    1232         special name for a <a class="indexterm" name="id278079"></a>workgroup before a Windows NT PDC is able to do so then cross
     1232        special name for a <a class="indexterm" name="id306778"></a>workgroup before a Windows NT PDC is able to do so then cross
    12331233        subnet browsing will behave strangely and may fail.
    12341234        </p><p>
    1235         If <a class="indexterm" name="id278090"></a>domain logons = yes, then the default behavior is to enable the
    1236         <a class="indexterm" name="id278097"></a>domain master parameter.  If <a class="indexterm" name="id278105"></a>domain logons is not enabled (the
    1237         default setting), then neither will <a class="indexterm" name="id278112"></a>domain master be enabled by default.
    1238         </p><p>
    1239         When <a class="indexterm" name="id278123"></a>domain logons = Yes the default setting for this parameter is
    1240         Yes, with the result that Samba will be a PDC. If <a class="indexterm" name="id278131"></a>domain master = No,
     1235        If <a class="indexterm" name="id306790"></a>domain logons = yes, then the default behavior is to enable the
     1236        <a class="indexterm" name="id306797"></a>domain master parameter.  If <a class="indexterm" name="id306804"></a>domain logons is not enabled (the
     1237        default setting), then neither will <a class="indexterm" name="id306812"></a>domain master be enabled by default.
     1238        </p><p>
     1239        When <a class="indexterm" name="id306822"></a>domain logons = Yes the default setting for this parameter is
     1240        Yes, with the result that Samba will be a PDC. If <a class="indexterm" name="id306830"></a>domain master = No,
    12411241        Samba will function as a BDC. In general, this parameter should be set to 'No' only on a BDC.
    12421242        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>domain master</code></em> = auto
     
    13441344    <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> must either
    13451345    have access to a local <a href="smbpasswd.5.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(5)</span></a> file (see the <a href="smbpasswd.8.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(8)</span></a> program for information on how to set up
    1346     and maintain this file), or set the <a class="indexterm" name="id278606"></a>security = [server|domain|ads] parameter which
     1346    and maintain this file), or set the <a class="indexterm" name="id307306"></a>security = [server|domain|ads] parameter which
    13471347    causes <span><strong class="command">smbd</strong></span> to authenticate against another
    13481348        server.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>encrypt passwords</code></em> = yes
     
    14201420        file open/close operations. This can give enormous performance benefits.
    14211421        </p><p>When you set <span><strong class="command">fake oplocks = yes</strong></span>, <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> will
    1422         always grant oplock requests no matter how many clients are using the file.</p><p>It is generally much better to use the real <a class="indexterm" name="id278911"></a>oplocks support rather
     1422        always grant oplock requests no matter how many clients are using the file.</p><p>It is generally much better to use the real <a class="indexterm" name="id307611"></a>oplocks support rather
    14231423        than this parameter.</p><p>If you enable this option on all read-only shares or
    14241424        shares that you know will only be accessed from one client at a
     
    14701470        </p><p>
    14711471        This parameter is applied as a mask (OR'ed with) to the changed permission bits, thus forcing any bits in this
    1472         mask that the user may have modified to be on.  Make sure not to mix up this parameter with <a class="indexterm" name="id279154"></a>directory security mask, which works in a similar manner to this one, but uses a logical AND instead
     1472        mask that the user may have modified to be on.  Make sure not to mix up this parameter with <a class="indexterm" name="id307854"></a>directory security mask, which works in a similar manner to this one, but uses a logical AND instead
    14731473        of an OR.
    14741474        </p><p>
     
    15041504    primary group assigned to sys when accessing this Samba share. All
    15051505    other users will retain their ordinary primary group.</p><p>
    1506         If the <a class="indexterm" name="id279266"></a>force user parameter is also set the group specified in
     1506        If the <a class="indexterm" name="id307966"></a>force user parameter is also set the group specified in
    15071507    <em class="parameter"><code>force group</code></em> will override the primary group
    15081508    set in <em class="parameter"><code>force user</code></em>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>force group</code></em> =
     
    15381538        </p><p>
    15391539        This parameter is applied as a mask (OR'ed with) to the changed permission bits, thus forcing any bits in this
    1540         mask that the user may have modified to be on.  Make sure not to mix up this parameter with <a class="indexterm" name="id279408"></a>security mask, which works similar like this one but uses logical AND instead of OR.
     1540        mask that the user may have modified to be on.  Make sure not to mix up this parameter with <a class="indexterm" name="id308108"></a>security mask, which works similar like this one but uses logical AND instead of OR.
    15411541        </p><p>
    15421542        Essentially, one bits in this mask may be treated as a set of bits that, when modifying security on a file,
     
    16061606    caching algorithm will be used to reduce the time taken for getwd()
    16071607    calls. This can have a significant impact on performance, especially
    1608     when the <a class="indexterm" name="id279813"></a>wide smbconfoptions parameter is set to <code class="constant">no</code>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>getwd cache</code></em> = yes
     1608    when the <a class="indexterm" name="id308512"></a>wide smbconfoptions parameter is set to <code class="constant">no</code>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>getwd cache</code></em> = yes
    16091609</em></span>
    16101610</p></dd><dt><span class="term"><a name="GUESTACCOUNT"></a>guest account (G)</span></dt><dd><p>This is a username which will be used for access
    1611     to services which are specified as <a class="indexterm" name="id279857"></a>guest ok (see below). Whatever privileges this
     1611    to services which are specified as <a class="indexterm" name="id308557"></a>guest ok (see below). Whatever privileges this
    16121612    user has will be available to any client connecting to the guest service.
    16131613    This user must exist in the password file, but does not require
     
    16281628</p></dd><dt><span class="term"><a name="PUBLIC"></a>public</span></dt><dd><p>This parameter is a synonym for guest ok.</p></dd><dt><span class="term"><a name="GUESTOK"></a>guest ok (S)</span></dt><dd><p>If this parameter is <code class="constant">yes</code> for
    16291629    a service, then no password is required to connect to the service.
    1630     Privileges will be those of the <a class="indexterm" name="id279965"></a>guest account.</p><p>This paramater nullifies the benifits of setting
    1631     <a class="indexterm" name="id279976"></a>restrict anonymous = 2
    1632         </p><p>See the section below on <a class="indexterm" name="id279986"></a>security for more information about this option.
     1630    Privileges will be those of the <a class="indexterm" name="id308664"></a>guest account.</p><p>This paramater nullifies the benifits of setting
     1631    <a class="indexterm" name="id308675"></a>restrict anonymous = 2
     1632        </p><p>See the section below on <a class="indexterm" name="id308686"></a>security for more information about this option.
    16331633        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>guest ok</code></em> = no
    16341634</em></span>
    16351635</p></dd><dt><span class="term"><a name="ONLYGUEST"></a>only guest</span></dt><dd><p>This parameter is a synonym for guest only.</p></dd><dt><span class="term"><a name="GUESTONLY"></a>guest only (S)</span></dt><dd><p>If this parameter is <code class="constant">yes</code> for
    16361636    a service, then only guest connections to the service are permitted.
    1637     This parameter will have no effect if <a class="indexterm" name="id280052"></a>guest ok is not set for the service.</p><p>See the section below on <a class="indexterm" name="id280063"></a>security for more information about this option.
     1637    This parameter will have no effect if <a class="indexterm" name="id308752"></a>guest ok is not set for the service.</p><p>See the section below on <a class="indexterm" name="id308762"></a>security for more information about this option.
    16381638        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>guest only</code></em> = no
    16391639</em></span>
     
    16771677</em></span>
    16781678</p></dd><dt><span class="term"><a name="HOMEDIRMAP"></a>homedir map (G)</span></dt><dd><p>
    1679         If <a class="indexterm" name="id280310"></a>nis homedir is <code class="constant">yes</code>, and <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> is also acting         as a Win95/98 <em class="parameter"><code>logon server</code></em>
     1679        If <a class="indexterm" name="id309010"></a>nis homedir is <code class="constant">yes</code>, and <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> is also acting         as a Win95/98 <em class="parameter"><code>logon server</code></em>
    16801680        then this parameter specifies the NIS (or YP) map from which the server for the user's  home directory should be extracted. 
    16811681        At present, only the Sun auto.home map format is understood. The form of the map is:
     
    16951695        Dfs trees hosted on the server.
    16961696        </p><p>
    1697         See also the <a class="indexterm" name="id280408"></a>msdfs root share  level  parameter.  For more  information  on
     1697        See also the <a class="indexterm" name="id309107"></a>msdfs root share  level  parameter.  For more  information  on
    16981698        setting  up a Dfs tree on Samba, refer to the MSFDS chapter in the book Samba3-HOWTO.
    16991699        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>host msdfs</code></em> = yes
     
    17071707</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>hostname lookups</code></em> = yes
    17081708</em></span>
    1709 </p></dd><dt><span class="term"><a name="ALLOWHOSTS"></a>allow hosts</span></dt><dd><p>This parameter is a synonym for hosts allow.</p></dd><dt><span class="term"><a name="HOSTSALLOW"></a>hosts allow (S)</span></dt><dd><p>A synonym for this parameter is <a class="indexterm" name="id280529"></a>allow hosts.</p><p>This parameter is a comma, space, or tab delimited
     1709</p></dd><dt><span class="term"><a name="ALLOWHOSTS"></a>allow hosts</span></dt><dd><p>This parameter is a synonym for hosts allow.</p></dd><dt><span class="term"><a name="HOSTSALLOW"></a>hosts allow (S)</span></dt><dd><p>A synonym for this parameter is <a class="indexterm" name="id309228"></a>allow hosts.</p><p>This parameter is a comma, space, or tab delimited
    17101710    set of hosts which are permitted to access a service.</p><p>If specified in the [global] section then it will
    17111711    apply to all services, regardless of whether the individual
     
    17171717    page may not be present on your system, so a brief description will
    17181718    be given here also.</p><p>Note that the localhost address 127.0.0.1 will always
    1719     be allowed access unless specifically denied by a <a class="indexterm" name="id280567"></a>hosts deny option.</p><p>You can also specify hosts by network/netmask pairs and
     1719    be allowed access unless specifically denied by a <a class="indexterm" name="id309266"></a>hosts deny option.</p><p>You can also specify hosts by network/netmask pairs and
    17201720    by netgroup names if your system supports netgroups. The
    17211721    <span class="emphasis"><em>EXCEPT</em></span> keyword can also be used to limit a
     
    17341734        In the event that it is necessary to deny all by default, use the keyword
    17351735        ALL (or the netmask <code class="literal">0.0.0.0/0</code>) and then explicitly specify
    1736         to the <a class="indexterm" name="id280743"></a>hosts allow = hosts allow parameter those hosts
     1736        to the <a class="indexterm" name="id309443"></a>hosts allow = hosts allow parameter those hosts
    17371737        that should be permitted access.
    17381738        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>hosts deny</code></em> =
     
    17441744        The idmap alloc backend provides a plugin interface for Winbind to use
    17451745        when allocating Unix uids/gids for Windows SIDs.  This option is
    1746         to be used in conjunction with the <a class="indexterm" name="id280798"></a>idmap domains
     1746        to be used in conjunction with the <a class="indexterm" name="id309497"></a>idmap domains
    17471747        parameter and refers to the name of the idmap module which will provide
    17481748        the id allocation functionality.  Please refer to the man page
     
    17501750        the allocation feature.  The most common plugins are the tdb (<a href="idmap_tdb.8.html"><span class="citerefentry"><span class="refentrytitle">idmap_tdb</span>(8)</span></a>)
    17511751        and ldap (<a href="idmap_ldap.8.html"><span class="citerefentry"><span class="refentrytitle">idmap_ldap</span>(8)</span></a>) libraries.
    1752         </p><p>Also refer to the <a class="indexterm" name="id280826"></a>idmap alloc config option.
     1752        </p><p>Also refer to the <a class="indexterm" name="id309526"></a>idmap alloc config option.
    17531753        </p><p><span class="emphasis"><em>No default</em></span></p><p>Example: <span class="emphasis"><em><em class="parameter"><code>idmap alloc backend</code></em> = tdb
    17541754</em></span>
    17551755</p></dd><dt><span class="term"><a name="IDMAPALLOCCONFIG"></a>idmap alloc config (G)</span></dt><dd><p>
    17561756        The idmap alloc config prefix provides a means of managing settings
    1757         for the backend defined by the <a class="indexterm" name="id280871"></a>idmap alloc backend
     1757        for the backend defined by the <a class="indexterm" name="id309571"></a>idmap alloc backend
    17581758        parameter.  Refer to the man page for each idmap plugin regarding
    17591759        specific configuration details.
     
    17621762        varying backends to store SID/uid/gid mapping tables.  This
    17631763        option is mutually exclusive with the newer and more flexible
    1764         <a class="indexterm" name="id280906"></a>idmap domains parameter.  The main difference
     1764        <a class="indexterm" name="id309606"></a>idmap domains parameter.  The main difference
    17651765        between the "idmap backend" and the "idmap domains"
    17661766        is that the former only allows on backend for all domains while the
     
    17771777</p></dd><dt><span class="term"><a name="IDMAPCONFIG"></a>idmap config (G)</span></dt><dd><p>
    17781778        The idmap config prefix provides a means of managing each domain
    1779         defined by the <a class="indexterm" name="id281018"></a>idmap domains option using Samba's
     1779        defined by the <a class="indexterm" name="id309718"></a>idmap domains option using Samba's
    17801780        parameteric option support.  The idmap config prefix should be
    17811781        followed by the name of the domain, a colon, and a setting specific to
     
    17911791                </p></dd><dt><span class="term">readonly = [yes|no]</span></dt><dd><p>
    17921792                        Mark the domain as readonly which means that no attempts to
    1793                         allocate a uid or gid (by the <a class="indexterm" name="id281066"></a>idmap alloc     backend) for any user or group in that domain
     1793                        allocate a uid or gid (by the <a class="indexterm" name="id309765"></a>idmap alloc     backend) for any user or group in that domain
    17941794                        will be attempted.
    17951795                </p></dd></dl></div><p>
     
    18101810        The idmap domains option defines a list of Windows domains which will each
    18111811        have a separately configured backend for managing Winbind's SID/uid/gid
    1812         tables.  This parameter is mutually exclusive with the older <a class="indexterm" name="id281133"></a>idmap backend option.
     1812        tables.  This parameter is mutually exclusive with the older <a class="indexterm" name="id309833"></a>idmap backend option.
    18131813        </p><p>
    18141814        Values consist of the short domain name for Winbind's primary or collection
     
    18161816        domain backend for any domain not explicitly listed.
    18171817        </p><p>
    1818         Refer to the <a class="indexterm" name="id281149"></a>idmap config for details about
     1818        Refer to the <a class="indexterm" name="id309849"></a>idmap config for details about
    18191819        managing the SID/uid/gid backend for each domain.
    18201820        </p><p><span class="emphasis"><em>No default</em></span></p><p>Example: <span class="emphasis"><em><em class="parameter"><code>idmap domains</code></em> = default AD CORP
     
    18241824        SIDs. This range of group ids should have no
    18251825        existing local or NIS groups within it as strange conflicts can
    1826         occur otherwise.</p><p>See also the <a class="indexterm" name="id281221"></a>idmap backend, <a class="indexterm" name="id281228"></a>idmap domains, and <a class="indexterm" name="id281235"></a>idmap config options.
     1826        occur otherwise.</p><p>See also the <a class="indexterm" name="id309921"></a>idmap backend, <a class="indexterm" name="id309928"></a>idmap domains, and <a class="indexterm" name="id309935"></a>idmap config options.
    18271827        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>idmap gid</code></em> =
    18281828</em></span>
     
    18371837        allocated for use in mapping UNIX users to NT user SIDs. This
    18381838        range of ids should have no existing local
    1839         or NIS users within it as strange conflicts can occur otherwise.</p><p>See also the <a class="indexterm" name="id281348"></a>idmap backend, <a class="indexterm" name="id281355"></a>idmap domains, and <a class="indexterm" name="id281362"></a>idmap config options.
     1839        or NIS users within it as strange conflicts can occur otherwise.</p><p>See also the <a class="indexterm" name="id310047"></a>idmap backend, <a class="indexterm" name="id310054"></a>idmap domains, and <a class="indexterm" name="id310062"></a>idmap config options.
    18401840        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>idmap uid</code></em> =
    18411841</em></span>
     
    18541854</p></dd><dt><span class="term"><a name="INHERITACLS"></a>inherit acls (S)</span></dt><dd><p>This parameter can be used to ensure that if default acls
    18551855    exist on parent directories, they are always honored when creating a
    1856     subdirectory. The default behavior is to use the mode specified when
    1857     creating the directory.  Enabling this option sets the mode to 0777,
    1858     thus guaranteeing that  default directory acls are propagated.
     1856    new file or subdirectory in these parent directories. The default
     1857    behavior is to use the unix mode specified when creating the directory.
     1858    Enabling this option sets the unix mode to 0777, thus guaranteeing that
     1859    default directory acls are propagated.
    18591860</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>inherit acls</code></em> = no
    18601861</em></span>
     
    18691870</em></span>
    18701871</p></dd><dt><span class="term"><a name="INHERITPERMISSIONS"></a>inherit permissions (S)</span></dt><dd><p>
    1871         The permissions on new files and directories are normally governed by <a class="indexterm" name="id281556"></a>create mask,
    1872         <a class="indexterm" name="id281563"></a>directory mask, <a class="indexterm" name="id281570"></a>force create mode and <a class="indexterm" name="id281577"></a>force directory mode but the boolean inherit permissions parameter overrides this.
     1872        The permissions on new files and directories are normally governed by <a class="indexterm" name="id310256"></a>create mask,
     1873        <a class="indexterm" name="id310263"></a>directory mask, <a class="indexterm" name="id310270"></a>force create mode and <a class="indexterm" name="id310277"></a>force directory mode but the boolean inherit permissions parameter overrides this.
    18731874        </p><p>New directories inherit the mode of the parent directory,
    18741875    including bits such as setgid.</p><p>
    18751876        New files inherit their read/write bits from the parent directory.  Their execute bits continue to be
    1876         determined by <a class="indexterm" name="id281593"></a>map archive, <a class="indexterm" name="id281600"></a>map hidden and <a class="indexterm" name="id281607"></a>map system as usual.
     1877        determined by <a class="indexterm" name="id310293"></a>map archive, <a class="indexterm" name="id310300"></a>map hidden and <a class="indexterm" name="id310307"></a>map system as usual.
    18771878        </p><p>Note that the setuid bit is <span class="emphasis"><em>never</em></span> set via
    18781879    inheritance (the code explicitly prohibits this).</p><p>This can be particularly useful on large systems with
     
    19251926</em></span>
    19261927</p></dd><dt><span class="term"><a name="IPRINTSERVER"></a>iprint server (G)</span></dt><dd><p>
    1927     This parameter is only applicable if <a class="indexterm" name="id281841"></a>printing is set to <code class="constant">iprint</code>.
     1928    This parameter is only applicable if <a class="indexterm" name="id310541"></a>printing is set to <code class="constant">iprint</code>.
    19281929    </p><p>
    19291930   If set, this option overrides the ServerName option in the CUPS <code class="filename">client.conf</code>. This is
     
    19381939    sent. Keepalive packets, if sent, allow the server to tell whether
    19391940    a client is still present and responding.</p><p>Keepalives should, in general, not be needed if the socket
    1940     has the SO_KEEPALIVE attribute set on it by default. (see <a class="indexterm" name="id281920"></a>socket options).
     1941    has the SO_KEEPALIVE attribute set on it by default. (see <a class="indexterm" name="id310620"></a>socket options).
    19411942Basically you should only use this option if you strike difficulties.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>keepalive</code></em> = 300
    19421943</em></span>
     
    19501951        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>kernel change notify</code></em> = yes
    19511952</em></span>
    1952 </p></dd><dt><span class="term"><a name="KERNELOPLOCKS"></a>kernel oplocks (G)</span></dt><dd><p>For UNIXes that support kernel based <a class="indexterm" name="id282010"></a>oplocks
     1953</p></dd><dt><span class="term"><a name="KERNELOPLOCKS"></a>kernel oplocks (G)</span></dt><dd><p>For UNIXes that support kernel based <a class="indexterm" name="id310710"></a>oplocks
    19531954        (currently only IRIX and the Linux 2.4 kernel), this parameter
    19541955        allows the use of them to be turned on or off.</p><p>Kernel oplocks support allows Samba <em class="parameter"><code>oplocks
     
    19871988</em></span>
    19881989</p></dd><dt><span class="term"><a name="LDAPADMINDN"></a>ldap admin dn (G)</span></dt><dd><p>
    1989         The <a class="indexterm" name="id282202"></a>ldap admin dn defines the Distinguished  Name (DN) name used by Samba to contact
    1990         the ldap server when retreiving  user account information. The <a class="indexterm" name="id282211"></a>ldap admin dn is used
     1990        The <a class="indexterm" name="id310902"></a>ldap admin dn defines the Distinguished  Name (DN) name used by Samba to contact
     1991        the ldap server when retreiving  user account information. The <a class="indexterm" name="id310911"></a>ldap admin dn is used
    19911992        in conjunction with the admin dn password stored in the <code class="filename">private/secrets.tdb</code>
    19921993        file.  See the <a href="smbpasswd.8.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(8)</span></a>
    19931994        man page for more information on how  to accomplish this.
    19941995        </p><p>
    1995         The <a class="indexterm" name="id282236"></a>ldap admin dn requires a fully specified DN. The <a class="indexterm" name="id282243"></a>ldap  suffix is not appended to the <a class="indexterm" name="id282251"></a>ldap admin dn.
     1996        The <a class="indexterm" name="id310936"></a>ldap admin dn requires a fully specified DN. The <a class="indexterm" name="id310943"></a>ldap  suffix is not appended to the <a class="indexterm" name="id310951"></a>ldap admin dn.
    19961997        </p><p><span class="emphasis"><em>No default</em></span></p></dd><dt><span class="term"><a name="LDAPDELETEDN"></a>ldap delete dn (G)</span></dt><dd><p> This parameter specifies whether a delete
    19971998        operation in the ldapsam deletes the complete entry or only the attributes
     
    20012002</p></dd><dt><span class="term"><a name="LDAPGROUPSUFFIX"></a>ldap group suffix (G)</span></dt><dd><p>This parameter specifies the suffix that is
    20022003        used for groups when these are added to the LDAP directory.
    2003         If this parameter is unset, the value of <a class="indexterm" name="id282319"></a>ldap suffix will be used instead.  The suffix string is pre-pended to the
    2004         <a class="indexterm" name="id282326"></a>ldap suffix string so use a partial DN.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap group suffix</code></em> =
     2004        If this parameter is unset, the value of <a class="indexterm" name="id311019"></a>ldap suffix will be used instead.  The suffix string is pre-pended to the
     2005        <a class="indexterm" name="id311026"></a>ldap suffix string so use a partial DN.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap group suffix</code></em> =
    20052006</em></span>
    20062007</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>ldap group suffix</code></em> = ou=Groups
     
    20082009</p></dd><dt><span class="term"><a name="LDAPIDMAPSUFFIX"></a>ldap idmap suffix (G)</span></dt><dd><p>
    20092010        This parameters specifies the suffix that is used when storing idmap mappings. If this parameter
    2010         is unset, the value of <a class="indexterm" name="id282379"></a>ldap suffix will be used instead.  The suffix
    2011         string is pre-pended to the <a class="indexterm" name="id282387"></a>ldap suffix string so use a partial DN.
     2011        is unset, the value of <a class="indexterm" name="id311079"></a>ldap suffix will be used instead.  The suffix
     2012        string is pre-pended to the <a class="indexterm" name="id311087"></a>ldap suffix string so use a partial DN.
    20122013        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap idmap suffix</code></em> =
    20132014</em></span>
     
    20162017</p></dd><dt><span class="term"><a name="LDAPMACHINESUFFIX"></a>ldap machine suffix (G)</span></dt><dd><p>
    20172018        It specifies where machines should be added to the ldap tree.  If this parameter is unset, the value of
    2018         <a class="indexterm" name="id282439"></a>ldap suffix will be used instead.  The suffix string is pre-pended to the
    2019         <a class="indexterm" name="id282447"></a>ldap suffix string so use a partial DN.
     2019        <a class="indexterm" name="id311139"></a>ldap suffix will be used instead.  The suffix string is pre-pended to the
     2020        <a class="indexterm" name="id311147"></a>ldap suffix string so use a partial DN.
    20202021        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap machine suffix</code></em> =
    20212022</em></span>
     
    20272028        change via SAMBA. 
    20282029        </p><p>
    2029         The <a class="indexterm" name="id282504"></a>ldap passwd sync can be set to one of three values:
     2030        The <a class="indexterm" name="id311204"></a>ldap passwd sync can be set to one of three values:
    20302031        </p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>Yes</code></em>  =  Try
    20312032                        to update the LDAP, NT and LM passwords and update the pwdLastSet time.</p></li><li><p><em class="parameter"><code>No</code></em> = Update NT and
     
    20592060        the smb.conf ldap options must be properly configured.
    20602061
    2061         The tipical ldap setup used with the <a class="indexterm" name="id282651"></a>ldapsam:trusted = yes option
    2062         is usually sufficient to use <a class="indexterm" name="id282658"></a>ldapsam:editposix = yes as well.
     2062        The tipical ldap setup used with the <a class="indexterm" name="id311347"></a>ldapsam:trusted = yes option
     2063        is usually sufficient to use <a class="indexterm" name="id311354"></a>ldapsam:editposix = yes as well.
    20632064        </p><p>
    20642065        An example configuration can be the following:
     
    21332134        are used to deal with user and group attributes lack such optimization.
    21342135        </p><p>
    2135         To make Samba scale well in large environments, the <a class="indexterm" name="id282732"></a>ldapsam:trusted = yes
     2136        To make Samba scale well in large environments, the <a class="indexterm" name="id311428"></a>ldapsam:trusted = yes
    21362137        option assumes that the complete user and group database that is relevant to Samba is stored in LDAP with the
    21372138        standard posixAccount/posixGroup attributes. It further assumes that the Samba auxiliary object classes are
    21382139        stored together with the POSIX data in the same LDAP object. If these assumptions are met,
    2139         <a class="indexterm" name="id282742"></a>ldapsam:trusted = yes can be activated and Samba can bypass the
     2140        <a class="indexterm" name="id311438"></a>ldapsam:trusted = yes can be activated and Samba can bypass the
    21402141        NSS system to query user group memberships. Optimized LDAP queries can greatly speed up domain logon and
    21412142        administration tasks. Depending on the size of the LDAP database a factor of 100 or more for common queries
     
    21482149        Samba's previous SSL support which was enabled by specifying the
    21492150         <span><strong class="command">--with-ssl</strong></span> option to the <code class="filename">configure</code>
    2150         script.</p><p>The <a class="indexterm" name="id282805"></a>ldap ssl can be set to one of three values:</p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>Off</code></em> = Never
     2151        script.</p><p>The <a class="indexterm" name="id311504"></a>ldap ssl can be set to one of three values:</p><div class="itemizedlist"><ul type="disc"><li><p><em class="parameter"><code>Off</code></em> = Never
    21512152                        use SSL when querying the directory.</p></li><li><p><em class="parameter"><code>Start_tls</code></em> = Use
    21522153                        the LDAPv3 StartTLS extended operation (RFC2830) for
     
    21542155                        on the ldaps port when contacting the <em class="parameter"><code>ldap server</code></em>. Only available when the
    21552156                        backwards-compatiblity <span><strong class="command">--with-ldapsam</strong></span> option is specified
    2156                 to configure. See <a class="indexterm" name="id282861"></a>passdb backend</p>.
     2157                to configure. See <a class="indexterm" name="id311559"></a>passdb backend</p>.
    21572158                </li></ul></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap ssl</code></em> = start_tls
    21582159</em></span>
    21592160</p></dd><dt><span class="term"><a name="LDAPSUFFIX"></a>ldap suffix (G)</span></dt><dd><p>Specifies the base for all ldap suffixes and for storing the sambaDomain object.</p><p>
    2160         The ldap suffix will be appended to the values specified for the <a class="indexterm" name="id282908"></a>ldap user suffix,
    2161          <a class="indexterm" name="id282915"></a>ldap group suffix, <a class="indexterm" name="id282922"></a>ldap machine suffix, and the
    2162          <a class="indexterm" name="id282929"></a>ldap idmap suffix. Each of these should be given only a DN relative to the
    2163          <a class="indexterm" name="id282937"></a>ldap suffix.
     2161        The ldap suffix will be appended to the values specified for the <a class="indexterm" name="id311606"></a>ldap user suffix,
     2162         <a class="indexterm" name="id311614"></a>ldap group suffix, <a class="indexterm" name="id311621"></a>ldap machine suffix, and the
     2163         <a class="indexterm" name="id311628"></a>ldap idmap suffix. Each of these should be given only a DN relative to the
     2164         <a class="indexterm" name="id311635"></a>ldap suffix.
    21642165        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap suffix</code></em> =
    21652166</em></span>
     
    21742175</p></dd><dt><span class="term"><a name="LDAPUSERSUFFIX"></a>ldap user suffix (G)</span></dt><dd><p>
    21752176        This parameter specifies where users are added to the tree. If this parameter is unset,
    2176         the value of <a class="indexterm" name="id283024"></a>ldap suffix will be used instead.  The suffix
    2177         string is pre-pended to the  <a class="indexterm" name="id283032"></a>ldap suffix string so use a partial DN.
     2177        the value of <a class="indexterm" name="id311723"></a>ldap suffix will be used instead.  The suffix
     2178        string is pre-pended to the  <a class="indexterm" name="id311730"></a>ldap suffix string so use a partial DN.
    21782179        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>ldap user suffix</code></em> =
    21792180</em></span>
     
    21942195        delete any read-ahead caches.</p><p>It is recommended that this parameter be turned on to
    21952196        speed access to shared executables.</p><p>For more discussions on level2 oplocks see the CIFS spec.</p><p>
    2196         Currently, if <a class="indexterm" name="id283109"></a>kernel oplocks are supported then
     2197        Currently, if <a class="indexterm" name="id311808"></a>kernel oplocks are supported then
    21972198        level2 oplocks are not granted (even if this parameter is set to
    2198         <code class="constant">yes</code>).  Note also, the <a class="indexterm" name="id283120"></a>oplocks
     2199        <code class="constant">yes</code>).  Note also, the <a class="indexterm" name="id311819"></a>oplocks
    21992200        parameter must be set to <code class="constant">yes</code> on this share in order for
    22002201        this parameter to have any effect.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>level2 oplocks</code></em> = yes
     
    22082209        broadcasts. If set to <code class="constant">yes</code> Samba will produce
    22092210        Lanman announce broadcasts at a frequency set by the parameter
    2210         <a class="indexterm" name="id283196"></a>lm interval. If set to <code class="constant">auto</code>
     2211        <a class="indexterm" name="id311895"></a>lm interval. If set to <code class="constant">auto</code>
    22112212        Samba will not send Lanman announce broadcasts by default but will
    22122213        listen for them. If it hears such a broadcast on the wire it will
    22132214        then start sending them at a frequency set by the parameter
    2214         <a class="indexterm" name="id283208"></a>lm interval.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>lm announce</code></em> = auto
     2215        <a class="indexterm" name="id311907"></a>lm interval.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>lm announce</code></em> = auto
    22152216</em></span>
    22162217</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>lm announce</code></em> = yes
     
    22182219</p></dd><dt><span class="term"><a name="LMINTERVAL"></a>lm interval (G)</span></dt><dd><p>If Samba is set to produce Lanman announce
    22192220        broadcasts needed by OS/2 clients (see the
    2220                 <a class="indexterm" name="id283260"></a>lm announce parameter) then this
     2221                <a class="indexterm" name="id311959"></a>lm announce parameter) then this
    22212222        parameter defines the frequency in seconds with which they will be
    22222223        made.  If this is set to zero then no Lanman announcements will be
    2223         made despite the setting of the <a class="indexterm" name="id283269"></a>lm announce
     2224        made despite the setting of the <a class="indexterm" name="id311968"></a>lm announce
    22242225        parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>lm interval</code></em> = 60
    22252226</em></span>
     
    22282229</p></dd><dt><span class="term"><a name="LOADPRINTERS"></a>load printers (G)</span></dt><dd><p>A boolean variable that controls whether all
    22292230    printers in the printcap will be loaded for browsing by default.
    2230     See the <a class="indexterm" name="id283322"></a>printers section for
     2231    See the <a class="indexterm" name="id312021"></a>printers section for
    22312232    more details.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>load printers</code></em> = yes
    22322233</em></span>
     
    22432244</p></dd><dt><span class="term"><a name="LOCKDIR"></a>lock dir</span></dt><dd><p>This parameter is a synonym for lock directory.</p></dd><dt><span class="term"><a name="LOCKDIRECTORY"></a>lock directory (G)</span></dt><dd><p>This option specifies the directory where lock
    22442245        files will be placed.  The lock files are used to implement the
    2245         <a class="indexterm" name="id283473"></a>max connections option.
     2246        <a class="indexterm" name="id312172"></a>max connections option.
    22462247        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>lock directory</code></em> = ${prefix}/var/locks
    22472248</em></span>
     
    22602261        You should never need to set this parameter.</p><p><span class="emphasis"><em>No default</em></span></p></dd><dt><span class="term"><a name="LOCKSPINCOUNT"></a>lock spin count (G)</span></dt><dd><p>This parameter has been made inoperative in Samba 3.0.24.
    22612262        The functionality it contolled is now controlled by the parameter
    2262         <a class="indexterm" name="id283593"></a>lock spin time.
     2263        <a class="indexterm" name="id312292"></a>lock spin time.
    22632264        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>lock spin count</code></em> = 0
    22642265</em></span>
     
    22672268        be granted. This parameter has changed in default
    22682269        value from Samba 3.0.23 from 10 to 200. The associated
    2269         <a class="indexterm" name="id283635"></a>lock spin count parameter is
     2270        <a class="indexterm" name="id312334"></a>lock spin count parameter is
    22702271        no longer used in Samba 3.0.24. You should not need
    22712272        to change the value of this parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>lock spin time</code></em> = 200
     
    22882289</p></dd><dt><span class="term"><a name="LOGONDRIVE"></a>logon drive (G)</span></dt><dd><p>
    22892290        This parameter specifies the local path to which the home directory will be
    2290         connected (see <a class="indexterm" name="id283790"></a>logon home) and is only used by NT
     2291        connected (see <a class="indexterm" name="id312488"></a>logon home) and is only used by NT
    22912292        Workstations.
    22922293        </p><p>
     
    23152316         <span><strong class="command">net use /home</strong></span> but use the whole string when dealing with profiles.
    23162317        </p><p>
    2317         Note that in prior versions of Samba, the <a class="indexterm" name="id283898"></a>logon path was returned rather than
     2318        Note that in prior versions of Samba, the <a class="indexterm" name="id312597"></a>logon path was returned rather than
    23182319        <em class="parameter"><code>logon home</code></em>.  This broke <span><strong class="command">net use /home</strong></span>
    23192320        but allowed profiles outside the home directory. The current implementation is correct, and can be used for
    23202321        profiles if you use the above trick.
    23212322        </p><p>
    2322         Disable this feature by setting <a class="indexterm" name="id283922"></a>logon home = "" - using the empty string.
     2323        Disable this feature by setting <a class="indexterm" name="id312620"></a>logon home = "" - using the empty string.
    23232324        </p><p>
    23242325        This option is only useful if Samba is set up as a logon server.
     
    23312332        stored.  Contrary to previous versions of these manual pages, it has nothing to do with Win 9X roaming
    23322333        profiles.  To find out how to handle roaming profiles for Win 9X system, see the
    2333         <a class="indexterm" name="id283980"></a>logon home parameter.
     2334        <a class="indexterm" name="id312679"></a>logon home parameter.
    23342335        </p><p>
    23352336        This option takes the standard substitutions, allowing you to have separate logon scripts for each user or
     
    23602361        </p></div><p>Note that this option is only useful if Samba is set up as a domain controller.</p><p>
    23612362        Disable the use of roaming profiles by setting the value of this parameter to the empty string. For
    2362         example, <a class="indexterm" name="id284058"></a>logon path = "". Take note that even if the default setting
     2363        example, <a class="indexterm" name="id312756"></a>logon path = "". Take note that even if the default setting
    23632364        in the smb.conf file is the empty string, any value specified in the user account settings in the passdb
    23642365        backend will over-ride the effect of setting this parameter to null. Disabling of all roaming profile use
     
    23772378        </p><p>
    23782379        The script must be a relative path to the <em class="parameter"><code>[netlogon]</code></em> service.  If the [netlogon]
    2379         service specifies a <a class="indexterm" name="id284134"></a>path of <code class="filename">/usr/local/samba/netlogon</code>, and <a class="indexterm" name="id284147"></a>logon  script = STARTUP.BAT, then the file that will be downloaded is:
     2380        service specifies a <a class="indexterm" name="id312832"></a>path of <code class="filename">/usr/local/samba/netlogon</code>, and <a class="indexterm" name="id312846"></a>logon  script = STARTUP.BAT, then the file that will be downloaded is:
    23802381</p><pre class="programlisting">
    23812382        /usr/local/samba/netlogon/STARTUP.BAT
     
    24172418    in the lppause command as the PATH may not be available to the server.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>lppause command</code></em> =
    24182419# Currently no default value is given to
    2419     this string, unless the value of the <a class="indexterm" name="id284303"></a>printing
     2420    this string, unless the value of the <a class="indexterm" name="id312999"></a>printing
    24202421    parameter is <code class="constant">SYSV</code>, in which case the default is :
    24212422    <span><strong class="command">lp -i %p-%j -H hold</strong></span> or if the value of the
     
    24652466    printing or spooling a specific print job.</p><p>This command should be a program or script which takes
    24662467    a printer name and job number to resume the print job. See
    2467     also the <a class="indexterm" name="id284579"></a>lppause command parameter.</p><p>If a <em class="parameter"><code>%p</code></em> is given then the printer name
     2468    also the <a class="indexterm" name="id313276"></a>lppause command parameter.</p><p>If a <em class="parameter"><code>%p</code></em> is given then the printer name
    24682469    is put in its place. A <em class="parameter"><code>%j</code></em> is replaced with
    24692470    the job number (an integer).</p><p>Note that it is good practice to include the absolute path
    24702471    in the <em class="parameter"><code>lpresume command</code></em> as the PATH may not
    2471     be available to the server.</p><p>See also the <a class="indexterm" name="id284616"></a>printing parameter.</p><p>Default: Currently no default value is given
     2472    be available to the server.</p><p>See also the <a class="indexterm" name="id313312"></a>printing parameter.</p><p>Default: Currently no default value is given
    24722473    to this string, unless the value of the <em class="parameter"><code>printing</code></em>
    24732474    parameter is <code class="constant">SYSV</code>, in which case the default is :</p><p><span><strong class="command">lp -i %p-%j -H resume</strong></span></p><p>or if the value of the <em class="parameter"><code>printing</code></em> parameter
     
    24922493</em></span>
    24932494</p></dd><dt><span class="term"><a name="MACHINEPASSWORDTIMEOUT"></a>machine password timeout (G)</span></dt><dd><p>
    2494         If a Samba server is a member of a Windows NT Domain (see the <a class="indexterm" name="id284772"></a>security = domain parameter) then periodically a running smbd process will try and change
     2495        If a Samba server is a member of a Windows NT Domain (see the <a class="indexterm" name="id313468"></a>security = domain parameter) then periodically a running smbd process will try and change
    24952496        the MACHINE ACCOUNT PASSWORD stored in the TDB called <code class="filename">private/secrets.tdb
    24962497        </code>.  This parameter specifies how often this password will be changed, in seconds. The default is one
     
    24982499        </p><p>
    24992500        See also <a href="smbpasswd.8.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(8)</span></a>,
    2500         and the <a class="indexterm" name="id284798"></a>security = domain parameter.
     2501        and the <a class="indexterm" name="id313495"></a>security = domain parameter.
    25012502        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>machine password timeout</code></em> = 604800
    25022503</em></span>
    25032504</p></dd><dt><span class="term"><a name="MAGICOUTPUT"></a>magic output (S)</span></dt><dd><p>
    25042505        This parameter specifies the name of a file which will contain output created by a magic script (see the
    2505         <a class="indexterm" name="id284839"></a>magic script parameter below).
     2506        <a class="indexterm" name="id313535"></a>magic script parameter below).
    25062507        </p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>If two clients use the same <em class="parameter"><code>magic script
    25072508        </code></em> in the same directory the output file content is undefined.
     
    25162517        completion assuming that the user has the appropriate level
    25172518        of privilege and the file permissions allow the deletion.</p><p>If the script generates output, output will be sent to
    2518         the file specified by the <a class="indexterm" name="id284913"></a>magic output
     2519        the file specified by the <a class="indexterm" name="id313609"></a>magic output
    25192520        parameter (see above).</p><p>Note that some shells are unable to interpret scripts
    25202521        containing CR/LF instead of CR as
     
    25372538        you would use:
    25382539        </p><p>
    2539         <a class="indexterm" name="id285017"></a>mangled map = (*.html *.htm).
     2540        <a class="indexterm" name="id313714"></a>mangled map = (*.html *.htm).
    25402541        </p><p>
    25412542        One very useful case is to remove the annoying <code class="filename">;1</code> off
     
    25492550</p></dd><dt><span class="term"><a name="MANGLEDNAMES"></a>mangled names (S)</span></dt><dd><p>This controls whether non-DOS names under UNIX
    25502551        should be mapped to DOS-compatible names ("mangled") and made visible,
    2551         or whether non-DOS names should simply be ignored.</p><p>See the section on <a class="indexterm" name="id285084"></a>name mangling for
     2552        or whether non-DOS names should simply be ignored.</p><p>See the section on <a class="indexterm" name="id313780"></a>name mangling for
    25522553        details on how to control the mangling process.</p><p>If mangling is used then the mangling algorithm is as follows:</p><div class="itemizedlist"><ul type="disc"><li><p>The first (up to) five alphanumeric characters
    25532554                        before the rightmost dot of the filename are preserved, forced
     
    25592560                        only if it contains any upper case characters or is longer than three
    25602561                        characters.</p><p>Note that the character to use may be specified using
    2561                                 the <a class="indexterm" name="id285118"></a>mangling char
     2562                                the <a class="indexterm" name="id313814"></a>mangling char
    25622563                        option, if you don't like '~'.</p></li><li><p>Files whose UNIX name begins with a dot will be
    25632564                        presented as DOS hidden files. The mangled name will be created as
     
    25832584</em></span>
    25842585</p></dd><dt><span class="term"><a name="MANGLINGCHAR"></a>mangling char (S)</span></dt><dd><p>This controls what character is used as
    2585         the <span class="emphasis"><em>magic</em></span> character in <a class="indexterm" name="id285238"></a>name mangling. The
     2586        the <span class="emphasis"><em>magic</em></span> character in <a class="indexterm" name="id313935"></a>name mangling. The
    25862587        default is a '~' but this may interfere with some software. Use this option to set
    25872588        it to whatever you prefer. This is effective only when mangling method is hash.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>mangling char</code></em> = ~
     
    26162617        be quite annoying for shared source code, documents, etc...
    26172618        </p><p>
    2618         Note that this requires the <a class="indexterm" name="id285396"></a>create mask        parameter to be set such that owner
     2619        Note that this requires the <a class="indexterm" name="id314093"></a>create mask        parameter to be set such that owner
    26192620        execute bit is not masked out (i.e. it must include 100). See the parameter
    2620         <a class="indexterm" name="id285404"></a>create mask for details.
     2621        <a class="indexterm" name="id314101"></a>create mask for details.
    26212622        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>map archive</code></em> = yes
    26222623</em></span>
     
    26242625        This controls whether DOS style hidden files should be mapped to the UNIX world execute bit.
    26252626        </p><p>
    2626         Note that this requires the <a class="indexterm" name="id285449"></a>create mask to be set such that the world execute
    2627         bit is not masked out (i.e. it must include 001). See the parameter <a class="indexterm" name="id285457"></a>create mask
     2627        Note that this requires the <a class="indexterm" name="id314145"></a>create mask to be set such that the world execute
     2628        bit is not masked out (i.e. it must include 001). See the parameter <a class="indexterm" name="id314153"></a>create mask
    26282629        for details.
    26292630        </p><p><span class="emphasis"><em>No default</em></span></p></dd><dt><span class="term"><a name="MAPREADONLY"></a>map read only (S)</span></dt><dd><p>
     
    26312632        </p><p>
    26322633        This parameter can take three different values, which tell <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> how to display the read only attribute on files, where either
    2633         <a class="indexterm" name="id285503"></a>store dos attributes is set to <code class="constant">No</code>, or no extended attribute is
    2634         present. If <a class="indexterm" name="id285514"></a>store dos attributes is set to <code class="constant">yes</code> then this
     2634        <a class="indexterm" name="id314199"></a>store dos attributes is set to <code class="constant">No</code>, or no extended attribute is
     2635        present. If <a class="indexterm" name="id314210"></a>store dos attributes is set to <code class="constant">yes</code> then this
    26352636        parameter is <span class="emphasis"><em>ignored</em></span>. This is a new parameter introduced in Samba version 3.0.21.
    26362637        </p><p>The three settings are :</p><div class="itemizedlist"><ul type="disc"><li><p>
     
    26452646                </p></li><li><p>
    26462647                <code class="constant">No</code> - The read only DOS attribute is unaffected by permissions, and can only be set by
    2647                 the <a class="indexterm" name="id285570"></a>store dos attributes method. This may be useful for exporting mounted CDs.
     2648                the <a class="indexterm" name="id314267"></a>store dos attributes method. This may be useful for exporting mounted CDs.
    26482649                </p></li></ul></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>map read only</code></em> = yes
    26492650</em></span>
     
    26512652        This controls whether DOS style system files should be mapped to the UNIX group execute bit.
    26522653        </p><p>
    2653         Note that this requires the <a class="indexterm" name="id285616"></a>create mask        to be set such that the group
     2654        Note that this requires the <a class="indexterm" name="id314312"></a>create mask        to be set such that the group
    26542655        execute bit is not masked out (i.e. it must include 010). See the parameter
    2655         <a class="indexterm" name="id285624"></a>create mask for details.
     2656        <a class="indexterm" name="id314320"></a>create mask for details.
    26562657        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>map system</code></em> = no
    26572658</em></span>
    2658 </p></dd><dt><span class="term"><a name="MAPTOGUEST"></a>map to guest (G)</span></dt><dd><p>This parameter is only useful in <a class="indexterm" name="id285664"></a>SECURITY =
     2659</p></dd><dt><span class="term"><a name="MAPTOGUEST"></a>map to guest (G)</span></dt><dd><p>This parameter is only useful in <a class="indexterm" name="id314360"></a>SECURITY =
    26592660    security modes other than <em class="parameter"><code>security = share</code></em>
    26602661    and <em class="parameter"><code>security = server</code></em>
     
    26662667            logins with an invalid password are rejected, unless the username
    26672668            does not exist, in which case it is treated as a guest login and
    2668             mapped into the <a class="indexterm" name="id285728"></a>guest account.</p></li><li><p><code class="constant">Bad Password</code> - Means user logins
     2669            mapped into the <a class="indexterm" name="id314424"></a>guest account.</p></li><li><p><code class="constant">Bad Password</code> - Means user logins
    26692670            with an invalid password are treated as a guest login and mapped
    2670             into the <a class="indexterm" name="id285745"></a>guest account. Note that
     2671            into the <a class="indexterm" name="id314441"></a>guest account. Note that
    26712672            this can cause problems as it means that any user incorrectly typing
    26722673            their password will be silently logged on as "guest" - and
     
    27022703    will be refused if this number of connections to the service are already open. A value
    27032704    of zero mean an unlimited number of connections may be made.</p><p>Record lock files are used to implement this feature. The lock files will be stored in
    2704     the directory specified by the <a class="indexterm" name="id285871"></a>lock directory option.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>max connections</code></em> = 0
     2705    the directory specified by the <a class="indexterm" name="id314567"></a>lock directory option.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>max connections</code></em> = 0
    27052706</em></span>
    27062707</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>max connections</code></em> = 10
     
    27932794</em></span>
    27942795</p></dd><dt><span class="term"><a name="MAXWINSTTL"></a>max wins ttl (G)</span></dt><dd><p>This option tells <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> when acting as a WINS server
    2795         (<a class="indexterm" name="id286538"></a>wins support = yes) what the maximum
     2796        (<a class="indexterm" name="id315234"></a>wins support = yes) what the maximum
    27962797    'time to live' of NetBIOS names that <span><strong class="command">nmbd</strong></span>
    27972798    will grant will be (in seconds). You should never need to change this
     
    28542855</p></dd><dt><span class="term"><a name="MINPROTOCOL"></a>min protocol (G)</span></dt><dd><p>The value of the parameter (a string) is the
    28552856    lowest SMB protocol dialect than Samba will support.  Please refer
    2856     to the <a class="indexterm" name="id286860"></a>max protocol
     2857    to the <a class="indexterm" name="id315556"></a>max protocol
    28572858    parameter for a list of valid protocol names and a brief description
    28582859    of each.  You may also wish to refer to the C source code in
    28592860    <code class="filename">source/smbd/negprot.c</code> for a listing of known protocol
    28602861    dialects supported by clients.</p><p>If you are viewing this parameter as a security measure, you should
    2861     also refer to the <a class="indexterm" name="id286879"></a>lanman auth parameter.  Otherwise, you should never need
     2862    also refer to the <a class="indexterm" name="id315575"></a>lanman auth parameter.  Otherwise, you should never need
    28622863    to change this parameter.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>min protocol</code></em> = CORE
    28632864</em></span>
     
    28652866</em></span>
    28662867</p></dd><dt><span class="term"><a name="MINWINSTTL"></a>min wins ttl (G)</span></dt><dd><p>This option tells <a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a>
    2867     when acting as a WINS server (<a class="indexterm" name="id286939"></a>wins support = yes) what the minimum 'time to live'
     2868    when acting as a WINS server (<a class="indexterm" name="id315635"></a>wins support = yes) what the minimum 'time to live'
    28682869    of NetBIOS names that <span><strong class="command">nmbd</strong></span> will grant will be (in
    28692870    seconds). You should never need to change this parameter.  The default
     
    28752876        this share, they are redirected to the proxied share using
    28762877        the SMB-Dfs protocol.</p><p>Only Dfs roots can act as proxy shares. Take a look at the
    2877         <a class="indexterm" name="id286993"></a>msdfs root and <a class="indexterm" name="id287000"></a>host msdfs
     2878        <a class="indexterm" name="id315689"></a>msdfs root and <a class="indexterm" name="id315696"></a>host msdfs
    28782879        options to find out how to set up a Dfs root share.</p><p><span class="emphasis"><em>No default</em></span></p><p>Example: <span class="emphasis"><em><em class="parameter"><code>msdfs proxy</code></em> = \\otherserver\someshare
    28792880</em></span>
     
    29112912                _ldap._tcp.domain.
    29122913        </p></li><li><p><code class="constant">wins</code> : Query a name with
    2913             the IP address listed in the <a class="indexterm" name="id287191"></a>WINSSERVER parameter.  If no WINS server has
     2914            the IP address listed in the <a class="indexterm" name="id315887"></a>WINSSERVER parameter.  If no WINS server has
    29142915            been specified this method will be ignored.</p></li><li><p><code class="constant">bcast</code> : Do a broadcast on
    2915             each of the known local interfaces listed in the <a class="indexterm" name="id287208"></a>interfaces
     2916            each of the known local interfaces listed in the <a class="indexterm" name="id315904"></a>interfaces
    29162917            parameter. This is the least reliable of the name resolution
    29172918            methods as it depends on the target host being on a locally
     
    29652966        server. When Samba is returning the home share to the client, it
    29662967        will consult the NIS map specified in
    2967         <a class="indexterm" name="id287457"></a>homedir map and return the server
     2968        <a class="indexterm" name="id316157"></a>homedir map and return the server
    29682969        listed there.</p><p>Note that for this option to work there must be a working
    29692970        NIS system and the Samba server with this option must also
     
    30043005    default behavior is to use PAM for clear text authentication only
    30053006    and to ignore any account or session management.  Note that Samba
    3006     always ignores PAM for authentication in the case of <a class="indexterm" name="id287744"></a>encrypt passwords = yes.  The reason
     3007    always ignores PAM for authentication in the case of <a class="indexterm" name="id316444"></a>encrypt passwords = yes.  The reason
    30073008    is that PAM modules cannot support the challenge/response
    30083009    authentication mechanism needed in the presence of SMB password encryption.
     
    30153016    this parameter will force the server to only use the login
    30163017    names from the <em class="parameter"><code>user</code></em> list and is only really
    3017     useful in <a class="indexterm" name="id287800"></a>security = share level security.</p><p>Note that this also means Samba won't try to deduce
     3018    useful in <a class="indexterm" name="id316499"></a>security = share level security.</p><p>Note that this also means Samba won't try to deduce
    30183019    usernames from the service name. This can be annoying for
    30193020    the [homes] section. To get around this you could use <span><strong class="command">user =
     
    30633064        </p><p>
    30643065        Oplocks may be selectively turned off on certain files with a share. See
    3065         the <a class="indexterm" name="id288045"></a>veto oplock files parameter. On some systems
     3066        the <a class="indexterm" name="id316744"></a>veto oplock files parameter. On some systems
    30663067        oplocks are recognized by the underlying operating system. This
    30673068        allows data synchronization between all access to oplocked files,
    30683069        whether it be via Samba or NFS or a local UNIX process. See the
    3069         <a class="indexterm" name="id288054"></a>kernel oplocks parameter for details.
     3070        <a class="indexterm" name="id316753"></a>kernel oplocks parameter for details.
    30703071        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>oplocks</code></em> = yes
    30713072</em></span>
     
    30823083</p></dd><dt><span class="term"><a name="OSLEVEL"></a>os level (G)</span></dt><dd><p>
    30833084        This integer value controls what level Samba advertises itself as for browse elections. The value of this
    3084         parameter determines whether <a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> has a chance of becoming a local master browser for the <a class="indexterm" name="id288157"></a>workgroup in the local broadcast area.
     3085        parameter determines whether <a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> has a chance of becoming a local master browser for the <a class="indexterm" name="id316857"></a>workgroup in the local broadcast area.
    30853086</p><p><span class="emphasis"><em>
    30863087        Note :</em></span>By default, Samba will win a local master browsing election over all Microsoft operating
     
    30973098    flag for Samba.  If enabled, then PAM will be used for password
    30983099    changes when requested by an SMB client instead of the program listed in
    3099     <a class="indexterm" name="id288221"></a>passwd program.
     3100    <a class="indexterm" name="id316921"></a>passwd program.
    31003101    It should be possible to enable this without changing your
    3101     <a class="indexterm" name="id288229"></a>passwd chat parameter for most setups.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>pam password change</code></em> = no
     3102    <a class="indexterm" name="id316929"></a>passwd chat parameter for most setups.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>pam password change</code></em> = no
    31023103</em></span>
    31033104</p></dd><dt><span class="term"><a name="PANICACTION"></a>panic action (G)</span></dt><dd><p>This is a Samba developer option that allows a
     
    31253126                </p></li><li><p><span><strong class="command">tdbsam</strong></span> - The TDB based password storage
    31263127                backend.  Takes a path to the TDB as an optional argument (defaults to passdb.tdb
    3127                 in the <a class="indexterm" name="id288406"></a>private dir directory.</p></li><li><p><span><strong class="command">ldapsam</strong></span> - The LDAP based passdb
     3128                in the <a class="indexterm" name="id317106"></a>private dir directory.</p></li><li><p><span><strong class="command">ldapsam</strong></span> - The LDAP based passdb
    31283129                backend.  Takes an LDAP URL as an optional argument (defaults to
    31293130                <span><strong class="command">ldap://localhost</strong></span>)</p><p>LDAP connections should be secured where possible.  This may be done using either
    3130                 Start-TLS (see <a class="indexterm" name="id288435"></a>ldap ssl) or by
     3131                Start-TLS (see <a class="indexterm" name="id317135"></a>ldap ssl) or by
    31313132                specifying <em class="parameter"><code>ldaps://</code></em> in
    31323133                the URL argument. </p><p>Multiple servers may also be specified in double-quotes, if your
     
    31513152    </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>passdb expand explicit</code></em> = no
    31523153</em></span>
     3154</p></dd><dt><span class="term"><a name="PASSWDCHATDEBUG"></a>passwd chat debug (G)</span></dt><dd><p>This boolean specifies if the passwd chat script
     3155    parameter is run in <span class="emphasis"><em>debug</em></span> mode. In this mode the
     3156    strings passed to and received from the passwd chat are printed
     3157    in the <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> log with a
     3158    <a class="indexterm" name="id317245"></a>debug level
     3159    of 100. This is a dangerous option as it will allow plaintext passwords
     3160    to be seen in the <span><strong class="command">smbd</strong></span> log. It is available to help
     3161    Samba admins debug their <em class="parameter"><code>passwd chat</code></em> scripts
     3162    when calling the <em class="parameter"><code>passwd program</code></em> and should
     3163    be turned off after this has been done. This option has no effect if the
     3164    <a class="indexterm" name="id317272"></a>pam password change
     3165        paramter is set. This parameter is off by default.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>passwd chat debug</code></em> = no
     3166</em></span>
     3167</p></dd><dt><span class="term"><a name="PASSWDCHATTIMEOUT"></a>passwd chat timeout (G)</span></dt><dd><p>This integer specifies the number of seconds smbd will wait for an initial
     3168    answer from a passwd chat script being run. Once the initial answer is received
     3169    the subsequent answers must be received in one tenth of this time. The default it
     3170    two seconds.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>passwd chat timeout</code></em> = 2
     3171</em></span>
    31533172</p></dd><dt><span class="term"><a name="PASSWDCHAT"></a>passwd chat (G)</span></dt><dd><p>This string controls the <span class="emphasis"><em>"chat"</em></span>
    31543173    conversation that takes places between <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> and the local password changing
    31553174    program to change the user's password. The string describes a
    31563175    sequence of response-receive pairs that <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> uses to determine what to send to the
    3157     <a class="indexterm" name="id288553"></a>passwd program and what to expect back. If the expected output is not
     3176    <a class="indexterm" name="id317369"></a>passwd program and what to expect back. If the expected output is not
    31583177    received then the password is not changed.</p><p>This chat sequence is often quite site specific, depending
    31593178    on what local methods are used for password control (such as NIS
    3160     etc).</p><p>Note that this parameter only is only used if the <a class="indexterm" name="id288570"></a>unix password sync parameter is set  to <code class="constant">yes</code>. This sequence is
     3179    etc).</p><p>Note that this parameter only is only used if the <a class="indexterm" name="id317385"></a>unix password sync parameter is set  to <code class="constant">yes</code>. This sequence is
    31613180    then called <span class="emphasis"><em>AS ROOT</em></span> when the SMB password  in the
    31623181    smbpasswd file is being changed, without access to the old password
    31633182    cleartext. This means that root must be able to reset the user's password without
    31643183    knowing the text of the previous password. In the presence of
    3165     NIS/YP,  this means that the <a class="indexterm" name="id288586"></a>passwd program must
     3184    NIS/YP,  this means that the <a class="indexterm" name="id317402"></a>passwd program must
    31663185    be executed on the NIS master.
    31673186    </p><p>The string can contain the macro <em class="parameter"><code>%n</code></em> which is substituted
     
    31723191    in them into a single string.</p><p>If the send string in any part of the chat sequence  is a full
    31733192    stop ".",  then no string is sent. Similarly,  if the
    3174     expect string is a full stop then no string is expected.</p><p>If the <a class="indexterm" name="id288614"></a>pam password change parameter is set to <code class="constant">yes</code>, the
     3193    expect string is a full stop then no string is expected.</p><p>If the <a class="indexterm" name="id317430"></a>pam password change parameter is set to <code class="constant">yes</code>, the
    31753194        chat pairs may be matched in any order, and success is determined by the PAM result, not any particular
    31763195        output. The \n macro is ignored for PAM conversions.
     
    31783197</em></span>
    31793198</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>passwd chat</code></em> = "*Enter OLD password*" %o\n "*Enter NEW password*" %n\n "*Reenter NEW password*" %n\n "*Password changed*"
    3180 </em></span>
    3181 </p></dd><dt><span class="term"><a name="PASSWDCHATDEBUG"></a>passwd chat debug (G)</span></dt><dd><p>This boolean specifies if the passwd chat script
    3182     parameter is run in <span class="emphasis"><em>debug</em></span> mode. In this mode the
    3183     strings passed to and received from the passwd chat are printed
    3184     in the <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> log with a
    3185     <a class="indexterm" name="id288686"></a>debug level
    3186     of 100. This is a dangerous option as it will allow plaintext passwords
    3187     to be seen in the <span><strong class="command">smbd</strong></span> log. It is available to help
    3188     Samba admins debug their <em class="parameter"><code>passwd chat</code></em> scripts
    3189     when calling the <em class="parameter"><code>passwd program</code></em> and should
    3190     be turned off after this has been done. This option has no effect if the
    3191     <a class="indexterm" name="id288713"></a>pam password change
    3192         paramter is set. This parameter is off by default.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>passwd chat debug</code></em> = no
    3193 </em></span>
    3194 </p></dd><dt><span class="term"><a name="PASSWDCHATTIMEOUT"></a>passwd chat timeout (G)</span></dt><dd><p>This integer specifies the number of seconds smbd will wait for an initial
    3195     answer from a passwd chat script being run. Once the initial answer is received
    3196     the subsequent answers must be received in one tenth of this time. The default it
    3197     two seconds.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>passwd chat timeout</code></em> = 2
    31983199</em></span>
    31993200</p></dd><dt><span class="term"><a name="PASSWDPROGRAM"></a>passwd program (G)</span></dt><dd><p>The name of a program that can be used to set
     
    32363237    made - the password as is and the password in all-lower case.</p><p>This parameter is used only when using plain-text passwords. It is
    32373238    not at all used when encrypted passwords as in use (that is the default
    3238     since samba-3.0.0). Use this only when <a class="indexterm" name="id288957"></a>encrypt passwords = No.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>password level</code></em> = 0
     3239    since samba-3.0.0). Use this only when <a class="indexterm" name="id317661"></a>encrypt passwords = No.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>password level</code></em> = 0
    32393240</em></span>
    32403241</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>password level</code></em> = 4
     
    32523253    have no effect on password servers for Windows NT 4.0 domains or netbios
    32533254    connections.</p><p>If parameter is a name, it is looked up using the
    3254     parameter <a class="indexterm" name="id289029"></a>name resolve order and so may resolved
     3255    parameter <a class="indexterm" name="id317733"></a>name resolve order and so may resolved
    32553256    by any method and order described in that parameter.</p><p>The password server must be a machine capable of using
    32563257    the "LM1.2X002" or the "NT LM 0.12" protocol, and it must be in
     
    33143315        will be replaced by the NetBIOS name of the machine they are
    33153316        connecting from. These replacements are very useful for setting
    3316         up pseudo home directories for users.</p><p>Note that this path will be based on <a class="indexterm" name="id289313"></a>root dir
     3317        up pseudo home directories for users.</p><p>Note that this path will be based on <a class="indexterm" name="id318016"></a>root dir
    33173318         if one was specified.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>path</code></em> =
    33183319</em></span>
     
    33413342</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>postexec</code></em> = echo \"%u disconnected from %S from %m (%I)\" &gt;&gt; /tmp/log
    33423343</em></span>
     3344</p></dd><dt><span class="term"><a name="PREEXECCLOSE"></a>preexec close (S)</span></dt><dd><p>
     3345        This boolean option controls whether a non-zero return code from <a class="indexterm" name="id318215"></a>preexec
     3346        should close the service being connected to.
     3347        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>preexec close</code></em> = no
     3348</em></span>
    33433349</p></dd><dt><span class="term"><a name="EXEC"></a>exec</span></dt><dd><p>This parameter is a synonym for preexec.</p></dd><dt><span class="term"><a name="PREEXEC"></a>preexec (S)</span></dt><dd><p>This option specifies a command to be run whenever
    33443350        the service is connected to. It takes the usual substitutions.</p><p>An interesting example is to send the users a welcome
     
    33483354        /usr/local/samba/bin/smbclient -M %m -I %I' &amp; </strong></span>
    33493355        </p><p>Of course, this could get annoying after a while :-)</p><p>
    3350         See also <a class="indexterm" name="id289554"></a>preexec close and <a class="indexterm" name="id289562"></a>postexec.
     3356        See also <a class="indexterm" name="id318299"></a>preexec close and <a class="indexterm" name="id318306"></a>postexec.
    33513357        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>preexec</code></em> =
    33523358</em></span>
    33533359</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>preexec</code></em> = echo \"%u connected to %S from %m (%I)\" &gt;&gt; /tmp/log
    3354 </em></span>
    3355 </p></dd><dt><span class="term"><a name="PREEXECCLOSE"></a>preexec close (S)</span></dt><dd><p>
    3356         This boolean option controls whether a non-zero return code from <a class="indexterm" name="id289614"></a>preexec
    3357         should close the service being connected to.
    3358         </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>preexec close</code></em> = no
    33593360</em></span>
    33603361</p></dd><dt><span class="term"><a name="PREFEREDMASTER"></a>prefered master</span></dt><dd><p>This parameter is a synonym for preferred master.</p></dd><dt><span class="term"><a name="PREFERREDMASTER"></a>preferred master (G)</span></dt><dd><p>
     
    33633364        If this is set to <code class="constant">yes</code>, on startup, <span><strong class="command">nmbd</strong></span> will force
    33643365        an election, and it will have a slight advantage in winning the election.  It is recommended that this
    3365         parameter is used in conjunction with <a class="indexterm" name="id289698"></a>domain master = yes, so that
     3366        parameter is used in conjunction with <a class="indexterm" name="id318402"></a>domain master = yes, so that
    33663367        <span><strong class="command">nmbd</strong></span> can guarantee becoming a domain master.
    33673368        </p><p>
     
    33723373        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>preferred master</code></em> = auto
    33733374</em></span>
     3375</p></dd><dt><span class="term"><a name="PRELOADMODULES"></a>preload modules (G)</span></dt><dd><p>This is a list of paths to modules that should
     3376        be loaded into smbd before a client connects. This improves
     3377        the speed of smbd when reacting to new connections somewhat. </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>preload modules</code></em> =
     3378</em></span>
     3379</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>preload modules</code></em> = /usr/lib/samba/passdb/mysql.so
     3380</em></span>
    33743381</p></dd><dt><span class="term"><a name="AUTOSERVICES"></a>auto services</span></dt><dd><p>This parameter is a synonym for preload.</p></dd><dt><span class="term"><a name="PRELOAD"></a>preload (G)</span></dt><dd><p>This is a list of services that you want to be
    33753382        automatically added to the browse lists. This is most useful
     
    33773384        visible.</p><p>
    33783385        Note that if you just want all printers in your
    3379         printcap file loaded then the <a class="indexterm" name="id289778"></a>load printers
     3386        printcap file loaded then the <a class="indexterm" name="id318527"></a>load printers
    33803387         option is easier.
    33813388        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>preload</code></em> =
     
    33833390</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>preload</code></em> = fred lp colorlp
    33843391</em></span>
    3385 </p></dd><dt><span class="term"><a name="PRELOADMODULES"></a>preload modules (G)</span></dt><dd><p>This is a list of paths to modules that should
    3386         be loaded into smbd before a client connects. This improves
    3387         the speed of smbd when reacting to new connections somewhat. </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>preload modules</code></em> =
    3388 </em></span>
    3389 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>preload modules</code></em> = /usr/lib/samba/passdb/mysql.so
    3390 </em></span>
    33913392</p></dd><dt><span class="term"><a name="PRESERVECASE"></a>preserve case (S)</span></dt><dd><p>
    33923393        This controls if new filenames are created with the case that the client passes, or if
    3393         they are forced to be the <a class="indexterm" name="id289876"></a>default case.
     3394        they are forced to be the <a class="indexterm" name="id318580"></a>default case.
    33943395        </p><p>
    33953396        See the section on <a href="#NAMEMANGLINGSECT" title="NAME MANGLING">NAME MANGLING</a> for a fuller discussion.
     
    34003401    specified for the service. </p><p>Note that a printable service will ALWAYS allow writing
    34013402    to the service path (user privileges permitting) via the spooling
    3402     of print data. The <a class="indexterm" name="id290060"></a>read only parameter controls only non-printing access to
     3403    of print data. The <a class="indexterm" name="id318764"></a>read only parameter controls only non-printing access to
    34033404    the resource.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>printable</code></em> = no
    34043405</em></span>
     
    34183419        </p><p>
    34193420        To use the CUPS printing interface set <span><strong class="command">printcap name = cups </strong></span>. This should
    3420         be supplemented by an addtional setting <a class="indexterm" name="id290198"></a>printing = cups in the [global]
     3421        be supplemented by an addtional setting <a class="indexterm" name="id318902"></a>printing = cups in the [global]
    34213422        section.  <span><strong class="command">printcap name = cups</strong></span> will use the  "dummy" printcap
    34223423        created by CUPS, as specified in your CUPS configuration file.
     
    34713472    be created but not processed and (most importantly) not removed.</p><p>Note that printing may fail on some UNIXes from the
    34723473    <code class="constant">nobody</code> account. If this happens then create
    3473     an alternative guest account that can print and set the <a class="indexterm" name="id290410"></a>guest account
     3474    an alternative guest account that can print and set the <a class="indexterm" name="id319114"></a>guest account
    34743475    in the [global] section.</p><p>You can form quite complex print commands by realizing
    34753476    that they are just passed to a shell. For example the following
     
    34783479    /tmp/print.log; lpr -P %p %s; rm %s</strong></span></p><p>You may have to vary this command considerably depending
    34793480    on how you normally print files on your system. The default for
    3480     the parameter varies depending on the setting of the <a class="indexterm" name="id290437"></a>printing
     3481    the parameter varies depending on the setting of the <a class="indexterm" name="id319140"></a>printing
    34813482        parameter.</p><p>Default: For <span><strong class="command">printing = BSD, AIX, QNX, LPRNG
    34823483    or PLP :</strong></span></p><p><span><strong class="command">print command = lpr -r -P%p %s</strong></span></p><p>For <span><strong class="command">printing = SYSV or HPUX :</strong></span></p><p><span><strong class="command">print command = lp -c -d%p %s; rm %s</strong></span></p><p>For <span><strong class="command">printing = SOFTQ :</strong></span></p><p><span><strong class="command">print command = lp -d%p -s %s; rm %s</strong></span></p><p>For printing = CUPS :   If SAMBA is compiled against
    3483     libcups, then <a class="indexterm" name="id290493"></a>printcap = cups
     3484    libcups, then <a class="indexterm" name="id319197"></a>printcap = cups
    34843485    uses the CUPS API to
    34853486    submit jobs, etc.  Otherwise it maps to the System V
     
    35133514        does not have its own printer name specified.
    35143515        </p><p>
    3515         The default value of the <a class="indexterm" name="id290634"></a>printer name may be <code class="literal">lp</code> on many
     3516        The default value of the <a class="indexterm" name="id319338"></a>printer name may be <code class="literal">lp</code> on many
    35163517        systems.
    35173518        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>printer name</code></em> = none
     
    35863587    executed on the server host in order to resume the printer queue. It
    35873588    is the command to undo the behavior that is caused by the
    3588     previous parameter (<a class="indexterm" name="id291026"></a>queuepause command).</p><p>This command should be a program or script which takes
     3589    previous parameter (<a class="indexterm" name="id319730"></a>queuepause command).</p><p>This command should be a program or script which takes
    35893590    a printer name as its only parameter and resumes the printer queue,
    35903591    such that queued jobs are resubmitted to the printer.</p><p>This command is not supported by Windows for Workgroups,
     
    36063607</p></dd><dt><span class="term"><a name="READLIST"></a>read list (S)</span></dt><dd><p>
    36073608        This is a list of users that are given read-only access to a service. If the connecting user is in this list
    3608         then they will not be given write access, no matter what the <a class="indexterm" name="id291148"></a>read only option is set
    3609         to. The list can include group names using the syntax described in the <a class="indexterm" name="id291156"></a>invalid users
     3609        then they will not be given write access, no matter what the <a class="indexterm" name="id319852"></a>read only option is set
     3610        to. The list can include group names using the syntax described in the <a class="indexterm" name="id319860"></a>invalid users
    36103611        parameter.
    3611         </p><p>This parameter will not work with the <a class="indexterm" name="id291167"></a>security = share in
     3612        </p><p>This parameter will not work with the <a class="indexterm" name="id319871"></a>security = share in
    36123613    Samba 3.0.  This is by design.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>read list</code></em> =
    36133614</em></span>
    36143615</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>read list</code></em> = mary, @students
    36153616</em></span>
    3616 </p></dd><dt><span class="term"><a name="READONLY"></a>read only (S)</span></dt><dd><p>An inverted synonym is <a class="indexterm" name="id291218"></a>writeable.</p><p>If this parameter is <code class="constant">yes</code>, then users
     3617</p></dd><dt><span class="term"><a name="READONLY"></a>read only (S)</span></dt><dd><p>An inverted synonym is <a class="indexterm" name="id319922"></a>writeable.</p><p>If this parameter is <code class="constant">yes</code>, then users
    36173618    of a service may not create or modify files in the service's
    36183619    directory.</p><p>Note that a printable service (<span><strong class="command">printable = yes</strong></span>)
     
    36503651        the above line would cause <span><strong class="command">nmbd</strong></span> to announce itself
    36513652        to the two given IP addresses using the given workgroup names. If you leave out the
    3652         workgroup name then the one given in the <a class="indexterm" name="id291416"></a>workgroup parameter
     3653        workgroup name then the one given in the <a class="indexterm" name="id320120"></a>workgroup parameter
    36533654        is used instead.
    36543655        </p><p>
     
    36873688        is in fact the browse master on its segment.
    36883689        </p><p>
    3689         The <a class="indexterm" name="id291514"></a>remote browse sync may be used on networks
     3690        The <a class="indexterm" name="id320218"></a>remote browse sync may be used on networks
    36903691        where there is no WINS server, and may be used on disjoint networks where
    36913692        each network has its own WINS server.
     
    37493750        </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>
    37503751    The security advantage of using restrict anonymous = 2 is removed
    3751     by setting <a class="indexterm" name="id291687"></a>guest ok = yes on any share.
     3752    by setting <a class="indexterm" name="id320391"></a>guest ok = yes on any share.
    37523753        </p></div><p>Default: <span class="emphasis"><em><em class="parameter"><code>restrict anonymous</code></em> = 0
    37533754</em></span>
     
    37593760    parts of the filesystem, or attempts to use ".." in file names
    37603761    to access other directories (depending on the setting of the
    3761         <a class="indexterm" name="id291780"></a>wide smbconfoptions parameter).
     3762        <a class="indexterm" name="id320484"></a>wide smbconfoptions parameter).
    37623763    </p><p>Adding a <em class="parameter"><code>root directory</code></em> entry other
    37633764    than "/" adds an extra level of security, but at a price. It
     
    37813782        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>root postexec</code></em> =
    37823783</em></span>
     3784</p></dd><dt><span class="term"><a name="ROOTPREEXECCLOSE"></a>root preexec close (S)</span></dt><dd><p>This is the same as the <em class="parameter"><code>preexec close
     3785        </code></em> parameter except that the command is run as root.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>root preexec close</code></em> = no
     3786</em></span>
    37833787</p></dd><dt><span class="term"><a name="ROOTPREEXEC"></a>root preexec (S)</span></dt><dd><p>
    37843788        This is the same as the <em class="parameter"><code>preexec</code></em>
     
    37873791        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>root preexec</code></em> =
    37883792</em></span>
    3789 </p></dd><dt><span class="term"><a name="ROOTPREEXECCLOSE"></a>root preexec close (S)</span></dt><dd><p>This is the same as the <em class="parameter"><code>preexec close
    3790         </code></em> parameter except that the command is run as root.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>root preexec close</code></em> = no
     3793</p></dd><dt><span class="term"><a name="SECURITYMASK"></a>security mask (S)</span></dt><dd><p>
     3794        This parameter controls what UNIX permission bits can be modified when a Windows NT client is manipulating the
     3795        UNIX permission on a file using the native NT security dialog box.
     3796        </p><p>
     3797        This parameter is applied as a mask (AND'ed with) to the changed permission bits, thus preventing any bits not
     3798        in this mask from being modified.  Make sure not to mix up this parameter with <a class="indexterm" name="id320698"></a>force  security mode, which works in a manner similar to this one but uses a logical OR instead of an AND.
     3799        </p><p>
     3800        Essentially, zero bits in this mask may be treated as a set of bits the user is not allowed to change.
     3801        </p><p>
     3802        If not set explicitly this parameter is 0777, allowing a user to modify all the user/group/world permissions on a file.
     3803    </p><p><span class="emphasis"><em>
     3804        Note</em></span> that users who can access the Samba server through other means can easily bypass this
     3805    restriction, so it is primarily useful for standalone "appliance" systems.  Administrators of
     3806        most normal systems will probably want to leave it set to <code class="constant">0777</code>.
     3807        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>security mask</code></em> = 0777
     3808</em></span>
     3809</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>security mask</code></em> = 0770
    37913810</em></span>
    37923811</p></dd><dt><span class="term"><a name="SECURITY"></a>security (G)</span></dt><dd><p>This option affects how clients respond to
     
    38033822    the only option at one stage.</p><p>There is a bug in WfWg that has relevance to this
    38043823    setting. When in user or server level security a WfWg client
    3805     will totally ignore the password you type in the "connect
     3824    will totally ignore the username and password you type in the "connect
    38063825    drive" dialog box. This makes it very difficult (if not impossible)
    38073826    to connect to a Samba service as anyone except the user that
     
    38143833    is commonly used for a shared printer server. It is more difficult
    38153834    to setup guest shares with <span><strong class="command">security = user</strong></span>, see
    3816     the <a class="indexterm" name="id292089"></a>map to guestparameter for details.</p><p>It is possible to use <span><strong class="command">smbd</strong></span> in a <span class="emphasis"><em>
     3835    the <a class="indexterm" name="id320872"></a>map to guestparameter for details.</p><p>It is possible to use <span><strong class="command">smbd</strong></span> in a <span class="emphasis"><em>
    38173836    hybrid mode</em></span> where it is offers both user and share
    3818     level security under different <a class="indexterm" name="id292110"></a>NetBIOS aliases. </p><p>The different settings will now be explained.</p><p><a name="SECURITYEQUALSSHARE"></a><span class="emphasis"><em>SECURITY = SHARE</em></span></p><p>When clients connect to a share level security server they
     3837    level security under different <a class="indexterm" name="id320893"></a>NetBIOS aliases. </p><p>The different settings will now be explained.</p><p><a name="SECURITYEQUALSSHARE"></a><span class="emphasis"><em>SECURITY = SHARE</em></span></p><p>When clients connect to a share level security server they
    38193838    need not log onto the server with a valid username and password before
    38203839    attempting to connect to a shared resource (although modern clients
     
    38293848    techniques to determine the correct UNIX user to use on behalf
    38303849    of the client.</p><p>A list of possible UNIX usernames to match with the given
    3831     client password is constructed using the following methods :</p><div class="itemizedlist"><ul type="disc"><li><p>If the <a class="indexterm" name="id292185"></a>guest only parameter is set, then all the other
    3832             stages are missed and only the <a class="indexterm" name="id292193"></a>guest account username is checked.
     3850    client password is constructed using the following methods :</p><div class="itemizedlist"><ul type="disc"><li><p>If the <a class="indexterm" name="id320968"></a>guest only parameter is set, then all the other
     3851            stages are missed and only the <a class="indexterm" name="id320976"></a>guest account username is checked.
    38333852            </p></li><li><p>Is a username is sent with the share connection
    3834             request, then this username (after mapping - see <a class="indexterm" name="id292208"></a>username map),
     3853            request, then this username (after mapping - see <a class="indexterm" name="id320990"></a>username map),
    38353854            is added as a potential username.
    38363855            </p></li><li><p>If the client did a previous <span class="emphasis"><em>logon
     
    38413860            </p></li><li><p>The NetBIOS name of the client is added to
    38423861            the list as a potential username.
    3843             </p></li><li><p>Any users on the <a class="indexterm" name="id292248"></a>user list are added as potential usernames.
     3862            </p></li><li><p>Any users on the <a class="indexterm" name="id321030"></a>user list are added as potential usernames.
    38443863            </p></li></ul></div><p>If the <em class="parameter"><code>guest only</code></em> parameter is
    38453864    not set, then this list is then tried with the supplied password.
     
    38533872    NOTE ABOUT USERNAME/PASSWORD VALIDATION</a>.</p><p><a name="SECURITYEQUALSUSER"></a><span class="emphasis"><em>SECURITY = USER</em></span></p><p>This is the default security setting in Samba 3.0.
    38543873    With user-level security a client must first "log-on" with a
    3855     valid username and password (which can be mapped using the <a class="indexterm" name="id292317"></a>username map
    3856     parameter). Encrypted passwords (see the <a class="indexterm" name="id292325"></a>encrypted passwords parameter) can also
    3857     be used in this security mode. Parameters such as <a class="indexterm" name="id292332"></a>user and <a class="indexterm" name="id292340"></a>guest only if set      are then applied and
     3874    valid username and password (which can be mapped using the <a class="indexterm" name="id321100"></a>username map
     3875    parameter). Encrypted passwords (see the <a class="indexterm" name="id321107"></a>encrypted passwords parameter) can also
     3876    be used in this security mode. Parameters such as <a class="indexterm" name="id321115"></a>user and <a class="indexterm" name="id321122"></a>guest only if set      are then applied and
    38583877    may change the UNIX user to use on this connection, but only after
    38593878    the user has been successfully authenticated.</p><p><span class="emphasis"><em>Note</em></span> that the name of the resource being
     
    38613880    the server has successfully authenticated the client. This is why
    38623881    guest shares don't work in user level security without allowing
    3863     the server to automatically map unknown users into the <a class="indexterm" name="id292359"></a>guest account.
    3864     See the <a class="indexterm" name="id292366"></a>map to guest parameter for details on doing this.</p><p>See also the section <a href="#VALIDATIONSECT" title="NOTE ABOUT USERNAME/PASSWORD VALIDATION">NOTE ABOUT USERNAME/PASSWORD VALIDATION</a>.</p><p><a name="SECURITYEQUALSDOMAIN"></a><span class="emphasis"><em>SECURITY = DOMAIN</em></span></p><p>This mode will only work correctly if <a href="net.8.html"><span class="citerefentry"><span class="refentrytitle">net</span>(8)</span></a> has been used to add this
    3865     machine into a Windows NT Domain. It expects the <a class="indexterm" name="id292405"></a>encrypted passwords
     3882    the server to automatically map unknown users into the <a class="indexterm" name="id321142"></a>guest account.
     3883    See the <a class="indexterm" name="id321149"></a>map to guest parameter for details on doing this.</p><p>See also the section <a href="#VALIDATIONSECT" title="NOTE ABOUT USERNAME/PASSWORD VALIDATION">NOTE ABOUT USERNAME/PASSWORD VALIDATION</a>.</p><p><a name="SECURITYEQUALSDOMAIN"></a><span class="emphasis"><em>SECURITY = DOMAIN</em></span></p><p>This mode will only work correctly if <a href="net.8.html"><span class="citerefentry"><span class="refentrytitle">net</span>(8)</span></a> has been used to add this
     3884    machine into a Windows NT Domain. It expects the <a class="indexterm" name="id321187"></a>encrypted passwords
    38663885        parameter to be set to <code class="constant">yes</code>. In this
    38673886    mode Samba will try to validate the username/password by passing
     
    38773896    the server has successfully authenticated the client. This is why
    38783897    guest shares don't work in user level security without allowing
    3879     the server to automatically map unknown users into the <a class="indexterm" name="id292455"></a>guest account.
    3880     See the <a class="indexterm" name="id292462"></a>map to guest parameter for details on doing this.</p><p>See also the section <a href="#VALIDATIONSECT" title="NOTE ABOUT USERNAME/PASSWORD VALIDATION">
    3881     NOTE ABOUT USERNAME/PASSWORD VALIDATION</a>.</p><p>See also the <a class="indexterm" name="id292483"></a>password server parameter and
    3882          the <a class="indexterm" name="id292490"></a>encrypted passwords parameter.</p><p><a name="SECURITYEQUALSSERVER"></a><span class="emphasis"><em>SECURITY = SERVER</em></span></p><p>
     3898    the server to automatically map unknown users into the <a class="indexterm" name="id321237"></a>guest account.
     3899    See the <a class="indexterm" name="id321245"></a>map to guest parameter for details on doing this.</p><p>See also the section <a href="#VALIDATIONSECT" title="NOTE ABOUT USERNAME/PASSWORD VALIDATION">
     3900    NOTE ABOUT USERNAME/PASSWORD VALIDATION</a>.</p><p>See also the <a class="indexterm" name="id321266"></a>password server parameter and
     3901         the <a class="indexterm" name="id321273"></a>encrypted passwords parameter.</p><p><a name="SECURITYEQUALSSERVER"></a><span class="emphasis"><em>SECURITY = SERVER</em></span></p><p>
    38833902        In this mode Samba will try to validate the username/password by passing it to another SMB server, such as an
    38843903        NT box. If this fails it will revert to <span><strong class="command">security = user</strong></span>. It expects the
    3885         <a class="indexterm" name="id292517"></a>encrypted passwords parameter to be set to <code class="constant">yes</code>, unless the remote
     3904        <a class="indexterm" name="id321300"></a>encrypted passwords parameter to be set to <code class="constant">yes</code>, unless the remote
    38863905        server does not support them.  However note that if encrypted passwords have been negotiated then Samba cannot
    38873906        revert back to checking the UNIX password file, it must have a valid <code class="filename">smbpasswd</code> file to check users against. See the chapter about the User Database in
     
    39033922    the server has successfully authenticated the client. This is why
    39043923    guest shares don't work in user level security without allowing
    3905     the server to automatically map unknown users into the <a class="indexterm" name="id292579"></a>guest account.
    3906     See the <a class="indexterm" name="id292586"></a>map to guest parameter for details on doing this.</p><p>See also the section <a href="#VALIDATIONSECT" title="NOTE ABOUT USERNAME/PASSWORD VALIDATION">
    3907     NOTE ABOUT USERNAME/PASSWORD VALIDATION</a>.</p><p>See also the <a class="indexterm" name="id292607"></a>password server parameter and the
    3908         <a class="indexterm" name="id292614"></a>encrypted passwords parameter.</p><p><a name="SECURITYEQUALSADS"></a><span class="emphasis"><em>SECURITY = ADS</em></span></p><p>In this mode, Samba will act as a domain member in an ADS realm. To operate
     3924    the server to automatically map unknown users into the <a class="indexterm" name="id321357"></a>guest account.
     3925    See the <a class="indexterm" name="id321364"></a>map to guest parameter for details on doing this.</p><p>See also the section <a href="#VALIDATIONSECT" title="NOTE ABOUT USERNAME/PASSWORD VALIDATION">
     3926    NOTE ABOUT USERNAME/PASSWORD VALIDATION</a>.</p><p>See also the <a class="indexterm" name="id321385"></a>password server parameter and the
     3927        <a class="indexterm" name="id321393"></a>encrypted passwords parameter.</p><p><a name="SECURITYEQUALSADS"></a><span class="emphasis"><em>SECURITY = ADS</em></span></p><p>In this mode, Samba will act as a domain member in an ADS realm. To operate
    39093928                in this mode, the machine running Samba will need to have Kerberos installed
    39103929                and configured and Samba will need to be joined to the ADS realm using the
     
    39143933</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>security</code></em> = DOMAIN
    39153934</em></span>
    3916 </p></dd><dt><span class="term"><a name="SECURITYMASK"></a>security mask (S)</span></dt><dd><p>
    3917         This parameter controls what UNIX permission bits can be modified when a Windows NT client is manipulating the
    3918         UNIX permission on a file using the native NT security dialog box.
    3919         </p><p>
    3920         This parameter is applied as a mask (AND'ed with) to the changed permission bits, thus preventing any bits not
    3921         in this mask from being modified.  Make sure not to mix up this parameter with <a class="indexterm" name="id292695"></a>force  security mode, which works in a manner similar to this one but uses a logical OR instead of an AND.
    3922         </p><p>
    3923         Essentially, zero bits in this mask may be treated as a set of bits the user is not allowed to change.
    3924         </p><p>
    3925         If not set explicitly this parameter is 0777, allowing a user to modify all the user/group/world permissions on a file.
    3926     </p><p><span class="emphasis"><em>
    3927         Note</em></span> that users who can access the Samba server through other means can easily bypass this
    3928     restriction, so it is primarily useful for standalone "appliance" systems.  Administrators of
    3929         most normal systems will probably want to leave it set to <code class="constant">0777</code>.
    3930         </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>security mask</code></em> = 0777
    3931 </em></span>
    3932 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>security mask</code></em> = 0770
    3933 </em></span>
    39343935</p></dd><dt><span class="term"><a name="SERVERSCHANNEL"></a>server schannel (G)</span></dt><dd><p>
    39353936        This controls whether the server offers or even demands the use of the netlogon schannel.
    3936         <a class="indexterm" name="id292768"></a>server schannel = no does not offer the schannel, <a class="indexterm" name="id292776"></a>server schannel = auto offers the schannel but does not enforce it, and <a class="indexterm" name="id292783"></a>server schannel = yes denies access if the client is not able to speak netlogon schannel.
     3937        <a class="indexterm" name="id321468"></a>server schannel = no does not offer the schannel, <a class="indexterm" name="id321475"></a>server schannel = auto offers the schannel but does not enforce it, and <a class="indexterm" name="id321483"></a>server schannel = yes denies access if the client is not able to speak netlogon schannel.
    39373938        This is only the case for Windows NT4 before SP4.
    39383939        </p><p>
     
    40074008</p></dd><dt><span class="term"><a name="SHORTPRESERVECASE"></a>short preserve case (S)</span></dt><dd><p>
    40084009        This boolean parameter controls if new files which conform to 8.3 syntax, that is all in upper case and of
    4009         suitable length, are created upper case, or if they are forced to be the <a class="indexterm" name="id293318"></a>default case.
    4010         This  option can be use with <a class="indexterm" name="id293325"></a>preserve case = yes to permit long filenames
     4010        suitable length, are created upper case, or if they are forced to be the <a class="indexterm" name="id322017"></a>default case.
     4011        This  option can be use with <a class="indexterm" name="id322025"></a>preserve case = yes to permit long filenames
    40114012        to retain their case, while short names are lowered.
    40124013        </p><p>See the section on <a href="#NAMEMANGLINGSECT" title="NAME MANGLING">NAME MANGLING</a>.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>short preserve case</code></em> = yes
     
    41084109        If this parameter is set Samba attempts to first read DOS attributes (SYSTEM, HIDDEN, ARCHIVE or
    41094110        READ-ONLY) from a filesystem extended attribute, before mapping DOS attributes to UNIX permission bits (such
    4110         as occurs with <a class="indexterm" name="id293927"></a>map hidden and <a class="indexterm" name="id293934"></a>map readonly).  When set, DOS
     4111        as occurs with <a class="indexterm" name="id322627"></a>map hidden and <a class="indexterm" name="id322634"></a>map readonly).  When set, DOS
    41114112        attributes will be stored onto an extended attribute in the UNIX filesystem, associated with the file or
    4112         directory.  For no other mapping to occur as a fall-back, the parameters <a class="indexterm" name="id293943"></a>map hidden,
    4113         <a class="indexterm" name="id293950"></a>map system, <a class="indexterm" name="id293957"></a>map archive and <a class="indexterm" name="id293964"></a>map  readonly must be set to off.  This parameter writes the DOS attributes as a string into the extended
     4113        directory.  For no other mapping to occur as a fall-back, the parameters <a class="indexterm" name="id322642"></a>map hidden,
     4114        <a class="indexterm" name="id322649"></a>map system, <a class="indexterm" name="id322656"></a>map archive and <a class="indexterm" name="id322664"></a>map  readonly must be set to off.  This parameter writes the DOS attributes as a string into the extended
    41144115        attribute named "user.DOSATTRIB". This extended attribute is explicitly hidden from smbd clients requesting an
    41154116        EA list. On Linux the filesystem must have been mounted with the mount option user_xattr in order for
     
    41834184    any affect.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>sync always</code></em> = no
    41844185</em></span>
     4186</p></dd><dt><span class="term"><a name="SYSLOGONLY"></a>syslog only (G)</span></dt><dd><p>
     4187    If this parameter is set then Samba debug messages are logged into the system
     4188    syslog only, and not to the debug log files.
     4189    </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>syslog only</code></em> = no
     4190</em></span>
    41854191</p></dd><dt><span class="term"><a name="SYSLOG"></a>syslog (G)</span></dt><dd><p>
    41864192    This parameter maps how Samba debug messages are logged onto the system syslog logging levels.
     
    41934199    </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>syslog</code></em> = 1
    41944200</em></span>
    4195 </p></dd><dt><span class="term"><a name="SYSLOGONLY"></a>syslog only (G)</span></dt><dd><p>
    4196     If this parameter is set then Samba debug messages are logged into the system
    4197     syslog only, and not to the debug log files.
    4198     </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>syslog only</code></em> = no
    4199 </em></span>
    42004201</p></dd><dt><span class="term"><a name="TEMPLATEHOMEDIR"></a>template homedir (G)</span></dt><dd><p>When filling out the user information for a Windows NT
    42014202        user, the <a href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> daemon  uses this
     
    42534254        in the smbpasswd file this parameter should be set to <code class="constant">no</code>.
    42544255        </p><p>
    4255         In order for this parameter to be operative the <a class="indexterm" name="id294723"></a>encrypt passwords parameter must
    4256     be set to <code class="constant">no</code>. The default value of <a class="indexterm" name="id294734"></a>encrypt  passwords = Yes. Note: This must be set to <code class="constant">no</code> for this <a class="indexterm" name="id294745"></a>update encrypted to work.
     4256        In order for this parameter to be operative the <a class="indexterm" name="id323423"></a>encrypt passwords parameter must
     4257    be set to <code class="constant">no</code>. The default value of <a class="indexterm" name="id323434"></a>encrypt  passwords = Yes. Note: This must be set to <code class="constant">no</code> for this <a class="indexterm" name="id323445"></a>update encrypted to work.
    42574258        </p><p>
    42584259        Note that even when this parameter is set a user authenticating to <span><strong class="command">smbd</strong></span>
     
    43074308    </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>use mmap</code></em> = yes
    43084309</em></span>
     4310</p></dd><dt><span class="term"><a name="USERNAMELEVEL"></a>username level (G)</span></dt><dd><p>This option helps Samba to try and 'guess' at
     4311    the real UNIX username, as many DOS clients send an all-uppercase
     4312    username. By default Samba tries all lowercase, followed by the
     4313    username with the first letter capitalized, and fails if the
     4314    username is not found on the UNIX machine.</p><p>If this parameter is set to non-zero the behavior changes.
     4315    This parameter is a number that specifies the number of uppercase
     4316    combinations to try while trying to determine the UNIX user name. The
     4317    higher the number the more combinations will be tried, but the slower
     4318    the discovery of usernames will be. Use this parameter when you have
     4319    strange usernames on your UNIX machine, such as <code class="constant">AstrangeUser
     4320    </code>.</p><p>This parameter is needed only on UNIX systems that have case
     4321    sensitive usernames.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>username level</code></em> = 0
     4322</em></span>
     4323</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>username level</code></em> = 5
     4324</em></span>
     4325</p></dd><dt><span class="term"><a name="USERNAMEMAPSCRIPT"></a>username map script (G)</span></dt><dd><p>This script is a mutually exclusive alternative to the
     4326        <a class="indexterm" name="id323716"></a>username map parameter.  This parameter
     4327        specifies and external program or script that must accept a single
     4328        command line option (the username transmitted in the authentication
     4329        request) and return a line line on standard output (the name to which
     4330        the account should mapped).  In this way, it is possible to store
     4331        username map tables in an LDAP or NIS directory services.
     4332        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>username map script</code></em> =
     4333</em></span>
     4334</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>username map script</code></em> = /etc/samba/scripts/mapusers.sh
     4335</em></span>
     4336</p></dd><dt><span class="term"><a name="USERNAMEMAP"></a>username map (G)</span></dt><dd><p>
     4337        This option allows you to specify a file containing a mapping of usernames from the clients to the server.
     4338        This can be used for several purposes. The most common is to map usernames that users use on DOS or Windows
     4339        machines to those that the UNIX box uses. The other is to map multiple users to a single username so that they
     4340        can more easily share files.
     4341        </p><p>
     4342        Please note that for user or share mode security, the username map is applied prior to validating the user
     4343        credentials.  Domain member servers (domain or ads) apply the username map after the user has been
     4344        successfully authenticated by the domain controller and require fully qualified enties in the map table (e.g.
     4345        biddle = DOMAIN\foo).
     4346        </p><p>
     4347        The map file is parsed line by line. Each line should contain a single UNIX username on the left then a '='
     4348        followed by a list of usernames on the right. The list of usernames on the right may contain names of the form
     4349        @group in which case they will match any UNIX username in that group. The special client name '*' is a
     4350        wildcard and matches any name. Each line of the map file may be up to 1023 characters long.
     4351        </p><p>
     4352        The file is processed on each line by taking the supplied username and comparing it with each username on the
     4353        right hand side of the '=' signs. If the supplied name matches any of the names on the right hand side then it
     4354        is replaced with the name on the left. Processing then continues with the next line.
     4355        </p><p>
     4356        If any line begins with a '#' or a ';' then it is ignored.
     4357        </p><p>
     4358        If any line begins with an '!' then the processing will stop after that line if a mapping was done by the
     4359        line.  Otherwise mapping continues with every line being processed.  Using '!' is most useful when you have a
     4360        wildcard mapping line later in the file.
     4361        </p><p>
     4362        For example to map from the name <code class="constant">admin</code> or <code class="constant">administrator</code> to the UNIX
     4363        name <code class="constant"> root</code> you would use:
     4364</p><pre class="programlisting">
     4365<span><strong class="command">root = admin administrator</strong></span>
     4366</pre><p>
     4367        Or to map anyone in the UNIX group <code class="constant">system</code> to the UNIX name <code class="constant">sys</code> you would use:
     4368</p><pre class="programlisting">
     4369<span><strong class="command">sys = @system</strong></span>
     4370</pre><p>
     4371        </p><p>
     4372        You can have as many mappings as you like in a username map file.
     4373        </p><p>
     4374        If your system supports the NIS NETGROUP option then the netgroup database is checked before the <code class="filename">/etc/group </code> database for matching groups.
     4375        </p><p>
     4376        You can map Windows usernames that have spaces in them by using double quotes around the name. For example:
     4377</p><pre class="programlisting">
     4378<span><strong class="command">tridge = "Andrew Tridgell"</strong></span>
     4379</pre><p>
     4380    would map the windows username "Andrew Tridgell" to the unix username "tridge".
     4381        </p><p>
     4382        The following example would map mary and fred to the unix user sys, and map the rest to guest. Note the use of the
     4383    '!' to tell Samba to stop processing if it gets a match on that line:
     4384</p><pre class="programlisting">
     4385!sys = mary fred
     4386guest = *
     4387</pre><p>
     4388    </p><p>
     4389        Note that the remapping is applied to all occurrences of usernames.  Thus if you connect to \\server\fred and
     4390        <code class="constant">fred</code> is remapped to <code class="constant">mary</code> then you will actually be connecting to
     4391        \\server\mary and will need to supply a password suitable for <code class="constant">mary</code> not
     4392        <code class="constant">fred</code>. The only exception to this is the username passed to the <a class="indexterm" name="id323909"></a>password server (if you have one). The password server will receive whatever username the client
     4393        supplies without  modification.
     4394    </p><p>
     4395        Also note that no reverse mapping is done. The main effect this has is with printing. Users who have been
     4396        mapped may have trouble deleting print jobs as PrintManager under WfWg will think they don't own the print
     4397        job.
     4398        </p><p>
     4399        Samba versions prior to 3.0.8 would only support reading the fully qualified username (e.g.: DOMAIN\user) from
     4400        the username map when performing a kerberos login from a client.  However, when looking up a map entry for a
     4401        user authenticated by NTLM[SSP], only the login name would be used for matches.  This resulted in inconsistent
     4402        behavior sometimes even on the same server.
     4403   </p><p>
     4404   The following functionality is obeyed in version 3.0.8 and later:
     4405   </p><p>
     4406    When performing local authentication, the username map is applied to the login name before attempting to authenticate
     4407    the connection.
     4408    </p><p>
     4409    When relying upon a external domain controller for validating authentication requests, smbd will apply the username map
     4410    to the fully qualified username (i.e. DOMAIN\user) only after the user has been successfully authenticated.
     4411    </p><p>
     4412    An example of use is:
     4413</p><pre class="programlisting">
     4414username map = /usr/local/samba/lib/users.map
     4415</pre><p>
     4416    </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>username map</code></em> =
     4417# no username map
     4418</em></span>
    43094419</p></dd><dt><span class="term"><a name="USER"></a>user</span></dt><dd><p>This parameter is a synonym for username.</p></dd><dt><span class="term"><a name="USERS"></a>users</span></dt><dd><p>This parameter is a synonym for username.</p></dd><dt><span class="term"><a name="USERNAME"></a>username (S)</span></dt><dd><p>Multiple users may be specified in a comma-delimited
    43104420    list, in which case the supplied password will be tested against
     
    43264436    telnet session. The daemon runs as the user that they log in as,
    43274437    so they cannot do anything that user cannot do.</p><p>To restrict a service to a particular set of users you
    4328     can use the <a class="indexterm" name="id295039"></a>valid users parameter.</p><p>If any of the usernames begin with a '@' then the name
     4438    can use the <a class="indexterm" name="id324070"></a>valid users parameter.</p><p>If any of the usernames begin with a '@' then the name
    43294439    will be looked up first in the NIS netgroups list (if Samba
    43304440    is compiled with netgroup support), followed by a lookup in
     
    43454455</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>username</code></em> = fred, mary, jack, jane, @users, @pcgroup
    43464456</em></span>
    4347 </p></dd><dt><span class="term"><a name="USERNAMELEVEL"></a>username level (G)</span></dt><dd><p>This option helps Samba to try and 'guess' at
    4348     the real UNIX username, as many DOS clients send an all-uppercase
    4349     username. By default Samba tries all lowercase, followed by the
    4350     username with the first letter capitalized, and fails if the
    4351     username is not found on the UNIX machine.</p><p>If this parameter is set to non-zero the behavior changes.
    4352     This parameter is a number that specifies the number of uppercase
    4353     combinations to try while trying to determine the UNIX user name. The
    4354     higher the number the more combinations will be tried, but the slower
    4355     the discovery of usernames will be. Use this parameter when you have
    4356     strange usernames on your UNIX machine, such as <code class="constant">AstrangeUser
    4357     </code>.</p><p>This parameter is needed only on UNIX systems that have case
    4358     sensitive usernames.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>username level</code></em> = 0
    4359 </em></span>
    4360 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>username level</code></em> = 5
    4361 </em></span>
    4362 </p></dd><dt><span class="term"><a name="USERNAMEMAP"></a>username map (G)</span></dt><dd><p>
    4363         This option allows you to specify a file containing a mapping of usernames from the clients to the server.
    4364         This can be used for several purposes. The most common is to map usernames that users use on DOS or Windows
    4365         machines to those that the UNIX box uses. The other is to map multiple users to a single username so that they
    4366         can more easily share files.
    4367         </p><p>
    4368         Please note that for user or share mode security, the username map is applied prior to validating the user
    4369         credentials.  Domain member servers (domain or ads) apply the username map after the user has been
    4370         successfully authenticated by the domain controller and require fully qualified enties in the map table (e.g.
    4371         biddle = DOMAIN\foo).
    4372         </p><p>
    4373         The map file is parsed line by line. Each line should contain a single UNIX username on the left then a '='
    4374         followed by a list of usernames on the right. The list of usernames on the right may contain names of the form
    4375         @group in which case they will match any UNIX username in that group. The special client name '*' is a
    4376         wildcard and matches any name. Each line of the map file may be up to 1023 characters long.
    4377         </p><p>
    4378         The file is processed on each line by taking the supplied username and comparing it with each username on the
    4379         right hand side of the '=' signs. If the supplied name matches any of the names on the right hand side then it
    4380         is replaced with the name on the left. Processing then continues with the next line.
    4381         </p><p>
    4382         If any line begins with a '#' or a ';' then it is ignored.
    4383         </p><p>
    4384         If any line begins with an '!' then the processing will stop after that line if a mapping was done by the
    4385         line.  Otherwise mapping continues with every line being processed.  Using '!' is most useful when you have a
    4386         wildcard mapping line later in the file.
    4387         </p><p>
    4388         For example to map from the name <code class="constant">admin</code> or <code class="constant">administrator</code> to the UNIX
    4389         name <code class="constant"> root</code> you would use:
    4390 </p><pre class="programlisting">
    4391 <span><strong class="command">root = admin administrator</strong></span>
    4392 </pre><p>
    4393         Or to map anyone in the UNIX group <code class="constant">system</code> to the UNIX name <code class="constant">sys</code> you would use:
    4394 </p><pre class="programlisting">
    4395 <span><strong class="command">sys = @system</strong></span>
    4396 </pre><p>
    4397         </p><p>
    4398         You can have as many mappings as you like in a username map file.
    4399         </p><p>
    4400         If your system supports the NIS NETGROUP option then the netgroup database is checked before the <code class="filename">/etc/group </code> database for matching groups.
    4401         </p><p>
    4402         You can map Windows usernames that have spaces in them by using double quotes around the name. For example:
    4403 </p><pre class="programlisting">
    4404 <span><strong class="command">tridge = "Andrew Tridgell"</strong></span>
    4405 </pre><p>
    4406     would map the windows username "Andrew Tridgell" to the unix username "tridge".
    4407         </p><p>
    4408         The following example would map mary and fred to the unix user sys, and map the rest to guest. Note the use of the
    4409     '!' to tell Samba to stop processing if it gets a match on that line:
    4410 </p><pre class="programlisting">
    4411 !sys = mary fred
    4412 guest = *
    4413 </pre><p>
    4414     </p><p>
    4415         Note that the remapping is applied to all occurrences of usernames.  Thus if you connect to \\server\fred and
    4416         <code class="constant">fred</code> is remapped to <code class="constant">mary</code> then you will actually be connecting to
    4417         \\server\mary and will need to supply a password suitable for <code class="constant">mary</code> not
    4418         <code class="constant">fred</code>. The only exception to this is the username passed to the <a class="indexterm" name="id295325"></a>password server (if you have one). The password server will receive whatever username the client
    4419         supplies without  modification.
    4420     </p><p>
    4421         Also note that no reverse mapping is done. The main effect this has is with printing. Users who have been
    4422         mapped may have trouble deleting print jobs as PrintManager under WfWg will think they don't own the print
    4423         job.
    4424         </p><p>
    4425         Samba versions prior to 3.0.8 would only support reading the fully qualified username (e.g.: DOMAIN\user) from
    4426         the username map when performing a kerberos login from a client.  However, when looking up a map entry for a
    4427         user authenticated by NTLM[SSP], only the login name would be used for matches.  This resulted in inconsistent
    4428         behavior sometimes even on the same server.
    4429    </p><p>
    4430    The following functionality is obeyed in version 3.0.8 and later:
    4431    </p><p>
    4432     When performing local authentication, the username map is applied to the login name before attempting to authenticate
    4433     the connection.
    4434     </p><p>
    4435     When relying upon a external domain controller for validating authentication requests, smbd will apply the username map
    4436     to the fully qualified username (i.e. DOMAIN\user) only after the user has been successfully authenticated.
    4437     </p><p>
    4438     An example of use is:
    4439 </p><pre class="programlisting">
    4440 username map = /usr/local/samba/lib/users.map
    4441 </pre><p>
    4442     </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>username map</code></em> =
    4443 # no username map
    4444 </em></span>
    4445 </p></dd><dt><span class="term"><a name="USERNAMEMAPSCRIPT"></a>username map script (G)</span></dt><dd><p>This script is a mutually exclusive alternative to the
    4446         <a class="indexterm" name="id295402"></a>username map parameter.  This parameter
    4447         specifies and external program or script that must accept a single
    4448         command line option (the username transmitted in the authentication
    4449         request) and return a line line on standard output (the name to which
    4450         the account should mapped).  In this way, it is possible to store
    4451         username map tables in an LDAP or NIS directory services.
    4452         </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>username map script</code></em> =
    4453 </em></span>
    4454 </p><p>Example: <span class="emphasis"><em><em class="parameter"><code>username map script</code></em> = /etc/samba/scripts/mapusers.sh
    4455 </em></span>
    44564457</p></dd><dt><span class="term"><a name="USERSHAREALLOWGUESTS"></a>usershare allow guests (G)</span></dt><dd><p>This parameter controls whether user defined shares are allowed
    44574458        to be accessed by non-authenticated users or not. It is the equivalent
     
    45604561        disabled.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>use spnego</code></em> = yes
    45614562</em></span>
    4562 </p></dd><dt><span class="term"><a name="UTMP"></a>utmp (G)</span></dt><dd><p>
    4563         This boolean parameter is only available if Samba has been configured and compiled 
    4564         with the option <span><strong class="command">--with-utmp</strong></span>. If set to
    4565          <code class="constant">yes</code> then Samba will attempt to add utmp or utmpx records
    4566         (depending on the UNIX system) whenever a connection is made to a Samba server.
    4567         Sites may use this to record the user connecting to a Samba share.
    4568         </p><p>
    4569         Due to the requirements of the utmp record, we  are required to create a unique
    4570         identifier for the incoming user.  Enabling this option creates an n^2  algorithm
    4571         to find this number.  This may impede performance on large installations.
    4572         </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>utmp</code></em> = no
    4573 </em></span>
    45744563</p></dd><dt><span class="term"><a name="UTMPDIRECTORY"></a>utmp directory (G)</span></dt><dd><p>This parameter is only available if Samba has
    45754564        been configured and compiled with the option <span><strong class="command">
     
    45844573</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>utmp directory</code></em> = /var/run/utmp
    45854574</em></span>
    4586 </p></dd><dt><span class="term"><a name="-VALID"></a>-valid (S)</span></dt><dd><p> This parameter indicates whether a share is
    4587         valid and thus can be used. When this parameter is set to false,
    4588         the share will be in no way visible nor accessible.
    4589         </p><p>
    4590         This option should not be
    4591         used by regular users but might be of help to developers.
    4592         Samba uses this option internally to mark shares as deleted.
    4593         </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>-valid</code></em> = yes
     4575</p></dd><dt><span class="term"><a name="UTMP"></a>utmp (G)</span></dt><dd><p>
     4576        This boolean parameter is only available if Samba has been configured and compiled 
     4577        with the option <span><strong class="command">--with-utmp</strong></span>. If set to
     4578         <code class="constant">yes</code> then Samba will attempt to add utmp or utmpx records
     4579        (depending on the UNIX system) whenever a connection is made to a Samba server.
     4580        Sites may use this to record the user connecting to a Samba share.
     4581        </p><p>
     4582        Due to the requirements of the utmp record, we  are required to create a unique
     4583        identifier for the incoming user.  Enabling this option creates an n^2  algorithm
     4584        to find this number.  This may impede performance on large installations.
     4585        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>utmp</code></em> = no
    45944586</em></span>
    45954587</p></dd><dt><span class="term"><a name="VALIDUSERS"></a>valid users (S)</span></dt><dd><p>
     
    46094601</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>valid users</code></em> = greg, @pcusers
    46104602</em></span>
     4603</p></dd><dt><span class="term"><a name="-VALID"></a>-valid (S)</span></dt><dd><p> This parameter indicates whether a share is
     4604        valid and thus can be used. When this parameter is set to false,
     4605        the share will be in no way visible nor accessible.
     4606        </p><p>
     4607        This option should not be
     4608        used by regular users but might be of help to developers.
     4609        Samba uses this option internally to mark shares as deleted.
     4610        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>-valid</code></em> = yes
     4611</em></span>
    46114612</p></dd><dt><span class="term"><a name="VETOFILES"></a>veto files (S)</span></dt><dd><p>
    46124613        This is a list of files and directories that are neither visible nor accessible.  Each entry in
     
    46174618        unix directory  separator '/'.
    46184619        </p><p>
    4619         Note that the <a class="indexterm" name="id296108"></a>case sensitive option is applicable in vetoing files.
     4620        Note that the <a class="indexterm" name="id324807"></a>case sensitive option is applicable in vetoing files.
    46204621        </p><p>
    46214622        One feature of the veto files parameter that it is important to be aware of is Samba's behaviour when
    46224623        trying to delete a directory. If a directory that is to be deleted contains nothing but veto files this
    4623         deletion will <span class="emphasis"><em>fail</em></span> unless you also set the <a class="indexterm" name="id296124"></a>delete veto files
     4624        deletion will <span class="emphasis"><em>fail</em></span> unless you also set the <a class="indexterm" name="id324824"></a>delete veto files
    46244625        parameter to <em class="parameter"><code>yes</code></em>.
    46254626        </p><p>
     
    46414642</em></span>
    46424643</p></dd><dt><span class="term"><a name="VETOOPLOCKFILES"></a>veto oplock files (S)</span></dt><dd><p>
    4643         This parameter is only valid when the <a class="indexterm" name="id296187"></a>oplocks
     4644        This parameter is only valid when the <a class="indexterm" name="id324887"></a>oplocks
    46444645        parameter is turned on for a share. It allows the Samba administrator
    46454646        to selectively turn off the granting of oplocks on selected files that
    46464647        match a wildcarded list, similar to the wildcarded list used in the
    4647         <a class="indexterm" name="id296196"></a>veto files parameter.
     4648        <a class="indexterm" name="id324895"></a>veto files parameter.
    46484649        </p><p>
    46494650        You might want to do this on files that you know will be heavily contended
     
    46864687        again.</p><p>
    46874688        This does not apply to authentication requests, these are always
    4688         evaluated in real time unless the <a class="indexterm" name="id296414"></a>winbind   offline logon option has been enabled.
     4689        evaluated in real time unless the <a class="indexterm" name="id325114"></a>winbind   offline logon option has been enabled.
    46894690        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>winbind cache time</code></em> = 300
    46904691</em></span>
     
    47834784        </p><p>
    47844785        This parameter is not deprecated in favor of the newer idmap_nss backend.
    4785         Refer to the <a class="indexterm" name="id296984"></a>idmap domains smb.conf option and
     4786        Refer to the <a class="indexterm" name="id325684"></a>idmap domains smb.conf option and
    47864787        the <a href="idmap_nss.8.html"><span class="citerefentry"><span class="refentrytitle">idmap_nss</span>(8)</span></a> man page for more information.
    47874788        </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>winbind trusted domains only</code></em> = no
     
    48504851        appear to be in when queried by clients. Note that this parameter
    48514852        also controls the Domain name used with
    4852         the <a class="indexterm" name="id297374"></a>security = domain
     4853        the <a class="indexterm" name="id326074"></a>security = domain
    48534854                setting.</p><p>Default: <span class="emphasis"><em><em class="parameter"><code>workgroup</code></em> = WORKGROUP
    48544855</em></span>
    48554856</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>workgroup</code></em> = MYGROUP
    48564857</em></span>
    4857 </p></dd><dt><span class="term"><a name="WRITABLE"></a>writable</span></dt><dd><p>This parameter is a synonym for writeable.</p></dd><dt><span class="term"><a name="WRITEABLE"></a>writeable (S)</span></dt><dd><p>Inverted synonym for <a class="indexterm" name="id297447"></a>read only.</p><p><span class="emphasis"><em>No default</em></span></p></dd><dt><span class="term"><a name="WRITECACHESIZE"></a>write cache size (S)</span></dt><dd><p>If this integer parameter is set to non-zero value,
     4858</p></dd><dt><span class="term"><a name="WRITABLE"></a>writable</span></dt><dd><p>This parameter is a synonym for writeable.</p></dd><dt><span class="term"><a name="WRITEABLE"></a>writeable (S)</span></dt><dd><p>Inverted synonym for <a class="indexterm" name="id326147"></a>read only.</p><p><span class="emphasis"><em>No default</em></span></p></dd><dt><span class="term"><a name="WRITECACHESIZE"></a>write cache size (S)</span></dt><dd><p>If this integer parameter is set to non-zero value,
    48584859    Samba will create an in-memory cache for each oplocked file
    48594860    (it does <span class="emphasis"><em>not</em></span> do this for
     
    48764877    This is a list of users that are given read-write access to a service. If the
    48774878    connecting user is in this list then they will be given write access, no matter
    4878     what the <a class="indexterm" name="id297544"></a>read only option is set to. The list can
     4879    what the <a class="indexterm" name="id326244"></a>read only option is set to. The list can
    48794880    include group names using the @group syntax.
    48804881    </p><p>
     
    48834884    </p><p>
    48844885    By design, this parameter will not work with the
    4885     <a class="indexterm" name="id297560"></a>security = share in Samba 3.0.
     4886    <a class="indexterm" name="id326260"></a>security = share in Samba 3.0.
    48864887    </p><p>Default: <span class="emphasis"><em><em class="parameter"><code>write list</code></em> =
    48874888</em></span>
     
    49044905</p><p>Example: <span class="emphasis"><em><em class="parameter"><code>wtmp directory</code></em> = /var/log/wtmp
    49054906</em></span>
    4906 </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id297693"></a><h2>WARNINGS</h2><p>
     4907</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id326393"></a><h2>WARNINGS</h2><p>
    49074908        Although the configuration file permits service names to contain spaces, your client software may not.
    49084909        Spaces will be ignored in comparisons anyway, so it shouldn't be a problem - but be aware of the possibility.
     
    49174918        care when designing these sections. In particular, ensure that the permissions on spool directories are
    49184919        correct.
    4919         </p></div><div class="refsect1" lang="en"><a name="id297736"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id297747"></a><h2>SEE ALSO</h2><p>
    4920         <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a>, <a href="smbpasswd.8.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(8)</span></a>, <a href="swat.8.html"><span class="citerefentry"><span class="refentrytitle">swat</span>(8)</span></a>, <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>, <a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a>, <a href="smbclient.1.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(1)</span></a>, <a href="nmblookup.1.html"><span class="citerefentry"><span class="refentrytitle">nmblookup</span>(1)</span></a>, <a href="testparm.1.html"><span class="citerefentry"><span class="refentrytitle">testparm</span>(1)</span></a>, <a href="testprns.1.html"><span class="citerefentry"><span class="refentrytitle">testprns</span>(1)</span></a>.</p></div><div class="refsect1" lang="en"><a name="id297826"></a><h2>AUTHOR</h2><p>
     4920        </p></div><div class="refsect1" lang="en"><a name="id326436"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id326447"></a><h2>SEE ALSO</h2><p>
     4921        <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a>, <a href="smbpasswd.8.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(8)</span></a>, <a href="swat.8.html"><span class="citerefentry"><span class="refentrytitle">swat</span>(8)</span></a>, <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>, <a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a>, <a href="smbclient.1.html"><span class="citerefentry"><span class="refentrytitle">smbclient</span>(1)</span></a>, <a href="nmblookup.1.html"><span class="citerefentry"><span class="refentrytitle">nmblookup</span>(1)</span></a>, <a href="testparm.1.html"><span class="citerefentry"><span class="refentrytitle">testparm</span>(1)</span></a>, <a href="testprns.1.html"><span class="citerefentry"><span class="refentrytitle">testprns</span>(1)</span></a>.</p></div><div class="refsect1" lang="en"><a name="id326526"></a><h2>AUTHOR</h2><p>
    49214922        The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed
    49224923        by the Samba Team as an Open Source project similar to the way the Linux kernel is developed.
  • trunk/samba/docs/htmldocs/manpages/smbcacls.1.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smbcacls</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="smbcacls.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>smbcacls &#8212; Set or get ACLs on an NT file or directory names</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">smbcacls</code>  {//server/share} {filename} [-D acls] [-M acls] [-a acls] [-S acls] [-C name] [-G name] [--numeric] [-t] [-U username] [-h] [-d]</p></div></div><div class="refsect1" lang="en"><a name="id231188"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>The <span><strong class="command">smbcacls</strong></span> program manipulates NT Access Control
    2         Lists (ACLs) on SMB file shares. </p></div><div class="refsect1" lang="en"><a name="id231415"></a><h2>OPTIONS</h2><p>The following options are available to the <span><strong class="command">smbcacls</strong></span> program. 
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smbcacls</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="smbcacls.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>smbcacls &#8212; Set or get ACLs on an NT file or directory names</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">smbcacls</code>  {//server/share} {filename} [-D acls] [-M acls] [-a acls] [-S acls] [-C name] [-G name] [--numeric] [-t] [-U username] [-h] [-d]</p></div></div><div class="refsect1" lang="en"><a name="id259605"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>The <span><strong class="command">smbcacls</strong></span> program manipulates NT Access Control
     2        Lists (ACLs) on SMB file shares. </p></div><div class="refsect1" lang="en"><a name="id259382"></a><h2>OPTIONS</h2><p>The following options are available to the <span><strong class="command">smbcacls</strong></span> program. 
    33        The format of ACLs is described in the section ACL FORMAT </p><div class="variablelist"><dl><dt><span class="term">-a acls</span></dt><dd><p>Add the ACLs specified to the ACL list.  Existing
    44                access control entries are unchanged. </p></dd><dt><span class="term">-M acls</span></dt><dd><p>Modify the mask value (permissions) for the ACLs
     
    4949use only by developers and generate HUGE amounts of log
    5050data, most of which is extremely cryptic.</p><p>Note that specifying this parameter here will
    51 override the <a class="indexterm" name="id230586"></a> parameter
     51override the <a class="indexterm" name="id260163"></a> parameter
    5252in the <code class="filename">smb.conf</code> file.</p></dd><dt><span class="term">-l|--logfile=logdirectory</span></dt><dd><p>Base directory name for log/debug files. The extension
    5353<code class="constant">".progname"</code> will be appended (e.g. log.smbclient,
    5454log.smbd, etc...). The log file is never removed by the client.
    55 </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id230619"></a><h2>ACL FORMAT</h2><p>The format of an ACL is one or more ACL entries separated by
     55</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id260196"></a><h2>ACL FORMAT</h2><p>The format of an ACL is one or more ACL entries separated by
    5656        either commas or newlines.  An ACL entry is one of the following: </p><pre class="programlisting">
    5757REVISION:&lt;revision number&gt;
     
    7979                permissions</p></li><li><p><span class="emphasis"><em>CHANGE</em></span> - Equivalent to 'RXWD' permissions
    8080                </p></li><li><p><span class="emphasis"><em>FULL</em></span> - Equivalent to 'RWXDPO'
    81                 permissions</p></li></ul></div></div><div class="refsect1" lang="en"><a name="id271866"></a><h2>EXIT STATUS</h2><p>The <span><strong class="command">smbcacls</strong></span> program sets the exit status
     81                permissions</p></li></ul></div></div><div class="refsect1" lang="en"><a name="id300566"></a><h2>EXIT STATUS</h2><p>The <span><strong class="command">smbcacls</strong></span> program sets the exit status
    8282        depending on the success or otherwise of the operations performed. 
    8383        The exit status may be one of the following values. </p><p>If the operation succeeded, smbcacls returns and exit
     
    8585        or there was an error getting or setting the ACLs, an exit status
    8686        of 1 is returned.  If there was an error parsing any command line
    87         arguments, an exit status of 2 is returned. </p></div><div class="refsect1" lang="en"><a name="id271895"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id271905"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     87        arguments, an exit status of 2 is returned. </p></div><div class="refsect1" lang="en"><a name="id300595"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id300605"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    8888        were created by Andrew Tridgell. Samba is now developed
    8989        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/smbclient.1.html

    r26 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smbclient</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="smbclient.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>smbclient &#8212; ftp-like client to access SMB/CIFS resources
    2         on servers</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">smbclient</code>  [-b &lt;buffer size&gt;] [-d debuglevel] [-L &lt;netbios name&gt;] [-U username] [-I destinationIP] [-M &lt;netbios name&gt;] [-m maxprotocol] [-A authfile] [-N] [-i scope] [-O &lt;socket options&gt;] [-p port] [-R &lt;name resolve order&gt;] [-s &lt;smb config file&gt;] [-k] [-P] [-c &lt;command&gt;]</p></div><div class="cmdsynopsis"><p><code class="command">smbclient</code>  {servicename} [password] [-b &lt;buffer size&gt;] [-d debuglevel] [-D Directory] [-U username] [-W workgroup] [-M &lt;netbios name&gt;] [-m maxprotocol] [-A authfile] [-N] [-l logdir] [-I destinationIP] [-E] [-c &lt;command string&gt;] [-i scope] [-O &lt;socket options&gt;] [-p port] [-R &lt;name resolve order&gt;] [-s &lt;smb config file&gt;] [-T&lt;c|x&gt;IXFqgbNan] [-k]</p></div></div><div class="refsect1" lang="en"><a name="id230548"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">smbclient</strong></span> is a client that can
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smbclient</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="smbclient.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>smbclient &#8212; ftp-like client to access SMB/CIFS resources
     2        on servers</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">smbclient</code>  [-b &lt;buffer size&gt;] [-d debuglevel] [-L &lt;netbios name&gt;] [-U username] [-I destinationIP] [-M &lt;netbios name&gt;] [-m maxprotocol] [-A authfile] [-N] [-i scope] [-O &lt;socket options&gt;] [-p port] [-R &lt;name resolve order&gt;] [-s &lt;smb config file&gt;] [-k] [-P] [-c &lt;command&gt;]</p></div><div class="cmdsynopsis"><p><code class="command">smbclient</code>  {servicename} [password] [-b &lt;buffer size&gt;] [-d debuglevel] [-D Directory] [-U username] [-W workgroup] [-M &lt;netbios name&gt;] [-m maxprotocol] [-A authfile] [-N] [-l logdir] [-I destinationIP] [-E] [-c &lt;command string&gt;] [-i scope] [-O &lt;socket options&gt;] [-p port] [-R &lt;name resolve order&gt;] [-s &lt;smb config file&gt;] [-T&lt;c|x&gt;IXFqgbNan] [-k]</p></div></div><div class="refsect1" lang="en"><a name="id260125"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">smbclient</strong></span> is a client that can
    33        'talk' to an SMB/CIFS server. It offers an interface
    44        similar to that of the ftp program (see <a href="ftp.1.html"><span class="citerefentry"><span class="refentrytitle">ftp</span>(1)</span></a>). 
     
    66        to the local machine, putting files from the local machine to
    77        the server, retrieving directory information from the server
    8         and so on. </p></div><div class="refsect1" lang="en"><a name="id230585"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">servicename</span></dt><dd><p>servicename is the name of the service
     8        and so on. </p></div><div class="refsect1" lang="en"><a name="id260162"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">servicename</span></dt><dd><p>servicename is the name of the service
    99                you want to use on the server. A service name takes the form
    1010                <code class="filename">//server/service</code> where <em class="parameter"><code>server
     
    140140use only by developers and generate HUGE amounts of log
    141141data, most of which is extremely cryptic.</p><p>Note that specifying this parameter here will
    142 override the <a class="indexterm" name="id272229"></a> parameter
     142override the <a class="indexterm" name="id300929"></a> parameter
    143143in the <code class="filename">smb.conf</code> file.</p></dd><dt><span class="term">-l|--logfile=logdirectory</span></dt><dd><p>Base directory name for log/debug files. The extension
    144144<code class="constant">".progname"</code> will be appended (e.g. log.smbclient,
     
    177177it in directly. </p></dd><dt><span class="term">-n &lt;primary NetBIOS name&gt;</span></dt><dd><p>This option allows you to override
    178178the NetBIOS name that Samba uses for itself. This is identical
    179 to setting the <a class="indexterm" name="id272383"></a> parameter in the <code class="filename">smb.conf</code> file.
     179to setting the <a class="indexterm" name="id301083"></a> parameter in the <code class="filename">smb.conf</code> file.
    180180However, a command
    181181line setting will take precedence over settings in
     
    262262                commands to be executed instead of prompting from stdin. <em class="parameter"><code>
    263263                -N</code></em> is implied by <em class="parameter"><code>-c</code></em>.</p><p>This is particularly useful in scripts and for printing stdin
    264                 to the server, e.g. <span><strong class="command">-c 'print -'</strong></span>. </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id272828"></a><h2>OPERATIONS</h2><p>Once the client is running, the user is presented with
     264                to the server, e.g. <span><strong class="command">-c 'print -'</strong></span>. </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id301528"></a><h2>OPERATIONS</h2><p>Once the client is running, the user is presented with
    265265        a prompt : </p><p><code class="prompt">smb:\&gt; </code></p><p>The backslash ("\\") indicates the current working directory
    266266        on the server, and will change if the current working directory
     
    397397                tar will only back up files with the archive bit set. In reset mode,
    398398                tar will reset the archive bit on all files it backs up (implies
    399                 read/write share). </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id273570"></a><h2>NOTES</h2><p>Some servers are fussy about the case of supplied usernames,
     399                read/write share). </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id302270"></a><h2>NOTES</h2><p>Some servers are fussy about the case of supplied usernames,
    400400        passwords, share names (AKA service names) and machine names.
    401401        If you fail to connect try giving all parameters in uppercase.
     
    404404        on a valid NetBIOS name being used, so you need to supply a valid
    405405        name that would be known to the server.</p><p>smbclient supports long file names where the server
    406         supports the LANMAN2 protocol or above. </p></div><div class="refsect1" lang="en"><a name="id273591"></a><h2>ENVIRONMENT VARIABLES</h2><p>The variable <code class="envar">USER</code> may contain the
     406        supports the LANMAN2 protocol or above. </p></div><div class="refsect1" lang="en"><a name="id302291"></a><h2>ENVIRONMENT VARIABLES</h2><p>The variable <code class="envar">USER</code> may contain the
    407407        username of the person  using the client. This information is
    408408        used only if the protocol  level is high enough to support
     
    414414        to instead of connecting to a server.  This functionality is primarily
    415415        intended as a development aid, and works best when using a LMHOSTS
    416         file</p></div><div class="refsect1" lang="en"><a name="id273624"></a><h2>INSTALLATION</h2><p>The location of the client program is a matter for
     416        file</p></div><div class="refsect1" lang="en"><a name="id302324"></a><h2>INSTALLATION</h2><p>The location of the client program is a matter for
    417417        individual system administrators. The following are thus
    418418        suggestions only. </p><p>It is recommended that the smbclient software be installed
     
    425425        running SMB/CIFS server. It is possible to run <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a> as an ordinary user - running that server as a daemon
    426426        on a user-accessible port (typically any port number over 1024)
    427         would provide a suitable test server. </p></div><div class="refsect1" lang="en"><a name="id273673"></a><h2>DIAGNOSTICS</h2><p>Most diagnostics issued by the client are logged in a
     427        would provide a suitable test server. </p></div><div class="refsect1" lang="en"><a name="id302373"></a><h2>DIAGNOSTICS</h2><p>Most diagnostics issued by the client are logged in a
    428428        specified log file. The log file name is specified at compile time,
    429429        but may be overridden on the command line. </p><p>The number and nature of diagnostics available depends
    430430        on the debug level used by the client. If you have problems,
    431         set the debug level to 3 and peruse the log files. </p></div><div class="refsect1" lang="en"><a name="id273689"></a><h2>VERSION</h2><p>This man page is correct for version 3 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id273700"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     431        set the debug level to 3 and peruse the log files. </p></div><div class="refsect1" lang="en"><a name="id302389"></a><h2>VERSION</h2><p>This man page is correct for version 3 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id302400"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    432432        were created by Andrew Tridgell. Samba is now developed
    433433        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/smbcontrol.1.html

    r1 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smbcontrol</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="smbcontrol.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>smbcontrol &#8212; send messages to smbd, nmbd or winbindd processes</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">smbcontrol</code>  [-i] [-s]</p></div><div class="cmdsynopsis"><p><code class="command">smbcontrol</code>  [destination] [message-type] [parameter]</p></div></div><div class="refsect1" lang="en"><a name="id231137"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">smbcontrol</strong></span> is a very small program, which
    2         sends messages to a <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>, a <a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a>, or a <a href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> daemon running on the system.</p></div><div class="refsect1" lang="en"><a name="id231187"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-h|--help</span></dt><dd><p>Print a summary of command line options.
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smbcontrol</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="smbcontrol.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>smbcontrol &#8212; send messages to smbd, nmbd or winbindd processes</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">smbcontrol</code>  [-i] [-s]</p></div><div class="cmdsynopsis"><p><code class="command">smbcontrol</code>  [destination] [message-type] [parameter]</p></div></div><div class="refsect1" lang="en"><a name="id259554"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p><span><strong class="command">smbcontrol</strong></span> is a very small program, which
     2        sends messages to a <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>, a <a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a>, or a <a href="winbindd.8.html"><span class="citerefentry"><span class="refentrytitle">winbindd</span>(8)</span></a> daemon running on the system.</p></div><div class="refsect1" lang="en"><a name="id259604"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-h|--help</span></dt><dd><p>Print a summary of command line options.
    33</p></dd><dt><span class="term">-s &lt;configuration file&gt;</span></dt><dd><p>The file specified contains the
    44configuration details required by the server.  The
     
    1717                to only that process.</p></dd><dt><span class="term">message-type</span></dt><dd><p>Type of message to send. See
    1818                the section <code class="constant">MESSAGE-TYPES</code> for details.
    19                 </p></dd><dt><span class="term">parameters</span></dt><dd><p>any parameters required for the message-type</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id231518"></a><h2>MESSAGE-TYPES</h2><p>Available message types are:</p><div class="variablelist"><dl><dt><span class="term">close-share</span></dt><dd><p>Order smbd to close the client
     19                </p></dd><dt><span class="term">parameters</span></dt><dd><p>any parameters required for the message-type</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id260399"></a><h2>MESSAGE-TYPES</h2><p>Available message types are:</p><div class="variablelist"><dl><dt><span class="term">close-share</span></dt><dd><p>Order smbd to close the client
    2020        connections to the named share. Note that this doesn't affect client
    2121        connections to any other shares. This message-type takes an argument of the
     
    6060        sent to smbd.</p></dd><dt><span class="term">reload-config</span></dt><dd><p>Force daemon to reload smb.conf configuration file. Can be sent
    6161        to <code class="constant">smbd</code>, <code class="constant">nmbd</code>, or <code class="constant">winbindd</code>.
    62         </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id271888"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of
    63         the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id271898"></a><h2>SEE ALSO</h2><p><a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> and <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>.</p></div><div class="refsect1" lang="en"><a name="id271923"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
     62        </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id300588"></a><h2>VERSION</h2><p>This man page is correct for version 3.0 of
     63        the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id300598"></a><h2>SEE ALSO</h2><p><a href="nmbd.8.html"><span class="citerefentry"><span class="refentrytitle">nmbd</span>(8)</span></a> and <a href="smbd.8.html"><span class="citerefentry"><span class="refentrytitle">smbd</span>(8)</span></a>.</p></div><div class="refsect1" lang="en"><a name="id300623"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
    6464        were created by Andrew Tridgell. Samba is now developed
    6565        by the Samba Team as an Open Source project similar
  • trunk/samba/docs/htmldocs/manpages/smbcquotas.1.html

    r26 r39  
    1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smbcquotas</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="smbcquotas.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>smbcquotas &#8212; Set or get QUOTAs of NTFS 5 shares</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">smbcquotas</code>  {//server/share} [-u user] [-L] [-F] [-S QUOTA_SET_COMMAND] [-n] [-t] [-v] [-d debuglevel] [-s configfile] [-l logdir] [-V] [-U username] [-N] [-k] [-A]</p></div></div><div class="refsect1" lang="en"><a name="id231408"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>The <span><strong class="command">smbcquotas</strong></span> program manipulates NT Quotas on SMB file shares. </p></div><div class="refsect1" lang="en"><a name="id231435"></a><h2>OPTIONS</h2><p>The following options are available to the <span><strong class="command">smbcquotas</strong></span> program. </p><div class="variablelist"><dl><dt><span class="term">-u user</span></dt><dd><p> Specifies the user of whom the quotas are get or set.
     1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smbcquotas</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.71.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="smbcquotas.1"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>smbcquotas &#8212; Set or get QUOTAs of NTFS 5 shares</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">smbcquotas</code>  {//server/share} [-u user] [-L] [-F] [-S QUOTA_SET_COMMAND] [-n] [-t] [-v] [-d debuglevel] [-s configfile] [-l logdir] [-V] [-U username] [-N] [-k] [-A]</p></div></div><div class="refsect1" lang="en"><a name="id259376"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>The <span><strong class="command">smbcquotas</strong></span> program manipulates NT Quotas on SMB file shares. </p></div><div class="refsect1" lang="en"><a name="id259404"></a><h2>OPTIONS</h2><p>The following options are available to the <span><strong class="command">smbcquotas</strong></span> program. </p><div class="variablelist"><dl><dt><span class="term">-u user</span></dt><dd><p> Specifies the user of whom the quotas are get or set.
    22                By default the current user's username will be used.</p></dd><dt><span class="term">-L</span></dt><dd><p>Lists all quota records of the share.</p></dd><dt><span class="term">-F</span></dt><dd><p>Show the share quota status and default limits.</p></dd><dt><span class="term">-S QUOTA_SET_COMMAND</span></dt><dd><p>This command sets/modifies quotas for a user or on the share,
    33                depending on the QUOTA_SET_COMMAND parameter which is described later.</p></dd><dt><span class="term">-n</span></dt><dd><p>This option displays all QUOTA information in numeric
     
    2828use only by developers and generate HUGE amounts of log
    2929data, most of which is extremely cryptic.</p><p>Note that specifying this parameter here will
    30 override the <a class="indexterm" name="id230549"></a> parameter
     30override the <a class="indexterm" name="id260127"></a> parameter
    3131in the <code class="filename">smb.conf</code> file.</p></dd><dt><span class="term">-l|--logfile=logdirectory</span></dt><dd><p>Base directory name for log/debug files. The extension
    3232<code class="constant">".progname"</code> will be appended (e.g. log.smbclient,
     
    6363via the <span><strong class="command">ps</strong></span> command.  To be safe always allow
    6464<span><strong class="command">rpcclient</strong></span> to prompt for a password and type
    65 it in directly. </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id271793"></a><h2>QUOTA_SET_COMAND</h2><p>The format of an the QUOTA_SET_COMMAND is an operation
     65it in directly. </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id300493"></a><h2>QUOTA_SET_COMAND</h2><p>The format of an the QUOTA_SET_COMMAND is an operation
    6666        name followed by a set of parameters specific to that operation.
    6767        </p><p&g