diff options
Diffstat (limited to 'docs-xml/smbdotconf/security/unixpasswordsync.xml')
-rw-r--r-- | docs-xml/smbdotconf/security/unixpasswordsync.xml | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/docs-xml/smbdotconf/security/unixpasswordsync.xml b/docs-xml/smbdotconf/security/unixpasswordsync.xml new file mode 100644 index 0000000..89b0158 --- /dev/null +++ b/docs-xml/smbdotconf/security/unixpasswordsync.xml @@ -0,0 +1,26 @@ +<samba:parameter name="unix password sync" + context="G" + type="boolean" + xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> +<description> + <para>This boolean parameter controls whether Samba + attempts to synchronize the UNIX password with the SMB password + when the encrypted SMB password in the smbpasswd file is changed. + If this is set to <constant>yes</constant> the program specified in the <parameter moreinfo="none">passwd + program</parameter> parameter is called <emphasis>AS ROOT</emphasis> - + to allow the new UNIX password to be set without access to the + old UNIX password (as the SMB password change code has no + access to the old password cleartext, only the new).</para> + + <para>This option has no effect if <command moreinfo="none">samba</command> + is running as an active directory domain controller, in that case have a + look at the <smbconfoption name="password hash gpg key ids"/> option and the + <command moreinfo="none">samba-tool user syncpasswords</command> command.</para> +</description> + +<related>passwd program</related> +<related>passwd chat</related> +<related>password hash gpg key ids</related> + +<value type="default">no</value> +</samba:parameter> |