-<html><head><title>lmhosts</title>
+<html><head><title>lmhosts (5)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>lmhosts</h1>
+<h1>lmhosts (5)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
<h2>DESCRIPTION</h2>
<p><br>This file is part of the <strong>Samba</strong> suite.
-<p><br>lmhosts is the <strong>Samba</strong> NetBIOS name to IP address mapping file. It
+<p><br><strong>lmhosts</strong> is the <strong>Samba</strong> NetBIOS name to IP address mapping file. It
is very similar to the <strong>/etc/hosts</strong> file format, except that the
hostname component must correspond to the NetBIOS naming format.
<p><br><a name="FILEFORMAT"></a>
name type in the lookup.
<p><br></ul>
<p><br>An example follows :
-<p><br><pre>
-
-
-#
-# Sample Samba lmhosts file.
-#
-192.9.200.1 TESTPC
-192.9.200.20 NTSERVER#20
-192.9.200.21 SAMBASERVER
-
-</pre>
-
+<p><br># <br>
+# Sample Samba lmhosts file. <br>
+# <br>
+192.9.200.1 TESTPC <br>
+192.9.200.20 NTSERVER#20 <br>
+192.9.200.21 SAMBASERVER <br>
<p><br>Contains three IP to NetBIOS name mappings. The first and third will
be returned for any queries for the names <code>"TESTPC"</code> and
<code>"SAMBASERVER"</code> respectively, whatever the type component of the
<h2>AUTHOR</h2>
<p><br>The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@samba.anu.edu.au). Samba is now developed
+Andrew Tridgell <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>. Samba is now developed
by the Samba Team as an Open Source project similar to the way the
Linux kernel is developed.
<p><br>The original Samba man pages were written by Karl Auer. The man page
-<html><head><title>make_smbcodepage</title>
+<html><head><title>make_smbcodepage (1)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>make_smbcodepage</h1>
+<h1>make_smbcodepage (1)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
<p><br><ul>
<p><br><a name="cord"></a>
-<li><strong>c|d</strong> This tells make_smbcodepage if it is compiling (c) a text
-format code page file to binary, or (d) de-compiling a binary codepage
+<li><strong>c|d</strong> This tells <strong>make_smbcodepage</strong> if it is compiling (<strong>c</strong>) a text
+format code page file to binary, or (<strong>d</strong>) de-compiling a binary codepage
file to text.
<p><br><a name="codepage"></a>
-<li><strong>codepage</strong> This is the codepage we are processing (a number, eg. 850).
+<li><strong>codepage</strong> This is the codepage we are processing (a number, e.g. 850).
<p><br><a name="inputfile"></a>
-<li><strong>inputfile</strong> This is the input file to process. In the 'c' case this
+<li><strong>inputfile</strong> This is the input file to process. In the '<strong>c</strong>' case this
will be a text codepage definition file such as the ones found in the
-Samba <em>source/codepages</em> directory. In the 'd' case this will be the
+Samba <em>source/codepages</em> directory. In the '<strong>d</strong>' case this will be the
binary format codepage definition file normally found in the
<em>lib/codepages</em> directory in the Samba install directory path.
<p><br><a name="outputfile"></a>
Samba how to map from upper to lower case for characters greater than
ascii 127 in the specified DOS code page. Note that for certain DOS
codepages (437 for example) mapping from lower to upper case may be
-asynchronous. For example, in code page 437 lower case a acute maps to
-a plain upper case A when going from lower to upper case, but maps
-from plain upper case A to plain lower case a when lower casing a
+non-symmetrical. For example, in code page 437 lower case a acute maps to
+a plain upper case A when going from lower to upper case, but
+plain upper case A maps to plain lower case a when lower casing a
character.
<p><br>A binary Samba codepage definition file is a binary representation of
the same information, including a value that specifies what codepage
<p><br>SMB/CIFS clients, when they start up, may wish to locate an SMB/CIFS
server. That is, they wish to know what IP number a specified host is
using.
-<p><br>Amongst other services, this program will listen for such requests,
+<p><br>Amongst other services, <strong>nmbd</strong> will listen for such requests,
and if its own NetBIOS name is specified it will respond with the IP
number of the host it is running on. Its "own NetBIOS name" is by
default the primary DNS name of the host it is running on, but this
-can be overriden with the <strong>-n</strong> option (see <em>OPTIONS</em> below). Thus
-nmbd will reply to broadcast queries for its own name(s). Additional
-names for nmbd to respond on can be set via parameters in the
-<strong>smb.conf (5)</strong> configuration file.
-<p><br>nmbd can also be used as a WINS (Windows Internet Name Server)
+can be overridden with the <strong>-n</strong> option (see <a href="nmbd.8.html#OPTIONS">OPTIONS</a> below). Thus
+<strong>nmbd</strong> will reply to broadcast queries for its own name(s). Additional
+names for <strong>nmbd</strong> to respond on can be set via parameters in the
+<a href="smb.conf.5.html"><strong>smb.conf(5)</strong></a> configuration file.
+<p><br><strong>nmbd</strong> can also be used as a WINS (Windows Internet Name Server)
server. What this basically means is that it will act as a WINS
database server, creating a database from name registration requests
that it receives and replying to queries from clients for these names.
-<p><br>In addition, nmbd can act as a WINS proxy, relaying broadcast queries
+<p><br>In addition, <strong>nmbd</strong> can act as a WINS proxy, relaying broadcast queries
from clients that do not understand how to talk the WINS protocol to a
WIN server.
<p><br><a name="OPTIONS"></a>
<p><br><ul>
<p><br><a name="minusD"></a>
-<li><strong><strong>-D</strong></strong> If specified, this parameter causes the server to operate
+<li><strong><strong>-D</strong></strong> If specified, this parameter causes <strong>nmbd</strong> to operate
as a daemon. That is, it detaches itself and runs in the background,
-fielding requests on the appropriate port. By default, the server will
+fielding requests on the appropriate port. By default, <strong>nmbd</strong> will
NOT operate as a daemon. nmbd can also be operated from the inetd
meta-daemon, although this is not recommended.
<p><br><a name="minusa"></a>
<li><strong><strong>-H filename</strong></strong> NetBIOS lmhosts file.
<p><br>The lmhosts file is a list of NetBIOS names to IP addresses that is
loaded by the nmbd server and used via the name resolution mechanism
-<em>name resolve order</em> described in <strong>smbd.conf (5)</strong> to resolve any
+<a href="smb.conf.5.html#nameresolveorder"><strong>name resolve order</strong></a> described in
+<a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a> to resolve any
NetBIOS name queries needed by the server. Note that the contents of
-this file are <em>NOT</em> used by nmbd to answer any name queries, adding
+this file are <em>NOT</em> used by <strong>nmbd</strong> to answer any name queries. Adding
a line to this file affects name NetBIOS resolution from this host
<em>ONLY</em>.
<p><br>The default path to this file is compiled into Samba as part of the
build process. Common defaults are <em>/usr/local/samba/lib/lmhosts</em>,
-<em>/usr/samba/lib/lmhosts</em> or <em>/etc/lmhosts</em>. See the <strong>lmhosts
-(5)</strong> man page for details on the contents of this file.
+<em>/usr/samba/lib/lmhosts</em> or <em>/etc/lmhosts</em>. See the
+<a href="lmhosts.5.html"><strong>lmhosts (5)</strong></a> man page for details on the contents of this file.
<p><br><a name="minusd"></a>
<li><strong><strong>-d debuglevel</strong></strong> debuglevel is an integer from 0 to 10.
<p><br>The default value if this parameter is not specified is zero.
extension ".nmb" to the specified base name. For example, if the name
specified was "log" then the file log.nmb would contain the debugging
data.
-<p><br>The default log file path is is compiled into Samba as part of the
+<p><br>The default log file path is compiled into Samba as part of the
build process. Common defaults are <em>/usr/local/samba/var/log.nmb</em>,
<em>/usr/samba/var/log.nmb</em> or <em>/var/log/log.nmb</em>.
<p><br><a name="minusn"></a>
<p><br><a name="minusp"></a>
<li><strong><strong>-p UDP port number</strong></strong> UDP port number is a positive integer value.
<p><br>This option changes the default UDP port number (normally 137) that
-nmbd responds to name queries on. Don't use this option unless you are
+<strong>nmbd</strong> responds to name queries on. Don't use this option unless you are
an expert, in which case you won't need help!
<p><br><a name="minuss"></a>
<li><strong><strong>-s configuration file</strong></strong> The default configuration file name is
<p><br>The file specified contains the configuration details required by the
server. See <a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a> for more information.
<p><br><a name="minusi"></a>
-<li><strong><strong>-i scope</strong></strong> This specifies a NetBIOS scope that the server will use
+<li><strong><strong>-i scope</strong></strong> This specifies a NetBIOS scope that <strong>nmbd</strong> will use
to communicate with when generating NetBIOS names. For details on the
use of NetBIOS scopes, see rfc1001.txt and rfc1002.txt. NetBIOS scopes
are <em>very</em> rarely used, only set this parameter if you are the
system administrator in charge of all the NetBIOS systems you
communicate with.
<p><br><a name="minush"></a>
-<li><strong><strong>-h</strong></strong> Prints the help information (usage) for nmbd.
+<li><strong><strong>-h</strong></strong> Prints the help information (usage) for <strong>nmbd</strong>.
<p><br></ul>
<p><br><a name="FILES"></a>
<h2>FILES</h2>
<p><br>If the server is to be run by the inetd meta-daemon, this file must
contain suitable startup information for the meta-daemon.
<p><br><strong>/etc/rc</strong>
-<p><br>(or whatever initialisation script your system uses).
+<p><br>(or whatever initialization script your system uses).
<p><br>If running the server as a daemon at startup, this file will need to
contain an appropriate startup sequence for the server.
<p><br><strong>/usr/local/samba/lib/smb.conf</strong>
-<p><br>This is the default location of the <em>smb.conf</em> server configuration
+<p><br>This is the default location of the
+<a href="smb.conf.5.html"><strong>smb.conf</strong></a> server configuration
file. Other common places that systems install this file are
<em>/usr/samba/lib/smb.conf</em> and <em>/etc/smb.conf</em>.
<p><br>When run as a <strong>WINS</strong> server (see the <a href="smb.conf.5.html#winssupport"><strong>wins support</strong></a>
<p><br><a name="SIGNALS"></a>
<h2>SIGNALS</h2>
-<p><br>To shut down an nmbd process it is recommended that SIGKILL (-9)
+<p><br>To shut down an <strong>nmbd</strong> process it is recommended that SIGKILL (-9)
<em>NOT</em> be used, except as a last resort, as this may leave the name
-database in an inconsistant state. The correct way to terminate
-nmbd is to send it a SIGTERM (-15) signal and wait for it to die on
+database in an inconsistent state. The correct way to terminate
+<strong>nmbd</strong> is to send it a SIGTERM (-15) signal and wait for it to die on
its own.
-<p><br>nmbd will accept SIGHUP, which will cause it to dump out it's
-namelists into the file namelist.debug in the
+<p><br><strong>nmbd</strong> will accept SIGHUP, which will cause it to dump out it's
+namelists into the file <code>namelist.debug</code> in the
<em>/usr/local/samba/var/locks</em> directory (or the <em>var/locks</em>
directory configured under wherever Samba was configured to install
-itself). This will also cause nmbd to dump out it's server database in
-the log.nmb file. In addition, the the debug log level of nmbd may be raised
+itself). This will also cause <strong>nmbd</strong> to dump out it's server database in
+the log.nmb file. In addition, the debug log level of nmbd may be raised
by sending it a SIGUSR1 (<code>kill -USR1 <nmbd-pid></code>) and lowered by sending it a
SIGUSR2 (<code>kill -USR2 <nmbd-pid></code>). This is to allow transient
problems to be diagnosed, whilst still running at a normally low log
<h2>AUTHOR</h2>
<p><br>The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@samba.anu.edu.au). Samba is now developed
+Andrew Tridgell <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>. Samba is now developed
by the Samba Team as an Open Source project similar to the way the
Linux kernel is developed.
<p><br>The original Samba man pages were written by Karl Auer. The man page
-<html><head><title>nmblookup</title>
+<html><head><title>nmblookup (1)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>nmblookup</h1>
+<h1>nmblookup (1)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
<p><br>This program is part of the <strong>Samba</strong> suite.
<p><br><strong>nmblookup</strong> is used to query NetBIOS names and map them to IP
addresses in a network using NetBIOS over TCP/IP queries. The options
-allow the name queries to be directed at a particlar IP broadcast area
+allow the name queries to be directed at a particular IP broadcast area
or to a particular machine. All queries are done over UDP.
<p><br><a name="OPTIONS"></a>
<h2>OPTIONS</h2>
rfc1002 for details.
<p><br><a name="minusS"></a>
<li><strong><strong>-S</strong></strong> Once the name query has returned an IP address then do a
-node status query as well.
+node status query as well. A node status query returns the NetBIOS names
+registered by a host.
<p><br><a name="minusr"></a>
<li><strong><strong>-r</strong></strong> Try and bind to UDP port 137 to send and receive UDP
datagrams. The reason for this option is a bug in Windows 95 where it
ignores the source port of the requesting packet and only replies to
-UDP port 137. Unfortunately, on most UNIX systems root privillage is
+UDP port 137. Unfortunately, on most UNIX systems root privilage is
needed to bind to this port, and in addition, if the
<a href="nmbd.8.html"><strong>nmbd</strong></a> daemon is running on this machine it also
binds to this port.
(5)</strong></a> file.
<p><br><a name="minuss"></a>
<li><strong><strong>-s smb.conf</strong></strong> This parameter specifies the pathname to the
-Samba configuration file, smb.conf. This file controls all aspects of
-the Samba setup on the machine and smbclient also needs to read this
-file.
+Samba configuration file, <a href="smb.conf.5.html"><strong>smb.conf</strong></a>.
+This file controls all aspects of
+the Samba setup on the machine.
<p><br><a name="minusi"></a>
-<li><strong><strong>-i scope</strong></strong> This specifies a NetBIOS scope that smbclient will use
+<li><strong><strong>-i scope</strong></strong> This specifies a NetBIOS scope that <strong>nmblookup</strong> will use
to communicate with when generating NetBIOS names. For details on the
use of NetBIOS scopes, see rfc1001.txt and rfc1002.txt. NetBIOS scopes
are <em>very</em> rarely used, only set this parameter if you are the
<li><strong><strong>name</strong></strong> This is the NetBIOS name being queried. Depending upon
the previous options this may be a NetBIOS name or IP address. If a
NetBIOS name then the different name types may be specified by
-appending <code>#<type></code> to the name.
+appending <code>#<type></code> to the name. This name may also be <code>"*"</code>,
+which will return all registered names within a broadcast area.
<p><br></ul>
<p><br><a name="EXAMPLES"></a>
<h2>EXAMPLES</h2>
-<p><br><strong>nmblookup</strong> can be used to query a WINS server (in the same way .B
-nslookup is used to query DNS servers). To query a WINS server,
-nmblookup must be called like this:
+<p><br><strong>nmblookup</strong> can be used to query a WINS server (in the same way
+<strong>nslookup</strong> is used to query DNS servers). To query a WINS server,
+<strong>nmblookup</strong> must be called like this:
<p><br><code>nmblookup -U server -R 'name'</code>
<p><br>For example, running :
<p><br><code>nmblookup -U samba.anu.edu.au -R IRIX#1B'</code>
<h2>AUTHOR</h2>
<p><br>The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@samba.anu.edu.au). Samba is now developed
+Andrew Tridgell <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>. Samba is now developed
by the Samba Team as an Open Source project similar to the way the
Linux kernel is developed.
<p><br>The original Samba man pages were written by Karl Auer. The man page
-<html><head><title>Samba</title>
+<html><head><title>Samba (7)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>Samba</h1>
+<h1>Samba (7)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
<h2>DESCRIPTION</h2>
<p><br>The Samba software suite is a collection of programs that implements
-the Server Message Block(commenly abbreviated as SMB) protocol for
+the Server Message Block(commonly abbreviated as SMB) protocol for
UNIX systems. This protocol is sometimes also referred to as the
Common Internet File System (CIFS), LanManager or NetBIOS protocol.
<p><br><a name="COMPONENTS"></a>
described in a separate manual page. It is strongly recommended that
you read the documentation that comes with Samba and the manual pages
of those components that you use. If the manual pages aren't clear
-enough then please send a patch to <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>.
+enough then please send a patch or bug report
+to <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>.
<p><br><ul>
<p><br><li><strong><a href="smbd.8.html"><strong>smbd</strong></a></strong> <br> <br> The <a href="smbd.8.html"><strong>smbd</strong>
(8)</a> daemon provides the file and print services to SMB
(1)</strong></a> utility allows you to test the printers defined
in your printcap file.
<p><br><li><strong><a href="smbstatus.1.html"><strong>smbstatus</strong></a></strong> <br> <br> The <a href="smbstatus.1.html"><strong>smbstatus</strong>
-(1)</a> utility allows you to tell who is currently
-using the <a href="smbd.8.html"><strong>smbd (8)</strong></a> server.
+(1)</a> utility allows you list current connections to the
+<a href="smbd.8.html"><strong>smbd (8)</strong></a> server.
<p><br><li><strong><a href="nmblookup.1.html"><strong>nmblookup</strong></a></strong> <br> <br> the
<a href="nmblookup.1.html"><strong>nmblookup (1)</strong></a> utility allows NetBIOS name
queries to be made from the UNIX machine.
<p><br>The Samba software suite is licensed under the GNU Public License
(GPL). A copy of that license should have come with the package in the
file COPYING. You are encouraged to distribute copies of the Samba
-suite, but please keep obey the terms of this license.
+suite, but please obey the terms of this license.
<p><br>The latest version of the Samba suite can be obtained via anonymous
ftp from samba.anu.edu.au in the directory pub/samba/. It is
also available on several mirror sites worldwide.
<p><br>If you have patches to submit or bugs to report then you may mail them
directly to <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>. Note, however, that due to
the enormous popularity of this package the Samba Team may take some
-time to repond to mail. We prefer patches in <em>diff -u</em> format.
+time to respond to mail. We prefer patches in <em>diff -u</em> format.
<p><br><a name="CREDITS"></a>
<h2>CREDITS</h2>
for the contributors to Samba post-CVS. CVS is the Open Source source
code control system used by the Samba Team to develop Samba. The
project would have been unmanageable without it.
-<p><br>In addition, several commercial organisations now help fund the Samba
+<p><br>In addition, several commercial organizations now help fund the Samba
Team with money and equipment. For details see the Samba Web pages at
<a href="http://samba.anu.edu.au/samba/samba-thanks.html">http://samba.anu.edu.au/samba/samba-thanks.html</a>.
<p><br><a name="AUTHOR"></a>
-<html><head><title>smb.conf</title>
+<html><head><title>smb.conf (5)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>smb.conf</h1>
+<h1>smb.conf (5)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
passwords and not usernames, you may specify a list of usernames to
check against the password using the <a href="smb.conf.5.html#user"><strong>"user="</strong></a> option in
the share definition. For modern clients such as Windows 95/98 and
-Windows NT, this should not be neccessary.
+Windows NT, this should not be necessary.
<p><br>Note that the access rights granted by the server are masked by the
access rights granted to the specified or guest UNIX user by the host
system. The server does not grant more access than the host system
[foo]
path = /home/bar
- writable = true
+ writeable = true
</pre>
<p><br><pre>
[homes]
- writable = yes
+ writeable = yes
</pre>
<p><br></ul>
<p><br>Note that the [printers] service MUST be printable - if you specify
otherwise, the server will refuse to load the configuration file.
-<p><br>Typically the path specified would be that of a world-writable spool
+<p><br>Typically the path specified would be that of a world-writeable spool
directory with the sticky bit set on it. A typical [printers] entry
would look like this:
<p><br><pre>
[printers]
path = /usr/spool/public
- writable = no
+ writeable = no
guest ok = yes
printable = yes
<p><br>Each alias should be an acceptable printer name for your printing
subsystem. In the <a href="smb.conf.5.html#global"><strong>[global]</strong></a> section, specify the new
-file as your printcap. The server will then only recognise names
+file as your printcap. The server will then only recognize names
found in your pseudo-printcap, which of course can contain whatever
aliases you like. The same technique could be used simply to limit
access to a subset of your local printers.
defined on the system you may be able to use <a href="smb.conf.5.html#printcapname"><strong>"printcap name =
lpstat"</strong></a> to automatically obtain a list of
printers. See the <a href="smb.conf.5.html#printcapname"><strong>"printcap name"</strong></a> option for
-more detils.
+more details.
<p><br></ul>
<p><br><a name="PARAMETERS"></a>
<h2>PARAMETERS</h2>
<p><br>Parameters define the specific attributes of sections.
<p><br>Some parameters are specific to the <a href="smb.conf.5.html#global"><strong>[global]</strong></a> section
-(eg., <a href="smb.conf.5.html#security"><strong>security</strong></a>). Some parameters are usable in
-all sections (eg., <a href="smb.conf.5.html#createmode"><strong>create mode</strong></a>). All others are
+(e.g., <a href="smb.conf.5.html#security"><strong>security</strong></a>). Some parameters are usable in
+all sections (e.g., <a href="smb.conf.5.html#createmode"><strong>create mode</strong></a>). All others are
permissible only in normal sections. For the purposes of the following
descriptions the <a href="smb.conf.5.html#homes"><strong>[homes]</strong></a> and
<a href="smb.conf.5.html#printers"><strong>[printers]</strong></a> sections will be considered normal.
indicates that a parameter can be specified in a service specific
section. Note that all <code>'S'</code> parameters can also be specified in the
<a href="smb.conf.5.html#global"><strong>[global]</strong></a> section - in which case they will define
-the default behaviour for all services.
+the default behavior for all services.
<p><br>Parameters are arranged here in alphabetical order - this may not
create best bedfellows, but at least you can find them! Where there
are synonyms, the preferred synonym is described, others refer to the
<li > <strong>%d</strong> = The process id of the current server process.
<p><br><a name="percenta"></a>
<li > <strong>%a</strong> = the architecture of the remote
-machine. Only some are recognised, and those may not be 100%
-reliable. It currently recognises Samba, WfWg, WinNT and
+machine. Only some are recognized, and those may not be 100%
+reliable. It currently recognizes Samba, WfWg, WinNT and
Win95. Anything else will be known as "UNKNOWN". If it gets it wrong
then sending a level 3 log to <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>
should allow it to be fixed.
<p><br>This specifies what type of server <a href="nmbd.8.html"><strong>nmbd</strong></a> will
announce itself as, to a network neighborhood browse list. By default
this is set to Windows NT. The valid options are : "NT", "Win95" or
-"WfW" meaining Windows NT, Windows 95 and Windows for Workgroups
+"WfW" meaning Windows NT, Windows 95 and Windows for Workgroups
respectively. Do not change this parameter unless you have a specific
need to stop Samba appearing as an NT server as this may prevent Samba
servers from participating as browser servers correctly.
parameter. This restricts the networks that <a href="smbd.8.html"><strong>smbd</strong></a>
will serve to packets coming in those interfaces. Note that you
should not use this parameter for machines that are serving PPP or
-other intermittant or non-broadcast network interfaces as it will not
+other intermittent or non-broadcast network interfaces as it will not
cope with non-permanent interfaces.
<p><br>In addition, to change a users SMB password, the
<a href="smbpasswd.8.html"><strong>smbpasswd</strong></a> by default connects to the
<p><br><strong>Example:</strong>
<code> blocking locks = False</code>
<p><br><a name="browsable"></a>
-<li><strong><strong>broweable (S)</strong></strong>
-<p><br>This controls whether this share is seen in the list of available
-shares in a net view and in the browse list.
-<p><br><strong>Default:</strong>
-<code> browsable = Yes</code>
-<p><br><strong>Example:</strong>
-<code> browsable = No</code>
+<li><strong><strong>browseable (S)</strong></strong>
+<p><br>Synonym for <a href="smb.conf.5.html#browseable"><strong>browseable</strong></a>.
<p><br><a name="browselist"></a>
<li><strong><strong>browse list(G)</strong></strong>
<p><br>This controls whether <a href="smbd.8.html"><strong>smbd</strong></a> will serve a browse
<code> browse list = Yes</code>
<p><br><a name="browseable"></a>
<li><strong><strong>browseable</strong></strong>
-<p><br>Synonym for <a href="smb.conf.5.html#browsable"><strong>browsable</strong></a>.
+<p><br>This controls whether this share is seen in the list of available
+shares in a net view and in the browse list.
+<p><br><strong>Default:</strong>
+<code> browseable = Yes</code>
+<p><br><strong>Example:</strong>
+<code> browseable = No</code>
<p><br><a name="casesensitive"></a>
<li><strong><strong>case sensitive (G)</strong></strong>
<p><br>See the discussion in the section <a href="smb.conf.5.html#NAMEMANGLING"><strong>NAME MANGLING</strong></a>.
(1)</strong></a>, tell <a href="smbd.8.html"><strong>smbd</strong></a> how
to map lower to upper case characters to provide the case insensitivity
of filenames that Windows clients expect.
-<p><br>Samba currenly ships with the following code page files :
+<p><br>Samba currently ships with the following code page files :
<p><br><ul>
<p><br><li > <strong>Code Page 437 - MS-DOS Latin US</strong>
<p><br><li > <strong>Code Page 737 - Windows '95 Greek</strong>
Shift-JIS to JUNET code with different shift-in, shift out codes.
<p><br><li > <strong>EUC</strong> Convert an incoming Shift-JIS character to EUC code.
<p><br><li > <strong>HEX</strong> Convert an incoming Shift-JIS character to a 3 byte hex
-representation, ie. <code>:AB</code>.
+representation, i.e. <code>:AB</code>.
<p><br><li > <strong>CAP</strong> Convert an incoming Shift-JIS character to the 3 byte hex
-representation used by the Columbia Appletalk Program (CAP),
-ie. <code>:AB</code>. This is used for compatibility between Samba and CAP.
+representation used by the Columbia AppleTalk Program (CAP),
+i.e. <code>:AB</code>. This is used for compatibility between Samba and CAP.
<p><br></ul>
<p><br><a name="comment"></a>
<li><strong><strong>comment (S)</strong></strong>
<p><br><a name="createmask"></a>
<li><strong><strong>create mask (S)</strong></strong>
<p><br>A synonym for this parameter is <a href="smb.conf.5.html#createmode"><strong>'create mode'</strong></a>.
-<p><br>When a file is created, the neccessary permissions are calculated
+<p><br>When a file is created, the necessary permissions are calculated
according to the mapping from DOS modes to UNIX permissions, and the
resulting UNIX mode is then bit-wise 'AND'ed with this parameter.
This parameter may be thought of as a bit-wise MASK for the UNIX modes
delete any files and directories within the vetoed directory. This can
be useful for integration with file serving systems such as <strong>NetAtalk</strong>,
which create meta-files within directories you might normally veto
-DOS/Windows users from seeing (eg. <code>.AppleDouble</code>)
+DOS/Windows users from seeing (e.g. <code>.AppleDouble</code>)
<p><br>Setting <code>'delete veto files = True'</code> allows these directories to be
transparently deleted when the parent directory is deleted (so long
as the user has permissions to do so).
return value can give the block size in bytes. The default blocksize
is 1024 bytes.
<p><br>Note: Your script should <em>NOT</em> be setuid or setgid and should be
-owned by (and writable only by) root!
+owned by (and writeable only by) root!
<p><br><strong>Default:</strong>
<code> By default internal routines for determining the disk capacity
and remaining space will be used.</code>
<li><strong><strong>directory mask (S)</strong></strong>
<p><br>This parameter is the octal modes which are used when converting DOS
modes to UNIX modes when creating UNIX directories.
-<p><br>When a directory is created, the neccessary permissions are calculated
+<p><br>When a directory is created, the necessary permissions are calculated
according to the mapping from DOS modes to UNIX permissions, and the
resulting UNIX mode is then bit-wise 'AND'ed with this parameter.
This parameter may be thought of as a bit-wise MASK for the UNIX modes
directory to modify it.
<p><br>Following this Samba will bit-wise 'OR' the UNIX mode created from
this parameter with the value of the "force directory mode"
-parameter. This parameter is set to 000 by default (ie. no extra mode
+parameter. This parameter is set to 000 by default (i.e. no extra mode
bits are added).
<p><br>See the <a href="smb.conf.5.html#forcedirectorymode"><strong>"force directory mode"</strong></a> parameter
to cause particular mode bits to always be set on created directories.
<p><br>This is an <strong>EXPERIMENTAL</strong> parameter that is part of the unfinished
Samba NT Domain Controller Code. It may be removed in a later release.
To work with the latest code builds that may have more support for
-Samba NT Domain Controller functionality please subscibe to the
+Samba NT Domain Controller functionality please subscribe to the
mailing list <strong>Samba-ntdom</strong> available by sending email to
<a href="mailto:listproc@samba.anu.edu.au"><em>listproc@samba.anu.edu.au</em></a>
<p><br><a name="domainadminusers"></a>
<p><br>This is an <strong>EXPERIMENTAL</strong> parameter that is part of the unfinished
Samba NT Domain Controller Code. It may be removed in a later release.
To work with the latest code builds that may have more support for
-Samba NT Domain Controller functionality please subscibe to the
+Samba NT Domain Controller functionality please subscribe to the
mailing list <strong>Samba-ntdom</strong> available by sending email to
<a href="mailto:listproc@samba.anu.edu.au"><em>listproc@samba.anu.edu.au</em></a>
<p><br><a name="domaincontroller"></a>
<p><br>This is an <strong>EXPERIMENTAL</strong> parameter that is part of the unfinished
Samba NT Domain Controller Code. It may be removed in a later release.
To work with the latest code builds that may have more support for
-Samba NT Domain Controller functionality please subscibe to the
+Samba NT Domain Controller functionality please subscribe to the
mailing list <strong>Samba-ntdom</strong> available by sending email to
<a href="mailto:listproc@samba.anu.edu.au"><em>listproc@samba.anu.edu.au</em></a>
<p><br><a name="domainguestgroup"></a>
<p><br>This is an <strong>EXPERIMENTAL</strong> parameter that is part of the unfinished
Samba NT Domain Controller Code. It may be removed in a later release.
To work with the latest code builds that may have more support for
-Samba NT Domain Controller functionality please subscibe to the
+Samba NT Domain Controller functionality please subscribe to the
mailing list <strong>Samba-ntdom</strong> available by sending email to
<a href="mailto:listproc@samba.anu.edu.au"><em>listproc@samba.anu.edu.au</em></a>
<p><br><a name="domainguestusers"></a>
<p><br>This is an <strong>EXPERIMENTAL</strong> parameter that is part of the unfinished
Samba NT Domain Controller Code. It may be removed in a later release.
To work with the latest code builds that may have more support for
-Samba NT Domain Controller functionality please subscibe to the
+Samba NT Domain Controller functionality please subscribe to the
mailing list <strong>Samba-ntdom</strong> available by sending email to
<a href="mailto:listproc@samba.anu.edu.au"><em>listproc@samba.anu.edu.au</em></a>
<p><br><a name="domainlogons"></a>
Samba documentation directory <code>docs/</code> shipped with the source code.
<p><br>Note that Win95/98 Domain logons are <em>NOT</em> the same as Windows
NT Domain logons. NT Domain logons require a Primary Domain Controller
-(PDC) for the Domain. It is inteded that in a future release Samba
+(PDC) for the Domain. It is intended that in a future release Samba
will be able to provide this functionality for Windows NT clients
also.
<p><br><strong>Default:</strong>
<p><br><a name="domainmaster"></a>
<li><strong><strong>domain master (G)</strong></strong>
<p><br>Tell <a href="nmbd.8.html"><strong>nmbd</strong></a> to enable WAN-wide browse list
-collation.Setting this option causes <a href="nmbd.8.html"><strong>nmbd</strong></a> to
+collation. Setting this option causes <a href="nmbd.8.html"><strong>nmbd</strong></a> to
claim a special domain specific NetBIOS name that identifies it as a
domain master browser for its given
<a href="smb.conf.5.html#workgroup"><strong>workgroup</strong></a>. Local master browsers in the same
<p><br>Note that Windows NT Primary Domain Controllers expect to be able to
claim this <a href="smb.conf.5.html#workgroup"><strong>workgroup</strong></a> specific special NetBIOS
name that identifies them as domain master browsers for that
-<a href="smb.conf.5.html#workgroup"><strong>workgroup</strong></a> by default (ie. there is no way to
+<a href="smb.conf.5.html#workgroup"><strong>workgroup</strong></a> by default (i.e. there is no way to
prevent a Windows NT PDC from attempting to do this). This means that
if this parameter is set and <a href="nmbd.8.html"><strong>nmbd</strong></a> claims the
special name for a <a href="smb.conf.5.html#workgroup"><strong>workgroup</strong></a> before a Windows NT
<code> domain master = no</code>
<p><br><a name="dontdescend"></a>
<li><strong><strong>dont descend (S)</strong></strong>
-<p><br>There are certain directories on some systems (eg., the <code>/proc</code> tree
+<p><br>There are certain directories on some systems (e.g., the <code>/proc</code> tree
under Linux) that are either not of interest to clients or are
infinitely deep (recursive). This parameter allows you to specify a
comma-delimited list of directories that the server should always show
<code> dont descend = /proc,/dev</code>
<p><br><a name="dosfiletimeresolution"></a>
<li><strong><strong>dos filetime resolution (S)</strong></strong>
-<p><br>Under the DOS and Windows FAT filesystem, the finest granulatity on
+<p><br>Under the DOS and Windows FAT filesystem, the finest granularity on
time resolution is two seconds. Setting this parameter for a share
causes Samba to round the reported time down to the nearest two second
boundary when a query call that requires one second resolution is made
or root may change the timestamp. By default, Samba runs with POSIX
semantics and refuses to change the timestamp on a file if the user
smbd is acting on behalf of is not the file owner. Setting this option
-to True allows DOS semantics and smbd will change the file timstamp as
+to True allows DOS semantics and smbd will change the file timestamp as
DOS requires.
<p><br><strong>Default:</strong>
<code> dos filetimes = False</code>
particular share. Setting this parameter to <em>"No"</em> prevents any file
or directory that is a symbolic link from being followed (the user
will get an error). This option is very useful to stop users from
-adding a symbolic link to <code>/etc/pasword</code> in their home directory for
+adding a symbolic link to <code>/etc/passwd</code> in their home directory for
instance. However it will slow filename lookups down slightly.
-<p><br>This option is enabled (ie. <a href="smbd.8.html"><strong>smbd</strong></a> will follow
+<p><br>This option is enabled (i.e. <a href="smbd.8.html"><strong>smbd</strong></a> will follow
symbolic links) by default.
<p><br><a name="forcecreatemode"></a>
<li><strong><strong>force create mode (S)</strong></strong>
<p><br>This parameter specifies a set of UNIX mode bit permissions that will
<em>*always*</em> be set on a file created by Samba. This is done by
bitwise 'OR'ing these bits onto the mode bits of a file that is being
-created. The default for this parameter is (in octel) 000. The modes
+created. The default for this parameter is (in octal) 000. The modes
in this parameter are bitwise 'OR'ed onto the file mode after the mask
set in the <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a> parameter is applied.
<p><br>See also the parameter <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a> for details
<p><br>This parameter specifies a set of UNIX mode bit permissions that will
<em>*always*</em> be set on a directory created by Samba. This is done by
bitwise 'OR'ing these bits onto the mode bits of a directory that is
-being created. The default for this parameter is (in octel) 0000 which
+being created. The default for this parameter is (in octal) 0000 which
will not add any extra permission bits to a created directory. This
operation is done after the mode mask in the parameter
<a href="smb.conf.5.html#directorymask"><strong>"directory mask"</strong></a> is applied.
<code> fstype = Samba</code>
<p><br><a name="getwdcache"></a>
<li><strong><strong>getwd cache (G)</strong></strong>
-<p><br>This is a tuning option. When this is enabled a cacheing algorithm
+<p><br>This is a tuning option. When this is enabled a caching algorithm
will be used to reduce the time taken for getwd() calls. This can have
a significant impact on performance, especially when the
<a href="smb.conf.5.html#widelinks"><strong>widelinks</strong></a> parameter is set to False.
<p><br>Each entry in the list must be separated by a <code>'/'</code>, which allows
spaces to be included in the entry. <code>'*'</code> and <code>'?'</code> can be used
to specify multiple files or directories as in DOS wildcards.
-<p><br>Each entry must be a unix path, not a DOS path and must not include the
-unix directory separator <code>'/'</code>.
+<p><br>Each entry must be a Unix path, not a DOS path and must not include the
+Unix directory separator <code>'/'</code>.
<p><br>Note that the case sensitivity option is applicable in hiding files.
<p><br>Setting this parameter will affect the performance of Samba, as it
will be forced to check all files and directories for a match as they
<p><br>Kernel oplocks support allows Samba <a href="smb.conf.5.html#oplocks"><strong>oplocks</strong></a> to be
broken whenever a local UNIX process or NFS operation accesses a file
that <a href="smbd.8.html"><strong>smbd</strong></a> has oplocked. This allows complete
-data consistancy between SMB/CIFS, NFS and local file access (and is a
+data consistency between SMB/CIFS, NFS and local file access (and is a
<em>very</em> cool feature :-).
<p><br>This parameter defaults to <em>"On"</em> on systems that have the support,
and <em>"off"</em> on systems that don't. You should never need to touch
<a href="smb.conf.5.html#printers"><strong>"printers"</strong></a> section for more details.
<p><br><strong>Default:</strong>
<code> load printers = yes</code>
-<p><br>bg(Example:)
+<p><br><strong>Example:</strong>
<code> load printers = no</code>
<p><br><a name="localmaster"></a>
<li><strong><strong>local master (G)</strong></strong>
client. The share must be writeable when the logs in for the first
time, in order that the Windows 95/98 client can create the user.dat
and other directories.
-<p><br>Thereafter, the directories and any of contents can, if required, be
-made read-only. It is not adviseable that the USER.DAT file be made
+<p><br>Thereafter, the directories and any of the contents can, if required, be
+made read-only. It is not advisable that the USER.DAT file be made
read-only - rename it to USER.MAN to achieve the desired effect (a
<em>MAN</em>datory profile).
<p><br>Windows clients can sometimes maintain a connection to the [homes]
share, even though there is no user logged in. Therefore, it is vital
that the logon path does not include a reference to the homes share
-(i.e setting this parameter to <code>\\%N\HOMES\profile_path</code> will cause
+(i.e. setting this parameter to <code>\\%N\HOMES\profile_path</code> will cause
problems).
<p><br>This option takes the standard substitutions, allowing you to have
separate logon scripts for each user or machine.
<p><br><code>/usr/local/samba/netlogon/STARTUP.BAT</code>
<p><br>The contents of the batch file is entirely your choice. A suggested
command would be to add <code>NET TIME \\SERVER /SET /YES</code>, to force every
-machine to synchronise clocks with the same time server. Another use
+machine to synchronize clocks with the same time server. Another use
would be to add <code>NET USE U: \\SERVER\UTILS</code> for commonly used
utilities, or <code>NET USE Q: \\SERVER\ISO9001_QA</code> for example.
<p><br>Note that it is particularly important not to allow write access to
previous identical <strong>lpq</strong> command will be used if the cached data is
less than 10 seconds old. A large value may be advisable if your
<strong>lpq</strong> command is very slow.
-<p><br>A value of 0 will disable cacheing completely.
+<p><br>A value of 0 will disable caching completely.
<p><br>See also the <a href="smb.conf.5.html#printing"><strong>"printing"</strong></a> parameter.
<p><br><strong>Default:</strong>
<code> lpq cache time = 10</code>
<p><br>See the section on <a href="smb.conf.5.html#NAMEMANGLING"><strong>"NAME MANGLING"</strong></a>.
<p><br><a name="mangledmap"></a>
<li><strong><strong>mangled map (S)</strong></strong>
-<p><br>This is for those who want to directly map UNIX file names which are
-not representable on Windows/DOS. The mangling of names is not always
+<p><br>This is for those who want to directly map UNIX file names which can
+not be represented on Windows/DOS. The mangling of names is not always
what is needed. In particular you may have documents with file
extensions that differ between DOS and UNIX. For example, under UNIX
it is common to use <code>".html"</code> for HTML files, whereas under
<p><br>So to map <code>"html"</code> to <code>"htm"</code> you would use:
<p><br><code> mangled map = (*.html *.htm)</code>
<p><br>One very useful case is to remove the annoying <code>";1"</code> off the ends
-of filenames on some CDROMS (only visible under some UNIXes). To do
+of filenames on some CDROMS (only visible under some UNIXs). To do
this use a map of (*;1 *).
<p><br><strong>default:</strong>
<code> no mangled map</code>
source code, documents, etc...
<p><br>Note that this requires the <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a>
parameter to be set such that owner execute bit is not masked out
-(ie. it must include 100). See the parameter <a href="smb.conf.5.html#createmask"><strong>"create
+(i.e. it must include 100). See the parameter <a href="smb.conf.5.html#createmask"><strong>"create
mask"</strong></a> for details.
<p><br><strong>Default:</strong>
<code> map archive = yes</code>
<p><br>This controls whether DOS style hidden files should be mapped to the
UNIX world execute bit.
<p><br>Note that this requires the <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a> to be
-set such that the world execute bit is not masked out (ie. it must
+set such that the world execute bit is not masked out (i.e. it must
include 001). See the parameter <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a>
for details.
<p><br><strong>Default:</strong>
<p><br>This controls whether DOS style system files should be mapped to the
UNIX group execute bit.
<p><br>Note that this requires the <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a> to be
-set such that the group execute bit is not masked out (ie. it must
+set such that the group execute bit is not masked out (i.e. it must
include 010). See the parameter <a href="smb.conf.5.html#createmask"><strong>"create mask"</strong></a>
for details.
<p><br><strong>Default:</strong>
<p><br><a name="maptoguest"></a>
<li><strong><strong>map to guest (G)</strong></strong>
<p><br>This parameter is only useful in <a href="smb.conf.5.html#security"><strong>security</strong></a> modes
-other than <a href="smb.conf.5.html#securityequalshare"><strong>"security=share"</strong></a> - ie. user,
+other than <a href="smb.conf.5.html#securityequalshare"><strong>"security=share"</strong></a> - i.e. user,
server, and domain.
<p><br>This parameter can take three different values, which tell
<a href="smbd.8.html"><strong>smbd</strong></a> what to do with user login requests that
<p><br><li > <strong>"Bad Password"</strong> - Means user logins with an invalid
password are treated as a guest login and mapped into the
<a href="smb.conf.5.html#guestaccount"><strong>"guest account"</strong></a>. Note that this can
-cause problems as it means that any user mistyping their
+cause problems as it means that any user incorrectly typing their
password will be silently logged on a <strong>"guest"</strong> - and
will not know the reason they cannot access files they think
they should - there will have been no message given to them
<p><br>This parameter limits the maximum number of open files that one
<a href="smbd.8.html"><strong>smbd</strong></a> file serving process may have open for
a client at any one time. The default for this parameter is set
-very high (10,000) as Samba uses only one bit per un-opened file.
+very high (10,000) as Samba uses only one bit per unopened file.
<p><br>The limit of the number of open files is usually set by the
UNIX per-process file descriptor limit rather than this parameter
so you should never need to touch this parameter.
<code> nis homedir = true</code>
<p><br><a name="ntpipesupport"></a>
<li><strong><strong>nt pipe support (G)</strong></strong>
-<p><br>This boolean parameter controlls whether <a href="smbd.8.html"><strong>smbd</strong></a>
+<p><br>This boolean parameter controls whether <a href="smbd.8.html"><strong>smbd</strong></a>
will allow Windows NT clients to connect to the NT SMB specific
<code>IPC$</code> pipes. This is a developer debugging option and can be left
alone.
<code> nt pipe support = yes</code>
<p><br><a name="ntsmbsupport"></a>
<li><strong><strong>nt smb support (G)</strong></strong>
-<p><br>This boolean parameter controlls whether <a href="smbd.8.html"><strong>smbd</strong></a>
+<p><br>This boolean parameter controls whether <a href="smbd.8.html"><strong>smbd</strong></a>
will negotiate NT specific SMB support with Windows NT
clients. Although this is a developer debugging option and should be
left alone, benchmarking has discovered that Windows NT clients give
<li><strong><strong>oplocks (S)</strong></strong>
<p><br>This boolean option tells smbd whether to issue oplocks (opportunistic
locks) to file open requests on this share. The oplock code can
-dramatically (approx 30% or more) improve the speed of access to files
-on Samba servers. It allows the clients to agressively cache files
+dramatically (approx. 30% or more) improve the speed of access to files
+on Samba servers. It allows the clients to aggressively cache files
locally and you may want to disable this option for unreliable network
environments (it is turned on by default in Windows NT Servers). For
more information see the file Speed.txt in the Samba docs/ directory.
<p><br>Oplocks may be selectively turned off on certain files on a per share basis.
-See the 'veto oplock files' parameter. On some systems oplocks are recognised
-by the underlying operating system. This allows data synchronisation between
+See the 'veto oplock files' parameter. On some systems oplocks are recognized
+by the underlying operating system. This allows data synchronization between
all access to oplocked files, whether it be via Samba or NFS or a local
UNIX process. See the <a href="smb.conf.5.html#kerneloplocks"><strong>kernel oplocks</strong></a> parameter
for details.
<p><br>This is a Samba developer option that allows a system command to be
called when either <a href="smbd.8.html"><strong>smbd</strong></a> or
<a href="nmbd.8.html"><strong>nmbd</strong></a> crashes. This is usually used to draw
-attention to the fact that a problem occured.
+attention to the fact that a problem occurred.
<p><br><strong>Default:</strong>
<code> panic action = <empty string></code>
<p><br><a name="passwdchat"></a>
<li><strong><strong>passwd program (G)</strong></strong>
<p><br>The name of a program that can be used to set UNIX user passwords.
Any occurrences of <a href="smb.conf.5.html#percentu"><strong>%u</strong></a> will be replaced with the
-user name. The user name is checked for existance before calling the
+user name. The user name is checked for existence before calling the
password changing program.
<p><br>Also note that many passwd programs insist in <em>"reasonable"</em>
passwords, such as a minimum length, or the inclusion of mixed case
<p><br><em>Note</em> that if the <a href="smb.conf.5.html#unixpasswordsync"><strong>"unix password sync"</strong></a>
parameter is set to <code>"True"</code> then this program is called <em>*AS
ROOT*</em> before the SMB password in the
-<a href="smbpasswd.5.html"><strong>smbpassswd</strong></a> file is changed. If this UNIX
+<a href="smbpasswd.5.html"><strong>smbpasswd</strong></a> file is changed. If this UNIX
password change fails, then <a href="smbd.8.html"><strong>smbd</strong></a> will fail to
change the SMB password also (this is by design).
<p><br>If the <a href="smb.conf.5.html#unixpasswordsync"><strong>"unix password sync"</strong></a> parameter is
<p><br>If the <a href="smb.conf.5.html#security"><strong>"security"</strong></a> parameter is set to
<strong>"domain"</strong>, then the list of machines in this option must be a list
of Primary or Backup Domain controllers for the
-<a href="smb.conf.5.html#workgroup"><strong>Domain</strong></a>, as the Samba server is cryptographically
-in that domain, and will use crpytographically authenticated RPC calls
+<a href="smb.conf.5.html#workgroup"><strong>Domain</strong></a>, as the Samba server is cryptographicly
+in that domain, and will use cryptographicly authenticated RPC calls
to authenticate the user logging on. The advantage of using
<a href="smb.conf.5.html#securityequaldomain"><strong>"security=domain"</strong></a> is that if you list
several hosts in the <strong>"password server"</strong> option then
where print data will spool prior to being submitted to the host for
printing.
<p><br>For a printable service offering guest access, the service should be
-readonly and the path should be world-writable and have the sticky bit
+readonly and the path should be world-writeable and have the sticky bit
set. This is not mandatory of course, but you probably won't get the
results you expect if you do otherwise.
<p><br>Any occurrences of <a href="smb.conf.5.html#percentu"><strong>%u</strong></a> in the path will be replaced
<p><br>If there is neither a specified print command for a printable service
nor a global print command, spool files will be created but not
processed and (most importantly) not removed.
-<p><br>Note that printing may fail on some UNIXes from the <code>"nobody"</code>
+<p><br>Note that printing may fail on some UNIXs from the <code>"nobody"</code>
account. If this happens then create an alternative guest account that
can print and set the <a href="smb.conf.5.html#guestaccount"><strong>"guest account"</strong></a> in the
<a href="smb.conf.5.html#global"><strong>"[global]"</strong></a> section.
-<p><br>You can form quite complex print commands by realising that they are
+<p><br>You can form quite complex print commands by realizing that they are
just passed to a shell. For example the following will log a print
job, print the file, then remove it. Note that <code>';'</code> is the usual
separator for command in shell scripts.
<li><strong><strong>queueresume command (S)</strong></strong>
<p><br>This parameter specifies the command to be executed on the server host
in order to resume the printerqueue. It is the command to undo the
-behaviour that is caused by the previous parameter
+behavior that is caused by the previous parameter
(<a href="smb.conf.5.html#queuepausecommand"><strong>"queuepause command</strong></a>).
<p><br>This command should be a program or script which takes a printer name
as its only parameter and resumes the printerqueue, such that queued
<p><br><a name="readonly"></a>
<li><strong><strong>read only (S)</strong></strong>
<p><br>Note that this is an inverted synonym for
-<a href="smb.conf.5.html#writable"><strong>"writable"</strong></a> and <a href="smb.conf.5.html#writeok"><strong>"write ok"</strong></a>.
-<p><br>See also <a href="smb.conf.5.html#writable"><strong>"writable"</strong></a> and <a href="smb.conf.5.html#writeok"><strong>"write
+<a href="smb.conf.5.html#writeable"><strong>"writeable"</strong></a> and <a href="smb.conf.5.html#writeok"><strong>"write ok"</strong></a>.
+<p><br>See also <a href="smb.conf.5.html#writeable"><strong>"writeable"</strong></a> and <a href="smb.conf.5.html#writeok"><strong>"write
ok"</strong></a>.
<p><br><a name="readprediction"></a>
<li><strong><strong>read prediction (G)</strong></strong>
<p><br><a name="remotebrowsesync"></a>
<li><strong><strong>remote browse sync (G)</strong></strong>
<p><br>This option allows you to setup <a href="nmbd.8.html"><strong>nmbd</strong></a> to
-periodically request synchronisation of browse lists with the master
+periodically request synchronization of browse lists with the master
browser of a samba server that is on a remote segment. This option
will allow you to gain browse lists for multiple workgroups across
routed networks. This is done in a manner that does not work with any
<p><br>For example:
<p><br><code> remote browse sync = 192.168.2.255 192.168.4.255</code>
<p><br>the above line would cause <a href="nmbd.8.html"><strong>nmbd</strong></a> to request the
-master browser on the specified subnets or addresses to synchronise
+master browser on the specified subnets or addresses to synchronize
their browse lists with the local server.
<p><br>The IP addresses you choose would normally be the broadcast addresses
of the remote networks, but can also be the IP addresses of known
<p><br>Synonym for <a href="smb.conf.5.html#rootdirectory"><strong>"root directory"</strong></a>.
<p><br><a name="rootdirectory"></a>
<li><strong><strong>root directory (G)</strong></strong>
-<p><br>The server will <code>"chroot()"</code> (ie. Change it's root directory) to
+<p><br>The server will <code>"chroot()"</code> (i.e. Change it's root directory) to
this directory on startup. This is not strictly necessary for secure
operation. Even without it the server will deny access to files not in
one of the service entries. It may also check for, and deny access to,
<li><strong><strong>root preexec (S)</strong></strong>
<p><br>This is the same as the <a href="smb.conf.5.html#preexec"><strong>"preexec"</strong></a> parameter except
that the command is run as root. This is useful for mounting
-filesystems (such as cdroms) before a connection is finalised.
+filesystems (such as cdroms) before a connection is finalized.
<p><br>See also <a href="smb.conf.5.html#preexec"><strong>"preexec"</strong></a>.
<p><br><a name="security"></a>
<li><strong><strong>security (G)</strong></strong>
<p><br>In previous versions of Samba the default was
<a href="smb.conf.5.html#securityequalshare"><strong>"security=share"</strong></a> mainly because that was
the only option at one stage.
-<p><br>There is a bug in WfWg that has relevence to this setting. When in
+<p><br>There is a bug in WfWg that has relevance to this setting. When in
user or server level security a WfWg client will totally ignore the
password you type in the "connect drive" dialog box. This makes it
very difficult (if not impossible) to connect to a Samba service as
difficult to setup guest shares with
<a href="smb.conf.5.html#securityequaluser"><strong>security=user</strong></a>, see the <a href="smb.conf.5.html#maptoguest"><strong>"map to
guest"</strong></a>parameter for details.
-<p><br>It is possible to use <a href="smbd.8.html"><strong>smbd</strong></a> in a <em>"hybred
+<p><br>It is possible to use <a href="smbd.8.html"><strong>smbd</strong></a> in a <em>"hybrid
mode"</em> where it is offers both user and share level security under
different <a href="smb.conf.5.html#netbiosaliases"><strong>NetBIOS aliases</strong></a>. See the
<a href="smb.conf.5.html#netbiosaliases"><strong>NetBIOS aliases</strong></a> and the
are then applied and may change the UNIX user to use on this
connection, but only after the user has been successfully
authenticated.
-<p><br><em>Note</em> that the the name of the resource being requested is
+<p><br><em>Note</em> that the name of the resource being requested is
<em>*not*</em> sent to the server until after the server has successfully
authenticated the client. This is why guest shares don't work in user
level security without allowing the server to automatically map unknown
the same as <a href="smb.conf.5.html#securityequaluser"><strong>"security=user"</strong></a>. It only
affects how the server deals with the authentication, it does not in
any way affect what the client sees.
-<p><br><em>Note</em> that the the name of the resource being requested is
+<p><br><em>Note</em> that the name of the resource being requested is
<em>*not*</em> sent to the server until after the server has successfully
authenticated the client. This is why guest shares don't work in server
level security without allowing the server to automatically map unknown
the same as <a href="smb.conf.5.html#securityequaluser"><strong>"security=user"</strong></a>. It only
affects how the server deals with the authentication, it does not in
any way affect what the client sees.
-<p><br><em>Note</em> that the the name of the resource being requested is
+<p><br><em>Note</em> that the name of the resource being requested is
<em>*not*</em> sent to the server until after the server has successfully
authenticated the client. This is why guest shares don't work in domain
level security without allowing the server to automatically map unknown
set usernames. The communication with a Domain Controller
must be done in UNICODE and Samba currently does not widen
multi-byte user names to UNICODE correctly, thus a multi-byte
-username will not be recognised correctly at the Domain Controller.
+username will not be recognized correctly at the Domain Controller.
This issue will be addressed in a future release.
<p><br>See also the section <a href="smb.conf.5.html#NOTEABOUTUSERNAMEPASSWORDVALIDATION"><strong>"NOTE ABOUT USERNAME/PASSWORD
VALIDATION"</strong></a>.
<code> set directory = yes</code>
<p><br><a name="sharemodes"></a>
<li><strong><strong>share modes (S)</strong></strong>
-<p><br>This enables or disables the honouring of the <code>"share modes"</code> during a
+<p><br>This enables or disables the honoring of the <code>"share modes"</code> during a
file open. These modes are used by clients to gain exclusive read or
write access to a file.
<p><br>These open modes are not directly supported by UNIX, so they are
appropriate documentation for your operating system first (perhaps
<strong>"man setsockopt"</strong> will help).
<p><br>You may find that on some systems Samba will say "Unknown socket
-option" when you supply an option. This means you either mis-typed it
-or you need to add an include file to includes.h for your OS. If the
-latter is the case please send the patch to
+option" when you supply an option. This means you either incorrectly
+typed it or you need to add an include file to includes.h for your OS.
+If the latter is the case please send the patch to
<a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>.
<p><br>Any of the supported socket options may be combined in any way you
like, as long as your OS allows it.
<p><br><em>Note</em> that for export control reasons this code is <em>**NOT**</em>
enabled by default in any current binary version of Samba.
<p><br>This variable defines where to look up the Certification
-Autorities. The given directory should contain one file for each CA
+Authorities. The given directory should contain one file for each CA
that samba will trust. The file name must be the hash value over the
"Distinguished Name" of the CA. How this directory is set up is
explained later in this document. All files within the directory that
certificates of the trusted CAs are collected in one big file and this
variable points to the file. You will probably only use one of the two
ways to define your CAs. The first choice is preferable if you have
-many CAs or want to be flexible, the second is perferable if you only
+many CAs or want to be flexible, the second is preferable if you only
have one CA and want to keep things simple (you won't need to create
the hashed file names). You don't need this variable if you don't
verify client certificates.
<p><br><strong>Default:</strong>
status = yes
<p><br><a name="strictlocking"></a>
-dir(<strong>strict locking (S)</strong>)
+<li><strong><strong>strict locking (S)</strong></strong>
<p><br>This is a boolean that controls the handling of file locking in the
server. When this is set to <code>"yes"</code> the server will check every read and
write access for file locks, and deny access if locks exist. This can
seem to confuse flushing buffer contents to disk with doing a sync to
disk. Under UNIX, a sync call forces the process to be suspended until
the kernel has ensured that all outstanding data in kernel disk
-buffers has been safely stored onto stable storate. This is very slow
+buffers has been safely stored onto stable storage. This is very slow
and should only be done rarely. Setting this parameter to "no" (the
default) means that smbd ignores the Windows applications requests for
a sync call. There is only a possibility of losing data if the
<p><br>See also the <a href="smb.conf.5.html#strictsync"><strong>"strict sync"</strong></a> parameter.
<p><br><strong>Default:</strong>
<code> sync always = no</code>
-<p><br><strong>xample:</strong>
+<p><br><strong>Example:</strong>
<code> sync always = yes</code>
<p><br><a name="syslog"></a>
<li><strong><strong>syslog (G)</strong></strong>
<p><br>This parameter maps how Samba debug messages are logged onto the
system syslog logging levels. Samba debug level zero maps onto syslog
LOG_ERR, debug level one maps onto LOG_WARNING, debug level two maps
-to LOG_NOTICE, debug level three maps onto LOG_INFO. The paramter
+to LOG_NOTICE, debug level three maps onto LOG_INFO. The parameter
sets the threshold for doing the mapping, all Samba debug messages
-above this threashold are mapped to syslog LOG_DEBUG messages.
+above this threshold are mapped to syslog LOG_DEBUG messages.
<p><br><strong>Default:</strong>
<code> syslog = 1</code>
<p><br><a name="syslogonly"></a>
<code> timestamp logs = False</code>
<p><br><a name="unixpasswordsync"></a>
<li><strong><strong>unix password sync (G)</strong></strong>
-<p><br>This boolean parameter controlls whether Samba attempts to synchronise
+<p><br>This boolean parameter controls whether Samba attempts to synchronize
the UNIX password with the SMB password when the encrypted SMB
password in the smbpasswd file is changed. If this is set to true the
program specified in the <a href="smb.conf.5.html#passwdprogram"><strong>"passwd program"</strong></a>
tries all lowercase, followed by the username with the first letter
capitalized, and fails if the username is not found on the UNIX
machine.
-<p><br>If this parameter is set to non-zero the behaviour changes. This
+<p><br>If this parameter is set to non-zero the behavior changes. This
parameter is a number that specifies the number of uppercase
combinations to try whilst trying to determine the UNIX user name. The
higher the number the more combinations will be tried, but the slower
<code> username level = 5</code>
<p><br><a name="usernamemap"></a>
<li><strong><strong>username map (G)</strong></strong>
-<p><br>This option allows you to to specify a file containing a mapping of
+<p><br>This option allows you to specify a file containing a mapping of
usernames from the clients to the server. This can be used for several
purposes. The most common is to map usernames that users use on DOS or
Windows machines to those that the UNIX box uses. The other is to map
<pre>
Samba defaults to using a reasonable set of valid characters
- for english systems
+ for English systems
</pre>
<p><br><strong>Example</strong>
<code> valid chars = 0345:0305 0366:0326 0344:0304</code>
-<p><br>The above example allows filenames to have the swedish characters in
+<p><br>The above example allows filenames to have the Swedish characters in
them.
<p><br>NOTE: It is actually quite difficult to correctly produce a <strong>"valid
chars"</strong> line for a particular system. To automate the process
<p><br><a name="workgroup"></a>
<li><strong><strong>workgroup (G)</strong></strong>
<p><br>This controls what workgroup your server will appear to be in when
-queried by clients. Note that this parameter also controlls the Domain
+queried by clients. Note that this parameter also controls the Domain
name used with the <a href="smb.conf.5.html#securityequaldomain"><strong>"security=domain"</strong></a>
setting.
<p><br><strong>Default:</strong>
<code> set at compile time to WORKGROUP</code>
-<p><br>.B Example:
+<p><br><strong>Example:</strong>
workgroup = MYGROUP
<p><br><a name="writable"></a>
<li><strong><strong>writable (S)</strong></strong>
-<p><br>An inverted synonym is <a href="smb.conf.5.html#readonly"><strong>"read only"</strong></a>.
-<p><br>If this parameter is <code>"no"</code>, then users of a service may not create
-or modify files in the service's directory.
-<p><br>Note that a printable service <a href="smb.conf.5.html#printable"><strong>("printable = yes")</strong></a>
-will <em>*ALWAYS*</em> allow writing to the directory (user privileges
-permitting), but only via spooling operations.
-<p><br><strong>Default:</strong>
-<code> writable = no</code>
-<p><br><strong>Examples:</strong>
-<pre>
-
- read only = no
- writable = yes
- write ok = yes
-
-</pre>
-
+<p><br>Synonym for <a href="smb.conf.5.html#writeable"><strong>"writeable"</strong></a> for people who can't spell :-).
<p><br><a name="writelist"></a>
<li><strong><strong>write list (S)</strong></strong>
<p><br>This is a list of users that are given read-write access to a
<code> write list = admin, root, @staff</code>
<p><br><a name="writeok"></a>
<li><strong><strong>write ok (S)</strong></strong>
-<p><br>Synonym for <a href="smb.conf.5.html#writable"><strong>writable</strong></a>.
+<p><br>Synonym for <a href="smb.conf.5.html#writeable"><strong>writeable</strong></a>.
<p><br><a name="writeraw"></a>
<li><strong><strong>write raw (G)</strong></strong>
<p><br>This parameter controls whether or not the server will support raw
<code> write raw = yes</code>
<p><br><a name="writeable"></a>
<li><strong><strong>writeable</strong></strong>
-<p><br>Synonym for <a href="smb.conf.5.html#writable"><strong>"writable"</strong></a> for people who can't spell :-).
+<p><br>An inverted synonym is <a href="smb.conf.5.html#readonly"><strong>"read only"</strong></a>.
+<p><br>If this parameter is <code>"no"</code>, then users of a service may not create
+or modify files in the service's directory.
+<p><br>Note that a printable service <a href="smb.conf.5.html#printable"><strong>("printable = yes")</strong></a>
+will <em>*ALWAYS*</em> allow writing to the directory (user privileges
+permitting), but only via spooling operations.
+<p><br><strong>Default:</strong>
+<code> writeable = no</code>
+<p><br><strong>Examples:</strong>
+<pre>
+
+ read only = no
+ writeable = yes
+ write ok = yes
+
+</pre>
+
<p><br><a name="WARNINGS"></a>
<h2>WARNINGS</h2>
-<html><head><title>smbclient</title>
+<html><head><title>smbclient (1)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>smbclient</h1>
+<h1>smbclient (1)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
subnet. To specify a particular broadcast address the <a href="smbclient.1.html#minusB"><strong>-B</strong></a> option
may be used.
<p><br></ul>
-<p><br>If this parameter is not set then the name resolver order defined
+<p><br>If this parameter is not set then the name resolve order defined
in the <a href="smb.conf.5.html"><strong>smb.conf</strong></a> file parameter
<a href="smb.conf.5.html#nameresolveorder">(<strong>name resolve order</strong>)</a>
will be used.
the environment variable <code>USER</code> or <code>LOGNAME</code> in that order. If no
username is supplied and neither environment variable exists the
username "GUEST" will be used.
-<p><br>If the <code>USER</code> environment variable containts a '%' character,
+<p><br>If the <code>USER</code> environment variable contains a '%' character,
everything after that will be treated as a password. This allows you
to set the environment variable to be <code>USER=username%password</code> so
that a password is not passed on the command line (where it may be
Samba source code for the complete list.
<p><br><a name="minusm"></a>
<li><strong><strong>-m max protocol level</strong></strong> With the new code in Samba2.0,
-<strong>smbclient</strong> allways attempts to connect at the maximum
+<strong>smbclient</strong> always attempts to connect at the maximum
protocols level the server supports. This parameter is
preserved for backwards compatibility, but any string
following the <strong>-m</strong> will be ignored.
share. Unless the <a href="smbclient.1.html#minusD"><strong>-D</strong></a> option is given, the tar files will be
restored from the top level of the share. Must be followed by the name
of the tar file, device or <code>"-"</code> for standard input. Mutually exclusive
- with the <strong>c</strong> flag. Restored files have theuir creation times (mtime)
+ with the <strong>c</strong> flag. Restored files have their creation times (mtime)
set to the date saved in the tar file. Directories currently do not
get their creation dates restored properly.
<p><br><li><strong><strong>I</strong></strong> Include files and directories. Is the default
- behaviour when filenames are specified above. Causes tar files to
+ behavior when filenames are specified above. Causes tar files to
be included in an extract or create (and therefore everything else to
be excluded). See example below. Filename globbing does not work for
included files for extractions (yet).
be case sensitive, depending on the command.
<p><br>You can specify file names which have spaces in them by quoting the
name with double quotes, for example "a long file name".
-<p><br>Parameters shown in square brackets (eg., "[parameter]") are
+<p><br>Parameters shown in square brackets (e.g., "[parameter]") are
optional. If not given, the command will use suitable
-defaults. Parameters shown in angle brackets (eg., "<parameter>") are
+defaults. Parameters shown in angle brackets (e.g., "<parameter>") are
required.
<p><br>Note that all commands operating on the server are actually performed
-by issuing a request to the server. Thus the behaviour may vary from
+by issuing a request to the server. Thus the behavior may vary from
server to server, depending on how the server was implemented.
<p><br>The commands available are given here in alphabetical order.
<p><br><ul>
mode to suit either binary data (such as graphical information) or
text. Subsequent print commands will use the currently set print
mode.
-<p><br><a name="prompt"></a> dir(<strong>prompt</strong>) Toggle prompting for filenames during
+<p><br><a name="prompt"></a> <li><strong><strong>prompt</strong></strong> Toggle prompting for filenames during
operation of the <a href="smbclient.1.html#mget"><strong>mget</strong></a> and <a href="smbclient.1.html#mput"><strong>mput</strong></a>
commands.
<p><br>When toggled ON, the user will be prompted to confirm the transfer of
the server. If specified, name the remote copy "remote file name".
Note that all transfers in smbclient are binary. See also the
<a href="smbclient.1.html#lowercase"><strong>lowercase</strong></a> command.
-<p><br><a name="queue"></a> dir(<strong>queue</strong>) Displays the print queue, showing the job
+<p><br><a name="queue"></a> <li><strong><strong>queue</strong></strong> Displays the print queue, showing the job
id, name, size and current status.
<p><br><a name="quit"></a> <li><strong><strong>quit</strong></strong> See the <a href="smbclient.1.html#exit"><strong>exit</strong></a> command.
-<p><br><a name="rd"></a> dir(<strong>rd <directory name></strong>) See the <a href="smbclient.1.html#rmdir"><strong>rmdir</strong></a>
+<p><br><a name="rd"></a> <li><strong><strong>rd <directory name></strong></strong> See the <a href="smbclient.1.html#rmdir"><strong>rmdir</strong></a>
command.
-<p><br><a name="recurse"></a> dir(<strong>recurse</strong>) Toggle directory recursion for the
+<p><br><a name="recurse"></a> <li><strong><strong>recurse</strong></strong> Toggle directory recursion for the
commands <a href="smbclient.1.html#mget"><strong>mget</strong></a> and <a href="smbclient.1.html#mput"><strong>mput</strong></a>.
<p><br>When toggled ON, these commands will process all directories in the
source directory (i.e., the directory they are copying .IR from ) and
<a href="smbclient.1.html#mget"><strong>mget</strong></a> or <a href="smbclient.1.html#mput"><strong>mput</strong></a> commands will be copied,
and any mask specified using the <a href="smbclient.1.html#mask"><strong>mask</strong></a> command will be
ignored.
-<p><br><a name="rm"></a> dir(<strong>rm <mask></strong>) Remove all files matching mask from
+<p><br><a name="rm"></a> <li><strong><strong>rm <mask></strong></strong> Remove all files matching mask from
the current working directory on the server.
<p><br><a name="rmdir"></a> <li><strong><strong>rmdir <directory name></strong></strong> Remove the specified
directory (user access privileges permitting) from the server.
<p><br><a name="tar"></a> <li><strong><strong>tar <c|x>[IXbgNa]</strong></strong> Performs a tar operation - see
-the <a href="smbclient.1.html#minusT"><strong>-T</strong></a> command line option above. Behaviour may be
+the <a href="smbclient.1.html#minusT"><strong>-T</strong></a> command line option above. Behavior may be
affected by the <a href="smbclient.1.html#tarmode"><strong>tarmode</strong></a> command (see below). Using
g (incremental) and N (newer) will affect tarmode settings. Note that
using the "-" option with tar x may not work - use the command line
<p><br><a name="blocksize"></a> <li><strong><strong>blocksize <blocksize></strong></strong> Blocksize. Must be
followed by a valid (greater than zero) blocksize. Causes tar file to
be written out in blocksize*TBLOCK (usually 512 byte) blocks.
-<p><br><a name="tarmode"></a> dir(<strong>tarmode <full|inc|reset|noreset></strong>) Changes tar's
-behaviour with regard to archive bits. In full mode, tar will back up
+<p><br><a name="tarmode"></a> <li><strong><strong>tarmode <full|inc|reset|noreset></strong></strong> Changes tar's
+behavior with regard to archive bits. In full mode, tar will back up
everything regardless of the archive bit setting (this is the default
mode). In incremental mode, tar will only back up files with the
archive bit set. In reset mode, tar will reset the archive bit on all
<h2>NOTES</h2>
<p><br>Some servers are fussy about the case of supplied usernames,
-passwords, share names (aka service names) and machine names. If you
+passwords, share names (AKA service names) and machine names. If you
fail to connect try giving all parameters in uppercase.
<p><br>It is often necessary to use the <a href="smbclient.1.html#minusn"><strong>-n</strong></a> option when connecting to some
types of servers. For example OS/2 LanManager insists on a valid
should be executable by all. The client should <em>NOT</em> be setuid or
setgid!
<p><br>The client log files should be put in a directory readable and
-writable only by the user.
+writeable only by the user.
<p><br>To test the client, you will need to know the name of a running
SMB/CIFS server. It is possible to run <a href="smbd.8.html"><strong>smbd (8)</strong></a>
an ordinary user - running that server as a daemon on a
-<html><head><title>smbd</title>
+<html><head><title>smbd (8)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>smbd</h1>
+<h1>smbd (8)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
<h2>DESCRIPTION</h2>
<p><br>This program is part of the <strong>Samba</strong> suite.
-<p><br><strong>smbd</strong> is the server daemon that provides filesharing services to
+<p><br><strong>smbd</strong> is the server daemon that provides filesharing and printing
+services to
Windows clients. The server provides filespace and printer services to
clients using the SMB (or CIFS) protocol. This is compatible with the
LanManager protocol, and can service LanManager clients. These
Windows NT, OS/2, DAVE for Macintosh, and smbfs for Linux.
<p><br>An extensive description of the services that the server can provide
is given in the man page for the configuration file controlling the
-attributes of those services (see <strong>smb.conf (5)</strong>). This man page
+attributes of those services (see
+<a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a>. This man page
will not describe the services, but will concentrate on the
administrative aspects of running the server.
<p><br>Please note that there are significant security implications to
-running this server, and the <strong>smb.conf (5)</strong> manpage should be
+running this server, and the
+<a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a> manpage should be
regarded as mandatory reading before proceeding with installation.
<p><br>A session is created whenever a client requests one. Each client gets
a copy of the server for each session. This copy then services all
connections made by the client during that session. When all
-connections from its client are are closed, the copy of the server for
+connections from its client are closed, the copy of the server for
that client terminates.
<p><br>The configuration file, and any files that it includes, are
automatically reloaded every minute, if they change. You can force a
<p><br>This parameter is not normally specified except in the above
situation.
<p><br><a name="minuss"></a>
-<li><strong><strong>-s configuration file</strong></strong> The default configuration file name is
-determined at compile time.
-<p><br>The file specified contains the configuration details required by the
+<li><strong><strong>-s configuration file</strong></strong>
+The file specified contains the configuration details required by the
server. The information in this file includes server-specific
information such as what printcap file to use, as well as descriptions
of all the services that the server is to provide. See <strong>smb.conf
(5)</strong> for more information.
+The default configuration file name is determined at compile time.
<p><br><a name="minusi"></a>
<li><strong><strong>-i scope</strong></strong> This specifies a NetBIOS scope that the server will use
to communicate with when generating NetBIOS names. For details on the
<p><br><strong>/etc/inetd.conf</strong>
<p><br>If the server is to be run by the inetd meta-daemon, this file must
contain suitable startup information for the meta-daemon. See the
-section <em>INSTALLATION</em> below.
+section <a href="smbd.8.html#INSTALLATION">INSTALLATION</a> below.
<p><br><strong>/etc/rc</strong>
-<p><br>(or whatever initialisation script your system uses).
+<p><br>(or whatever initialization script your system uses).
<p><br>If running the server as a daemon at startup, this file will need to
contain an appropriate startup sequence for the server. See the
-section <em>INSTALLATION</em> below.
+section <a href="smbd.8.html#INSTALLATION">INSTALLATION</a> below.
<p><br><strong>/etc/services</strong>
<p><br>If running the server via the meta-daemon inetd, this file must
-contain a mapping of service name (eg., netbios-ssn) to service port
-(eg., 139) and protocol type (eg., tcp). See the section
-<em>INSTALLATION</em> below.
+contain a mapping of service name (e.g., netbios-ssn) to service port
+(e.g., 139) and protocol type (e.g., tcp). See the section
+<a href="smbd.8.html#INSTALLATION">INSTALLATION</a> below.
<p><br><strong>/usr/local/samba/lib/smb.conf</strong>
<p><br>This is the default location of the <em>smb.conf</em> server configuration
file. Other common places that systems install this file are
<em>/usr/samba/lib/smb.conf</em> and <em>/etc/smb.conf</em>.
<p><br>This file describes all the services the server is to make available
-to clients. See <strong>smb.conf (5)</strong> for more information.
+to clients. See <a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a> for more information.
<p><br><a name="LIMITATIONS"></a>
<h2>LIMITATIONS</h2>
exists in Linux, as testing on other systems has thus far shown them
to be immune.
<p><br>The server log files should be put in a directory readable and
-writable only by root, as the log files may contain sensitive
+writeable only by root, as the log files may contain sensitive
information.
<p><br>The configuration file should be placed in a directory readable and
-writable only by root, as the configuration file controls security for
+writeable only by root, as the configuration file controls security for
the services offered by the server. The configuration file can be made
readable by all if desired, but this is not necessary for correct
operation of the server and is not recommended. A sample configuration
utilities such as the tcpd TCP-wrapper may be used for extra security.
For serious use as file server it is recommended that <strong>smbd</strong> be run
as a daemon.
-<p><br>When you've decided, continue with either <em>RUNNING THE SERVER AS A
-DAEMON</em> or <em>RUNNING THE SERVER ON REQUEST</em>.
+<p><br>When you've decided, continue with either
+<a href="smbd.8.html#RUNNINGTHESERVERASADAEMON">RUNNING THE SERVER AS A DAEMON</a> or
+<a href="smbd.8.html#RUNNINGTHESERVERONREQUEST">RUNNING THE SERVER ON REQUEST</a>.
<p><br><a name="RUNNINGTHESERVERASADAEMON"></a>
<h2>RUNNING THE SERVER AS A DAEMON</h2>
following line, substituting port number, log file location,
configuration file location and debug level as desired:
<p><br><code>/usr/local/samba/bin/smbd -D -l /var/adm/smblogs/log -s /usr/local/samba/lib/smb.conf</code>
-<p><br>(The above should appear in your initialisation script as a single line.
+<p><br>(The above should appear in your initialization script as a single line.
Depending on your terminal characteristics, it may not appear that way in
this man page. If the above appears as more than one line, please treat any
newlines or indentation as a single space or TAB character.)
<p><br>If the options used at compile time are appropriate for your system,
-all parameters except the desired debug level and <a href="smbd.8.html#minusD"><strong>-D</strong></a> may be
-omitted. See the section <em>OPTIONS</em> above.
+all parameters except <a href="smbd.8.html#minusD"><strong>-D</strong></a> may be
+omitted. See the section <a href="smbd.8.html#OPTIONS">OPTIONS</a> above.
<p><br><a name="RUNNINGTHESERVERONREQUEST"></a>
<h2>RUNNING THE SERVER ON REQUEST</h2>
-<p><br>If your system uses a meta-daemon such as inetd, you can arrange to
+<p><br>If your system uses a meta-daemon such as <strong>inetd</strong>, you can arrange to
have the smbd server started whenever a process attempts to connect to
it. This requires several changes to the startup files on the host
machine. If you are experimenting as an ordinary user rather than as
[homes]
- writable = yes
+ writeable = yes
[printers]
- writable = no
+ writeable = no
printable = yes
path = /tmp
public = yes
<p><br>If your machine's name is "fred" and your name is "mary", you should
now be able to connect to the service <code>\\fred\mary</code>.
<p><br>To properly test and experiment with the server, we recommend using
-the smbclient program (see <strong>smbclient (1)</strong>) and also going through
+the smbclient program (see
+<a href="smbclient.1.html"><strong>smbclient (1)</strong></a>) and also going through
the steps outlined in the file <em>DIAGNOSIS.txt</em> in the <em>docs/</em>
directory of your Samba installation.
<p><br><a name="VERSION"></a>
<p><br>The number and nature of diagnostics available depends on the debug
level used by the server. If you have problems, set the debug level to
3 and peruse the log files.
-<p><br>Most messages are reasonably self-explanatory. Unfortunately, at time
-of creation of this man page there are too many diagnostics available
+<p><br>Most messages are reasonably self-explanatory. Unfortunately, at the time
+this man page was created, there are too many diagnostics available
in the source code to warrant describing each and every diagnostic. At
this stage your best bet is still to grep the source code and inspect
the conditions that gave rise to the diagnostics you are seeing.
configuration file within a short period of time.
<p><br>To shut down a users smbd process it is recommended that SIGKILL (-9)
<em>NOT</em> be used, except as a last resort, as this may leave the shared
-memory area in an inconsistant state. The safe way to terminate an
+memory area in an inconsistent state. The safe way to terminate an
smbd is to send it a SIGTERM (-15) signal and wait for it to die on
its own.
<p><br>The debug log level of smbd may be raised
<h2>AUTHOR</h2>
<p><br>The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@samba.anu.edu.au). Samba is now developed
+Andrew Tridgell <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>. Samba is now developed
by the Samba Team as an Open Source project similar to the way the
Linux kernel is developed.
<p><br>The original Samba man pages were written by Karl Auer. The man page
-<html><head><title>smbpasswd</title>
+<html><head><title>smbpasswd (5)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>smbpasswd</h1>
+<h1>smbpasswd (5)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
<p><br>This file is part of the <strong>Samba</strong> suite.
<p><br>smbpasswd is the <strong>Samba</strong> encrypted password file. It contains
-the username, unix user id and the SMB hashed passwords of the
+the username, Unix user id and the SMB hashed passwords of the
user, as well as account flag information and the time the password
was last changed. This file format has been evolving with Samba
and has had several different formats in the past.
<h2>FILE FORMAT</h2>
<p><br>The format of the smbpasswd file used by Samba 2.0 is very similar to
-the familiar unix <strong>passwd (5)</strong> file. It is an ASCII file containing
+the familiar Unix <strong>passwd (5)</strong> file. It is an ASCII file containing
one line for each user. Each field within each line is separated from
the next by a colon. Any entry beginning with # is ignored. The
smbpasswd file contains the following information for each user:
<p><br><a name="uid"></a>
<li><strong><strong>uid</strong></strong> <br> <br>
<p><br>This is the UNIX uid. It must match the uid field for the same
- user entry in the standard UNIX passwd file.
+ user entry in the standard UNIX passwd file. If this does not
+ match then Samba will refuse to recognize this <strong>smbpasswd</strong> file entry
+ as being valid for a user.
<p><br><a name="LanmanPasswordHash"></a>
<li><strong><strong>Lanman Password Hash</strong></strong> <br> <br>
<p><br>This is the <em>LANMAN</em> hash of the users password, encoded as 32 hex
string with the users password as the DES key. This is the same
password used by Windows 95/98 machines. Note that this password hash
is regarded as weak as it is vulnerable to dictionary attacks and if
- two users choose the same password this entry will be identical (ie.
+ two users choose the same password this entry will be identical (i.e.
the password is not <em>"salted"</em> as the UNIX password is). If the
user has a null password this field will contain the characters
<code>"NO PASSWORD"</code> as the start of the hex string. If the hex string
server.
<p><br><em>WARNING !!</em>. Note that, due to the challenge-response nature of the
SMB/CIFS authentication protocol, anyone with a knowledge of this
- password hash will be able to impersonate the user of the network.
+ password hash will be able to impersonate the user on the network.
For this reason these hashes are known as <em>"plain text equivalent"</em>
and must <em>NOT</em> be made available to anyone but the root user. To
protect these passwords the <strong>smbpasswd</strong> file is placed in a
Password Hash</strong></a> as it preserves the case of the
password and uses a much higher quality hashing algorithm. However, it
is still the case that if two users choose the same password this
- entry will be identical (ie. the password is not <em>"salted"</em> as the
+ entry will be identical (i.e. the password is not <em>"salted"</em> as the
UNIX password is).
<p><br><em>WARNING !!</em>. Note that, due to the challenge-response nature of the
SMB/CIFS authentication protocol, anyone with a knowledge of this
- password hash will be able to impersonate the user of the network.
+ password hash will be able to impersonate the user on the network.
For this reason these hashes are known as <em>"plain text equivalent"</em>
and must <em>NOT</em> be made available to anyone but the root user. To
protect these passwords the <strong>smbpasswd</strong> file is placed in a
any of the characters.
<p><br><ul>
<p><br><a name="capU"></a>
- <li > <strong>'U'</strong> This means this is a <em>"User"</em> account, ie. an ordinary
- user. Only <strong>User</strong> and <a href="smbpasswd.5.html#capW"><strong>Worskstation Trust</strong></a> accounts are
+ <li > <strong>'U'</strong> This means this is a <em>"User"</em> account, i.e. an ordinary
+ user. Only <strong>User</strong> and <a href="smbpasswd.5.html#capW"><strong>Workstation Trust</strong></a> accounts are
currently supported in the <strong>smbpasswd</strong> file.
<p><br><a name="capN"></a>
<li > <strong>'N'</strong> This means the account has <em>no</em> password (the passwords
<a href="smb.conf.5.html#nullpasswords"><strong>null passwords</strong></a> parameter is set
in the <a href="smb.conf.5.html"><strong>smb.conf (5)</strong></a> config file.
<p><br><a name="capD"></a>
- <li > <strong>'D'</strong> This means the account is diabled and no SMB/CIFS logins
+ <li > <strong>'D'</strong> This means the account is disabled and no SMB/CIFS logins
will be allowed for this user.
<p><br><a name="capW"></a>
<li > <strong>'W'</strong> This means this account is a <em>"Workstation Trust"</em> account.
<h2>AUTHOR</h2>
<p><br>The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@samba.anu.edu.au). Samba is now developed
+Andrew Tridgell <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>. Samba is now developed
by the Samba Team as an Open Source project similar to the way the
Linux kernel is developed.
<p><br>The original Samba man pages were written by Karl Auer. The man page
sources were converted to YODL format (another excellent piece of Open
-Source software) and updated for the Samba2.0 release by Jeremy
+Source software, available at
+<a href="ftp://ftp.icce.rug.nl/pub/unix/"><strong>ftp://ftp.icce.rug.nl/pub/unix/</strong></a>)
+and updated for the Samba2.0 release by Jeremy
Allison, <a href="mailto:samba-bugs@samba.anu.edu.au"><em>samba-bugs@samba.anu.edu.au</em></a>.
<p><br>See <a href="samba.7.html"><strong>samba (7)</strong></a> to find out how to get a full
list of contributors and details on how to submit bug reports,
-<html><head><title>smbpasswd</title>
+<html><head><title>smbpasswd (8)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>smbpasswd</h1>
+<h1>smbpasswd (8)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
sessions on any machines that store SMB passwords.
<p><br>By default (when run with no arguments) it will attempt to change the
current users SMB password on the local machine. This is similar to
-the way the <strong>passwd (1)</strong> program works. <strong>smbpasswd</strong> differs from
+the way the <strong>passwd (1)</strong> program works. <strong>smbpasswd</strong> differs from how
the <strong>passwd</strong> program works however in that it is not <em>setuid root</em>
but works in a client-server mode and communicates with a locally
running <a href="smbd.8.html"><strong>smbd</strong></a>. As a consequence in order for this
typed. If you have a blank smb password (specified by the string "NO
PASSWORD" in the <a href="smbpasswd.5.html"><strong>smbpasswd</strong></a> file) then just
press the <Enter> key when asked for your old password.
-<p><br><strong>smbpasswd</strong> also can be used by a normal user to change their SMB
+<p><br><strong>smbpasswd</strong> can also be used by a normal user to change their SMB
password on remote machines, such as Windows NT Primary Domain
Controllers. See the <a href="smbpasswd.8.html#minusr">(<strong>-r</strong>)</a> and
<a href="smbpasswd.8.html#minusU"><strong>-U</strong></a> options below.
<p><br>When run by root, <strong>smbpasswd</strong> allows new users to be added and
deleted in the <a href="smbpasswd.5.html"><strong>smbpasswd</strong></a> file, as well as
-changes to the attributes of the user in this file to be made. When
+allows changes to the attributes of the user in this file to be made. When
run by root, <strong>smbpasswd</strong> accesses the local
<a href="smbpasswd.5.html"><strong>smbpasswd</strong></a> file directly, thus enabling
changes to be made even if <a href="smbd.8.html"><strong>smbd</strong></a> is not running.
the new password typed (type <Enter> for the old password). This
option is ignored if the username following already exists in the
<a href="smbpasswd.5.html"><strong>smbpasswd</strong></a> file and it is treated like a
-regular change password command. Note that the user to be added .B
-must already exist in the system password file (usually /etc/passwd)
+regular change password command. Note that the user to be added
+<strong>must</strong> already exist in the system password file (usually /etc/passwd)
else the request to add the user will fail.
<p><br>This option is only available when running <strong>smbpasswd</strong> as
root.
specified must be the Primary Domain Controller for the domain (Backup
Domain Controllers only have a read-only copy of the user account
database and will not allow the password change).
+<p><br><em>Note</em> that Windows 95/98 do not have a real password database
+so it is not possible to change passwords specifying a Win95/98
+machine as remote machine target.
<p><br><a name="minusR"></a>
<li><strong><strong>-R name resolve order</strong></strong> This option allows the user of
smbclient to determine what name resolution services to use when
<p><br><a name="host"></a>
<li > <strong>host</strong> : Do a standard host name to IP address resolution,
using the system /etc/hosts, NIS, or DNS lookups. This method of name
-resolution is operating system depended for instance on IRIX or
-Solaris this may be controlled by the <em>/etc/nsswitch.conf</em> file).
+resolution is operating system dependent. For instance on IRIX or
+Solaris, this may be controlled by the <em>/etc/nsswitch.conf</em> file).
<p><br><a name="wins"></a>
-<li > <strong>wins</strong> : Query a name with the IP address listed in the <a href="smb.conf.5.html#winsserver"><strong>wins
-server</strong></a> parameter in the smb.conf file. If
+<li > <strong>wins</strong> : Query a name with the IP address listed in the
+<a href="smb.conf.5.html#winsserver"><strong>wins server</strong></a> parameter in the
+<a href="smb.conf.5.html"><strong>smb.conf file</strong></a>. If
no WINS server has been specified this method will be ignored.
<p><br><a name="bcast"></a>
<li > <strong>bcast</strong> : Do a broadcast on each of the known local interfaces
methods as it depends on the target host being on a locally connected
subnet.
<p><br></ul>
-<p><br>If this parameter is not set then the name resolver order defined
+<p><br>If this parameter is not set then the name resolve order defined
in the <a href="smb.conf.5.html"><strong>smb.conf</strong></a> file parameter
<a href="smb.conf.5.html#nameresolveorder"><strong>name resolve order</strong></a>
will be used.
the machine account password used to create the secure Domain
communication. This password is then stored by <strong>smbpasswd</strong> in a
file, read only by root, called <code><Domain>.<Machine>.mac</code> where
-<code><Domain></code> is the name of the Domain we are joining and tt<Machine>
+<code><Domain></code> is the name of the Domain we are joining and <code><Machine></code>
is the primary NetBIOS name of the machine we are running on.
<p><br>Once this operation has been performed the
<a href="smb.conf.5.html"><strong>smb.conf</strong></a> file may be updated to set the
<li><strong><strong>-h</strong></strong> This option prints the help string for <strong>smbpasswd</strong>,
selecting the correct one for running as root or as an ordinary user.
<p><br><a name="minuss"></a>
-<li><strong><strong>-s</strong></strong> This option causes <strong>smbpasswd</strong> to be silent (ie. not
+<li><strong><strong>-s</strong></strong> This option causes <strong>smbpasswd</strong> to be silent (i.e. not
issue prompts) and to read it's old and new passwords from standard
input, rather than from <code>/dev/tty</code> (like the <strong>passwd (1)</strong> program
does). This option is to aid people writing scripts to drive <strong>smbpasswd</strong>
<p><br><a name="username"></a>
-dir(<strong>username</strong>) This specifies the username for all of the <em>root
+<li><strong><strong>username</strong></strong> This specifies the username for all of the <em>root
only</em> options to operate on. Only root can specify this parameter as
only root has the permission needed to modify attributes directly
in the local <a href="smbpasswd.5.html"><strong>smbpasswd</strong></a> file.
<p><br><a name="NOTES"></a>
<h2>NOTES</h2>
-<p><br>As <strong>smbpasswd</strong> works in client-server mode communicating with a
+<p><br>Since <strong>smbpasswd</strong> works in client-server mode communicating with a
local <a href="smbd.8.html"><strong>smbd</strong></a> for a non-root user then the <strong>smbd</strong>
daemon must be running for this to work. A common problem is to add a
restriction to the hosts that may access the <strong>smbd</strong> running on the
-<html><head><title>smbrun</title>
+<html><head><title>smbrun (1)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>smbrun</h1>
+<h1>smbrun (1)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
-<html><head><title>smbstatus</title>
+<html><head><title>smbstatus (1)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>smbstatus</h1>
+<h1>smbstatus (1)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
-<html><head><title>smbtar</title>
+<html><head><title>smbtar (1)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>smbtar</h1>
+<h1>smbtar (1)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
-<html><head><title>swat</title>
+<html><head><title>swat (8)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>swat</h1>
+<h1>swat (8)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
addition, a swat configuration page has help links to all the
configurable options in the <a href="smb.conf.5.html"><strong>smb.conf</strong></a> file
allowing an administrator to easily look up the effects of any change.
-<p><br><strong>swat</strong> can be run as a stand-alone daemon, from <strong>inetd</strong>,
-or invoked via CGI from a Web server.
+<p><br><strong>swat</strong> is run from <strong>inetd</strong>
<p><br><a name="OPTIONS"></a>
<h2>OPTIONS</h2>
(5)</a> for more information.
<p><br><a name="minusa"></a>
<li><strong><strong>-a</strong></strong>
-<p><br>This option is only used if <strong>swat</strong> is running as it's own mini-web
-server (see the <a href="swat.8.html#INSTALLATION"><strong>INSTALLATION</strong></a> section below).
-<p><br>This option removes the need for authentication needed to modify the
-<a href="smb.conf.5.html"><strong>smb.conf</strong></a> file. <em>**THIS IS ONLY MEANT FOR
-DEMOING SWAT AND MUST NOT BE SET IN NORMAL SYSTEMS**</em> as it would
-allow <em>*ANYONE*</em> to modify the <a href="smb.conf.5.html"><strong>smb.conf</strong></a>
-file, thus giving them root access.
+<p><br>This option disables authentication and puts <strong>swat</strong> in demo mode. In
+that mode anyone will be able to modify the
+<a href="smb.conf.5.html"><strong>smb.conf</strong></a> file.
+<p><br>Do NOT enable this option on a production server.
<p><br></ul>
<p><br><a name="INSTALLATION"></a>
<h2>INSTALLATION</h2>
</pre>
-<p><br><a name="RUNNINGVIAINETD"></a>
-<h2>RUNNING VIA INETD</h2>
+<p><br><a name="INETD"></a>
+<h2>INETD INSTALLATION</h2>
<p><br>You need to edit your <code>/etc/inetd.conf</code> and <code>/etc/services</code> to
-enable <strong>SWAT</strong> to be launched via inetd. Note that <strong>swat</strong> can also
-be launched via the cgi-bin mechanisms of a web server (such as
-apache) and that is described below in the section <a href="swat.8.html#RUNNINGVIACGIBIN"><strong>RUNNING VIA
-CGI-BIN</strong></a>.
+enable <strong>SWAT</strong> to be launched via inetd.
<p><br>In <code>/etc/services</code> you need to add a line like this:
<p><br><code>swat 901/tcp</code>
<p><br>Note for NIS/YP users - you may need to rebuild the NIS service maps
details of your <strong>inetd</strong> daemon).
<p><br>In <code>/etc/inetd.conf</code> you should add a line like this:
<p><br><code>swat stream tcp nowait.400 root /usr/local/samba/bin/swat swat</code>
-<p><br>If you just want to see a demo of how swat works and don't want to be
-able to actually change any Samba config via swat then you may chose
-to change <code>"root"</code> to some other user that does not have permission
-to write to <a href="smb.conf.5.html"><strong>smb.conf</strong></a>.
<p><br>One you have edited <code>/etc/services</code> and <code>/etc/inetd.conf</code> you need
to send a HUP signal to inetd. To do this use <code>"kill -1 PID"</code> where
PID is the process ID of the inetd daemon.
-<p><br><a name="RUNNINGVIACGIBIN"></a>
-<h2>RUNNING VIA CGI-BIN</h2>
-
-<p><br>To run <strong>swat</strong> via your web servers cgi-bin capability you need to
-copy the <strong>swat</strong> binary to your cgi-bin directory. Note that you
-should run <strong>swat</strong> either via <a href="swat.8.html#RUNNINGVIAINETD"><strong>inetd</strong></a> or via
-cgi-bin but not both.
-<p><br>Then you need to create a <code>swat/</code> directory in your web servers root
-directory and copy the <code>images/*</code> and <code>help/*</code> files found in the
-<code>swat/</code> directory of your Samba source distribution into there so
-that they are visible via the URL <code>http://your.web.server/swat/</code>
-<p><br>Next you need to make sure you modify your web servers authentication
-to require a username/pssword for the URL
-<code>http://your.web.server/cgi-bin/swat</code>. <em>**Don't forget this
-step!**</em> If you do forget it then you will be allowing anyone to edit
-your Samba configuration which would allow them to easily gain root
-access on your machine.
-<p><br>After testing the authentication you need to change the ownership and
-permissions on the <strong>swat</strong> binary. It should be owned by root wth the
-setuid bit set. It should be ONLY executable by the user that the web
-server runs as. Make sure you do this carefully!
-<p><br>for example, the following would be correct if the web server ran as
-group <code>"nobody"</code>.
-<p><br><code>-rws--x--- 1 root nobody </code>
-<p><br>You must also realise that this means that any user who can run
-programs as the <code>"nobody"</code> group can run <strong>swat</strong> and modify your
-Samba config. Be sure to think about this!
<p><br><a name="LAUNCHING"></a>
<h2>LAUNCHING</h2>
-<p><br>To launch <strong>swat</strong> just run your favourite web browser and point it at
-<code>http://localhost:901/</code> or <code>http://localhost/cgi-bin/swat/</code>
-depending on how you installed it.
-<p><br>Note that you can attach to <strong>swat</strong> from any IP connected machine but
+<p><br>To launch <strong>swat</strong> just run your favorite web browser and point it at
+<code>http://localhost:901/</code>.
+<p><br><strong>Note that you can attach to <strong>swat</strong> from any IP connected machine but
connecting from a remote machine leaves your connection open to
password sniffing as passwords will be sent in the clear over the
-wire.
-<p><br>If installed via <strong>inetd</strong> then you should be prompted for a
-username/password when you connect. You will need to provide the
-username <code>"root"</code> and the correct root password. More sophisticated
-authentication options are planned for future versions of <strong>swat</strong>.
-<p><br>If installed via cgi-bin then you should receive whatever
-authentication request you configured in your web server.
+wire.</strong>
<p><br><h2>FILES</h2>
<p><br><strong>/etc/inetd.conf</strong>
-<p><br>If the server is to be run by the inetd meta-daemon, this file must
-contain suitable startup information for the meta-daemon. See the
-section <a href="swat.8.html#RUNNINGVIAINETD"><strong>RUNNING VIA INETD</strong></a> above.
+<p><br>This file must contain suitable startup information for the
+meta-daemon.
<p><br><strong>/etc/services</strong>
-<p><br>If running the server via the meta-daemon inetd, this file must
-contain a mapping of service name (eg., swat) to service port
-(eg., 901) and protocol type (eg., tcp). See the section
-<a href="swat.8.html#RUNNINGVIAINETD"><strong>RUNNING VIA INETD</strong></a> above.
+<p><br>This file must contain a mapping of service name (e.g., swat) to
+service port (e.g., 901) and protocol type (e.g., tcp).
<p><br><strong>/usr/local/samba/lib/smb.conf</strong>
<p><br>This is the default location of the <em>smb.conf</em> server configuration
file that <strong>swat</strong> edits. Other common places that systems install
-<html><head><title>testparm</title>
+<html><head><title>testparm (1)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>testparm</h1>
+<h1>testparm (1)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
allow"</strong></a> and <a href="smb.conf.5.html#hostsdeny"><strong>"hosts
deny"</strong></a> parameters in the
<a href="smb.conf.5.html"><strong>smb.conf</strong></a> file to determine if the hostname
-with this IP address would be allowed acces to the
+with this IP address would be allowed access to the
<a href="smbd.8.html"><strong>smbd</strong></a> server. If this parameter is supplied, the
-hostIP parameter must also be supplied.
+<a href="testparm.1.html#hostIP">hostIP</a> parameter must also be supplied.
<p><br><a name="hostIP"></a>
<li><strong><strong>hostIP</strong></strong> This is the IP address of the host specified in the
previous parameter. This address must be supplied if the hostname
-<html><head><title>testparm</title>
+<html><head><title>testprns (1)</title>
<link rev="made" href="mailto:samba-bugs@samba.anu.edu.au">
</head>
<hr>
-<h1>testparm</h1>
+<h1>testprns (1)</h1>
<h2>Samba</h2>
<h2>23 Oct 1998</h2>
<p><br><a name="NAME"></a>
<h2>NAME</h2>
- testparm - check printer name for validity with smbd
+ testprns - check printer name for validity with smbd
<p><br><a name="SYNOPSIS"></a>
<h2>SYNOPSIS</h2>
<li><strong><strong>printername</strong></strong> The printer name to validate.
<p><br>Printer names are taken from the first field in each record in the
printcap file, single printer names and sets of aliases separated by
-vertical bars ("|") are recognised. Note that no validation or
+vertical bars ("|") are recognized. Note that no validation or
checking of the printcap syntax is done beyond that required to
extract the printer name. It may be that the print spooling system is
more forgiving or less forgiving than <strong>testprns</strong>. However, if
-.TH "lmhosts" "5" "23 Oct 1998" "Samba" "SAMBA"
+.TH "lmhosts " "5" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
lmhosts \- The Samba NetBIOS hosts file
.PP
This file is part of the \fBSamba\fP suite\&.
.PP
-lmhosts is the \fBSamba\fP NetBIOS name to IP address mapping file\&. It
+\fBlmhosts\fP is the \fBSamba\fP NetBIOS name to IP address mapping file\&. It
is very similar to the \fB/etc/hosts\fP file format, except that the
hostname component must correspond to the NetBIOS naming format\&.
.PP
.PP
An example follows :
.PP
-
-.DS
-
-
-
-#
-# Sample Samba lmhosts file\&.
-#
-192\&.9\&.200\&.1 TESTPC
-192\&.9\&.200\&.20 NTSERVER#20
-192\&.9\&.200\&.21 SAMBASERVER
-
-.DE
-
-
+#
+.br
+# Sample Samba lmhosts file\&.
+.br
+#
+.br
+192\&.9\&.200\&.1 TESTPC
+.br
+192\&.9\&.200\&.20 NTSERVER#20
+.br
+192\&.9\&.200\&.21 SAMBASERVER
+.br
.PP
Contains three IP to NetBIOS name mappings\&. The first and third will
be returned for any queries for the names \f(CW"TESTPC"\fP and
.SH "AUTHOR"
.PP
The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@samba\&.anu\&.edu\&.au)\&. Samba is now developed
+Andrew Tridgell \fIsamba-bugs@samba\&.anu\&.edu\&.au\fP\&. Samba is now developed
by the Samba Team as an Open Source project similar to the way the
Linux kernel is developed\&.
.PP
-.TH "make_smbcodepage" "1" "23 Oct 1998" "Samba" "SAMBA"
+.TH "make_smbcodepage " "1" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
make_codepage \- Construct a codepage file for Samba
.PP
.IP
.IP "c|d"
-This tells make_smbcodepage if it is compiling (c) a text
-format code page file to binary, or (d) de-compiling a binary codepage
+This tells \fBmake_smbcodepage\fP if it is compiling (\fBc\fP) a text
+format code page file to binary, or (\fBd\fP) de-compiling a binary codepage
file to text\&.
.IP
.IP "codepage"
-This is the codepage we are processing (a number, eg\&. 850)\&.
+This is the codepage we are processing (a number, e\&.g\&. 850)\&.
.IP
.IP "inputfile"
-This is the input file to process\&. In the \'c\' case this
+This is the input file to process\&. In the \'\fBc\fP\' case this
will be a text codepage definition file such as the ones found in the
-Samba \fIsource/codepages\fP directory\&. In the \'d\' case this will be the
+Samba \fIsource/codepages\fP directory\&. In the \'\fBd\fP\' case this will be the
binary format codepage definition file normally found in the
\fIlib/codepages\fP directory in the Samba install directory path\&.
.IP
Samba how to map from upper to lower case for characters greater than
ascii 127 in the specified DOS code page\&. Note that for certain DOS
codepages (437 for example) mapping from lower to upper case may be
-asynchronous\&. For example, in code page 437 lower case a acute maps to
-a plain upper case A when going from lower to upper case, but maps
-from plain upper case A to plain lower case a when lower casing a
+non-symmetrical\&. For example, in code page 437 lower case a acute maps to
+a plain upper case A when going from lower to upper case, but
+plain upper case A maps to plain lower case a when lower casing a
character\&.
.PP
A binary Samba codepage definition file is a binary representation of
server\&. That is, they wish to know what IP number a specified host is
using\&.
.PP
-Amongst other services, this program will listen for such requests,
+Amongst other services, \fBnmbd\fP will listen for such requests,
and if its own NetBIOS name is specified it will respond with the IP
number of the host it is running on\&. Its "own NetBIOS name" is by
default the primary DNS name of the host it is running on, but this
-can be overriden with the \fB-n\fP option (see \fIOPTIONS\fP below)\&. Thus
-nmbd will reply to broadcast queries for its own name(s)\&. Additional
-names for nmbd to respond on can be set via parameters in the
-\fBsmb\&.conf (5)\fP configuration file\&.
+can be overridden with the \fB-n\fP option (see OPTIONS below)\&. Thus
+\fBnmbd\fP will reply to broadcast queries for its own name(s)\&. Additional
+names for \fBnmbd\fP to respond on can be set via parameters in the
+\fBsmb\&.conf(5)\fP configuration file\&.
.PP
-nmbd can also be used as a WINS (Windows Internet Name Server)
+\fBnmbd\fP can also be used as a WINS (Windows Internet Name Server)
server\&. What this basically means is that it will act as a WINS
database server, creating a database from name registration requests
that it receives and replying to queries from clients for these names\&.
.PP
-In addition, nmbd can act as a WINS proxy, relaying broadcast queries
+In addition, \fBnmbd\fP can act as a WINS proxy, relaying broadcast queries
from clients that do not understand how to talk the WINS protocol to a
WIN server\&.
.PP
.PP
.IP
.IP "\fB-D\fP"
-If specified, this parameter causes the server to operate
+If specified, this parameter causes \fBnmbd\fP to operate
as a daemon\&. That is, it detaches itself and runs in the background,
-fielding requests on the appropriate port\&. By default, the server will
+fielding requests on the appropriate port\&. By default, \fBnmbd\fP will
NOT operate as a daemon\&. nmbd can also be operated from the inetd
meta-daemon, although this is not recommended\&.
.IP
.IP
The lmhosts file is a list of NetBIOS names to IP addresses that is
loaded by the nmbd server and used via the name resolution mechanism
-\fIname resolve order\fP described in \fBsmbd\&.conf (5)\fP to resolve any
+\fBname resolve order\fP described in
+\fBsmb\&.conf (5)\fP to resolve any
NetBIOS name queries needed by the server\&. Note that the contents of
-this file are \fINOT\fP used by nmbd to answer any name queries, adding
+this file are \fINOT\fP used by \fBnmbd\fP to answer any name queries\&. Adding
a line to this file affects name NetBIOS resolution from this host
\fIONLY\fP\&.
.IP
The default path to this file is compiled into Samba as part of the
build process\&. Common defaults are \fI/usr/local/samba/lib/lmhosts\fP,
-\fI/usr/samba/lib/lmhosts\fP or \fI/etc/lmhosts\fP\&. See the \fBlmhosts
-(5)\fP man page for details on the contents of this file\&.
+\fI/usr/samba/lib/lmhosts\fP or \fI/etc/lmhosts\fP\&. See the
+\fBlmhosts (5)\fP man page for details on the contents of this file\&.
.IP
.IP "\fB-d debuglevel\fP"
debuglevel is an integer from 0 to 10\&.
specified was "log" then the file log\&.nmb would contain the debugging
data\&.
.IP
-The default log file path is is compiled into Samba as part of the
+The default log file path is compiled into Samba as part of the
build process\&. Common defaults are \fI/usr/local/samba/var/log\&.nmb\fP,
\fI/usr/samba/var/log\&.nmb\fP or \fI/var/log/log\&.nmb\fP\&.
.IP
UDP port number is a positive integer value\&.
.IP
This option changes the default UDP port number (normally 137) that
-nmbd responds to name queries on\&. Don\'t use this option unless you are
+\fBnmbd\fP responds to name queries on\&. Don\'t use this option unless you are
an expert, in which case you won\'t need help!
.IP
.IP "\fB-s configuration file\fP"
server\&. See \fBsmb\&.conf (5)\fP for more information\&.
.IP
.IP "\fB-i scope\fP"
-This specifies a NetBIOS scope that the server will use
+This specifies a NetBIOS scope that \fBnmbd\fP will use
to communicate with when generating NetBIOS names\&. For details on the
use of NetBIOS scopes, see rfc1001\&.txt and rfc1002\&.txt\&. NetBIOS scopes
are \fIvery\fP rarely used, only set this parameter if you are the
communicate with\&.
.IP
.IP "\fB-h\fP"
-Prints the help information (usage) for nmbd\&.
+Prints the help information (usage) for \fBnmbd\fP\&.
.IP
.PP
.SH "FILES"
.PP
\fB/etc/rc\fP
.PP
-(or whatever initialisation script your system uses)\&.
+(or whatever initialization script your system uses)\&.
.PP
If running the server as a daemon at startup, this file will need to
contain an appropriate startup sequence for the server\&.
.PP
\fB/usr/local/samba/lib/smb\&.conf\fP
.PP
-This is the default location of the \fIsmb\&.conf\fP server configuration
+This is the default location of the
+\fBsmb\&.conf\fP server configuration
file\&. Other common places that systems install this file are
\fI/usr/samba/lib/smb\&.conf\fP and \fI/etc/smb\&.conf\fP\&.
.PP
.PP
.SH "SIGNALS"
.PP
-To shut down an nmbd process it is recommended that SIGKILL (-9)
+To shut down an \fBnmbd\fP process it is recommended that SIGKILL (-9)
\fINOT\fP be used, except as a last resort, as this may leave the name
-database in an inconsistant state\&. The correct way to terminate
-nmbd is to send it a SIGTERM (-15) signal and wait for it to die on
+database in an inconsistent state\&. The correct way to terminate
+\fBnmbd\fP is to send it a SIGTERM (-15) signal and wait for it to die on
its own\&.
.PP
-nmbd will accept SIGHUP, which will cause it to dump out it\'s
-namelists into the file namelist\&.debug in the
+\fBnmbd\fP will accept SIGHUP, which will cause it to dump out it\'s
+namelists into the file \f(CWnamelist\&.debug\fP in the
\fI/usr/local/samba/var/locks\fP directory (or the \fIvar/locks\fP
directory configured under wherever Samba was configured to install
-itself)\&. This will also cause nmbd to dump out it\'s server database in
-the log\&.nmb file\&. In addition, the the debug log level of nmbd may be raised
+itself)\&. This will also cause \fBnmbd\fP to dump out it\'s server database in
+the log\&.nmb file\&. In addition, the debug log level of nmbd may be raised
by sending it a SIGUSR1 (\f(CWkill -USR1 <nmbd-pid>\fP) and lowered by sending it a
SIGUSR2 (\f(CWkill -USR2 <nmbd-pid>\fP)\&. This is to allow transient
problems to be diagnosed, whilst still running at a normally low log
.SH "AUTHOR"
.PP
The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@samba\&.anu\&.edu\&.au)\&. Samba is now developed
+Andrew Tridgell \fIsamba-bugs@samba\&.anu\&.edu\&.au\fP\&. Samba is now developed
by the Samba Team as an Open Source project similar to the way the
Linux kernel is developed\&.
.PP
-.TH "nmblookup" "1" "23 Oct 1998" "Samba" "SAMBA"
+.TH "nmblookup " "1" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
nmblookup \- NetBIOS over TCP/IP client used to lookup NetBIOS names
.PP
\fBnmblookup\fP is used to query NetBIOS names and map them to IP
addresses in a network using NetBIOS over TCP/IP queries\&. The options
-allow the name queries to be directed at a particlar IP broadcast area
+allow the name queries to be directed at a particular IP broadcast area
or to a particular machine\&. All queries are done over UDP\&.
.PP
.SH "OPTIONS"
.IP
.IP "\fB-S\fP"
Once the name query has returned an IP address then do a
-node status query as well\&.
+node status query as well\&. A node status query returns the NetBIOS names
+registered by a host\&.
.IP
.IP "\fB-r\fP"
Try and bind to UDP port 137 to send and receive UDP
datagrams\&. The reason for this option is a bug in Windows 95 where it
ignores the source port of the requesting packet and only replies to
-UDP port 137\&. Unfortunately, on most UNIX systems root privillage is
+UDP port 137\&. Unfortunately, on most UNIX systems root privilage is
needed to bind to this port, and in addition, if the
\fBnmbd\fP daemon is running on this machine it also
binds to this port\&.
.IP
.IP "\fB-s smb\&.conf\fP"
This parameter specifies the pathname to the
-Samba configuration file, smb\&.conf\&. This file controls all aspects of
-the Samba setup on the machine and smbclient also needs to read this
-file\&.
+Samba configuration file, \fBsmb\&.conf\fP\&.
+This file controls all aspects of
+the Samba setup on the machine\&.
.IP
.IP "\fB-i scope\fP"
-This specifies a NetBIOS scope that smbclient will use
+This specifies a NetBIOS scope that \fBnmblookup\fP will use
to communicate with when generating NetBIOS names\&. For details on the
use of NetBIOS scopes, see rfc1001\&.txt and rfc1002\&.txt\&. NetBIOS scopes
are \fIvery\fP rarely used, only set this parameter if you are the
This is the NetBIOS name being queried\&. Depending upon
the previous options this may be a NetBIOS name or IP address\&. If a
NetBIOS name then the different name types may be specified by
-appending \f(CW#<type>\fP to the name\&.
+appending \f(CW#<type>\fP to the name\&. This name may also be \f(CW"*"\fP,
+which will return all registered names within a broadcast area\&.
.IP
.PP
.SH "EXAMPLES"
.PP
-\fBnmblookup\fP can be used to query a WINS server (in the same way \&.B
-nslookup is used to query DNS servers)\&. To query a WINS server,
-nmblookup must be called like this:
+\fBnmblookup\fP can be used to query a WINS server (in the same way
+\fBnslookup\fP is used to query DNS servers)\&. To query a WINS server,
+\fBnmblookup\fP must be called like this:
.PP
\f(CWnmblookup -U server -R \'name\'\fP
.PP
.SH "AUTHOR"
.PP
The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@samba\&.anu\&.edu\&.au)\&. Samba is now developed
+Andrew Tridgell \fIsamba-bugs@samba\&.anu\&.edu\&.au\fP\&. Samba is now developed
by the Samba Team as an Open Source project similar to the way the
Linux kernel is developed\&.
.PP
-.TH "Samba" "7" "23 Oct 1998" "Samba" ""
+.TH "Samba " "7" "23 Oct 1998" "Samba" ""
.PP
.SH "NAME"
Samba \- A Windows SMB/CIFS fileserver for UNIX
.SH "DESCRIPTION"
.PP
The Samba software suite is a collection of programs that implements
-the Server Message Block(commenly abbreviated as SMB) protocol for
+the Server Message Block(commonly abbreviated as SMB) protocol for
UNIX systems\&. This protocol is sometimes also referred to as the
Common Internet File System (CIFS), LanManager or NetBIOS protocol\&.
.PP
described in a separate manual page\&. It is strongly recommended that
you read the documentation that comes with Samba and the manual pages
of those components that you use\&. If the manual pages aren\'t clear
-enough then please send a patch to \fIsamba-bugs@samba\&.anu\&.edu\&.au\fP\&.
+enough then please send a patch or bug report
+to \fIsamba-bugs@samba\&.anu\&.edu\&.au\fP\&.
.PP
.IP
.IP "\fBsmbd\fP"
.br
.br
The \fBsmbstatus\fP
-(1) utility allows you to tell who is currently
-using the \fBsmbd (8)\fP server\&.
+(1) utility allows you list current connections to the
+\fBsmbd (8)\fP server\&.
.IP
.IP "\fBnmblookup\fP"
.br
The Samba software suite is licensed under the GNU Public License
(GPL)\&. A copy of that license should have come with the package in the
file COPYING\&. You are encouraged to distribute copies of the Samba
-suite, but please keep obey the terms of this license\&.
+suite, but please obey the terms of this license\&.
.PP
The latest version of the Samba suite can be obtained via anonymous
ftp from samba\&.anu\&.edu\&.au in the directory pub/samba/\&. It is
If you have patches to submit or bugs to report then you may mail them
directly to \fIsamba-bugs@samba\&.anu\&.edu\&.au\fP\&. Note, however, that due to
the enormous popularity of this package the Samba Team may take some
-time to repond to mail\&. We prefer patches in \fIdiff -u\fP format\&.
+time to respond to mail\&. We prefer patches in \fIdiff -u\fP format\&.
.PP
.SH "CREDITS"
.PP
code control system used by the Samba Team to develop Samba\&. The
project would have been unmanageable without it\&.
.PP
-In addition, several commercial organisations now help fund the Samba
+In addition, several commercial organizations now help fund the Samba
Team with money and equipment\&. For details see the Samba Web pages at
http://samba\&.anu\&.edu\&.au/samba/samba-thanks\&.html\&.
.PP
-.TH "smb\&.conf" "5" "23 Oct 1998" "Samba" "SAMBA"
+.TH "smb\&.conf " "5" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
smb\&.conf \- The configuration file for the Samba suite
passwords and not usernames, you may specify a list of usernames to
check against the password using the \fB"user="\fP option in
the share definition\&. For modern clients such as Windows 95/98 and
-Windows NT, this should not be neccessary\&.
+Windows NT, this should not be necessary\&.
.PP
Note that the access rights granted by the server are masked by the
access rights granted to the specified or guest UNIX user by the host
[foo]
path = /home/bar
- writable = true
+ writeable = true
.DE
[homes]
- writable = yes
+ writeable = yes
.DE
Note that the [printers] service MUST be printable - if you specify
otherwise, the server will refuse to load the configuration file\&.
.IP
-Typically the path specified would be that of a world-writable spool
+Typically the path specified would be that of a world-writeable spool
directory with the sticky bit set on it\&. A typical [printers] entry
would look like this:
.IP
[printers]
path = /usr/spool/public
- writable = no
+ writeable = no
guest ok = yes
printable = yes
.IP
Each alias should be an acceptable printer name for your printing
subsystem\&. In the \fB[global]\fP section, specify the new
-file as your printcap\&. The server will then only recognise names
+file as your printcap\&. The server will then only recognize names
found in your pseudo-printcap, which of course can contain whatever
aliases you like\&. The same technique could be used simply to limit
access to a subset of your local printers\&.
defined on the system you may be able to use \fB"printcap name =
lpstat"\fP to automatically obtain a list of
printers\&. See the \fB"printcap name"\fP option for
-more detils\&.
+more details\&.
.IP
.PP
.SH "PARAMETERS"
Parameters define the specific attributes of sections\&.
.PP
Some parameters are specific to the \fB[global]\fP section
-(eg\&., \fBsecurity\fP)\&. Some parameters are usable in
-all sections (eg\&., \fBcreate mode\fP)\&. All others are
+(e\&.g\&., \fBsecurity\fP)\&. Some parameters are usable in
+all sections (e\&.g\&., \fBcreate mode\fP)\&. All others are
permissible only in normal sections\&. For the purposes of the following
descriptions the \fB[homes]\fP and
\fB[printers]\fP sections will be considered normal\&.
indicates that a parameter can be specified in a service specific
section\&. Note that all \f(CW\'S\'\fP parameters can also be specified in the
\fB[global]\fP section - in which case they will define
-the default behaviour for all services\&.
+the default behavior for all services\&.
.PP
Parameters are arranged here in alphabetical order - this may not
create best bedfellows, but at least you can find them! Where there
.IP
.IP o
\fB%a\fP = the architecture of the remote
-machine\&. Only some are recognised, and those may not be 100%
-reliable\&. It currently recognises Samba, WfWg, WinNT and
+machine\&. Only some are recognized, and those may not be 100%
+reliable\&. It currently recognizes Samba, WfWg, WinNT and
Win95\&. Anything else will be known as "UNKNOWN"\&. If it gets it wrong
then sending a level 3 log to \fIsamba-bugs@samba\&.anu\&.edu\&.au\fP
should allow it to be fixed\&.
This specifies what type of server \fBnmbd\fP will
announce itself as, to a network neighborhood browse list\&. By default
this is set to Windows NT\&. The valid options are : "NT", "Win95" or
-"WfW" meaining Windows NT, Windows 95 and Windows for Workgroups
+"WfW" meaning Windows NT, Windows 95 and Windows for Workgroups
respectively\&. Do not change this parameter unless you have a specific
need to stop Samba appearing as an NT server as this may prevent Samba
servers from participating as browser servers correctly\&.
parameter\&. This restricts the networks that \fBsmbd\fP
will serve to packets coming in those interfaces\&. Note that you
should not use this parameter for machines that are serving PPP or
-other intermittant or non-broadcast network interfaces as it will not
+other intermittent or non-broadcast network interfaces as it will not
cope with non-permanent interfaces\&.
.IP
In addition, to change a users SMB password, the
\fBExample:\fP
\f(CW blocking locks = False\fP
.IP
-.IP "\fBbroweable (S)\fP"
+.IP "\fBbrowseable (S)\fP"
.IP
-This controls whether this share is seen in the list of available
-shares in a net view and in the browse list\&.
-.IP
-\fBDefault:\fP
-\f(CW browsable = Yes\fP
-.IP
-\fBExample:\fP
-\f(CW browsable = No\fP
+Synonym for \fBbrowseable\fP\&.
.IP
.IP "\fBbrowse list(G)\fP"
.IP
.IP
.IP "\fBbrowseable\fP"
.IP
-Synonym for \fBbrowsable\fP\&.
+This controls whether this share is seen in the list of available
+shares in a net view and in the browse list\&.
+.IP
+\fBDefault:\fP
+\f(CW browseable = Yes\fP
+.IP
+\fBExample:\fP
+\f(CW browseable = No\fP
.IP
.IP "\fBcase sensitive (G)\fP"
.IP
to map lower to upper case characters to provide the case insensitivity
of filenames that Windows clients expect\&.
.IP
-Samba currenly ships with the following code page files :
+Samba currently ships with the following code page files :
.IP
.IP
.IP o
.IP
.IP o
\fBHEX\fP Convert an incoming Shift-JIS character to a 3 byte hex
-representation, ie\&. \f(CW:AB\fP\&.
+representation, i\&.e\&. \f(CW:AB\fP\&.
.IP
.IP o
\fBCAP\fP Convert an incoming Shift-JIS character to the 3 byte hex
-representation used by the Columbia Appletalk Program (CAP),
-ie\&. \f(CW:AB\fP\&. This is used for compatibility between Samba and CAP\&.
+representation used by the Columbia AppleTalk Program (CAP),
+i\&.e\&. \f(CW:AB\fP\&. This is used for compatibility between Samba and CAP\&.
.IP
.IP
.IP "\fBcomment (S)\fP"
.IP
A synonym for this parameter is \fB\'create mode\'\fP\&.
.IP
-When a file is created, the neccessary permissions are calculated
+When a file is created, the necessary permissions are calculated
according to the mapping from DOS modes to UNIX permissions, and the
resulting UNIX mode is then bit-wise \'AND\'ed with this parameter\&.
This parameter may be thought of as a bit-wise MASK for the UNIX modes
delete any files and directories within the vetoed directory\&. This can
be useful for integration with file serving systems such as \fBNetAtalk\fP,
which create meta-files within directories you might normally veto
-DOS/Windows users from seeing (eg\&. \f(CW\&.AppleDouble\fP)
+DOS/Windows users from seeing (e\&.g\&. \f(CW\&.AppleDouble\fP)
.IP
Setting \f(CW\'delete veto files = True\'\fP allows these directories to be
transparently deleted when the parent directory is deleted (so long
is 1024 bytes\&.
.IP
Note: Your script should \fINOT\fP be setuid or setgid and should be
-owned by (and writable only by) root!
+owned by (and writeable only by) root!
.IP
\fBDefault:\fP
\f(CW By default internal routines for determining the disk capacity
This parameter is the octal modes which are used when converting DOS
modes to UNIX modes when creating UNIX directories\&.
.IP
-When a directory is created, the neccessary permissions are calculated
+When a directory is created, the necessary permissions are calculated
according to the mapping from DOS modes to UNIX permissions, and the
resulting UNIX mode is then bit-wise \'AND\'ed with this parameter\&.
This parameter may be thought of as a bit-wise MASK for the UNIX modes
.IP
Following this Samba will bit-wise \'OR\' the UNIX mode created from
this parameter with the value of the "force directory mode"
-parameter\&. This parameter is set to 000 by default (ie\&. no extra mode
+parameter\&. This parameter is set to 000 by default (i\&.e\&. no extra mode
bits are added)\&.
.IP
See the \fB"force directory mode"\fP parameter
This is an \fBEXPERIMENTAL\fP parameter that is part of the unfinished
Samba NT Domain Controller Code\&. It may be removed in a later release\&.
To work with the latest code builds that may have more support for
-Samba NT Domain Controller functionality please subscibe to the
+Samba NT Domain Controller functionality please subscribe to the
mailing list \fBSamba-ntdom\fP available by sending email to
\fIlistproc@samba\&.anu\&.edu\&.au\fP
.IP
This is an \fBEXPERIMENTAL\fP parameter that is part of the unfinished
Samba NT Domain Controller Code\&. It may be removed in a later release\&.
To work with the latest code builds that may have more support for
-Samba NT Domain Controller functionality please subscibe to the
+Samba NT Domain Controller functionality please subscribe to the
mailing list \fBSamba-ntdom\fP available by sending email to
\fIlistproc@samba\&.anu\&.edu\&.au\fP
.IP
This is an \fBEXPERIMENTAL\fP parameter that is part of the unfinished
Samba NT Domain Controller Code\&. It may be removed in a later release\&.
To work with the latest code builds that may have more support for
-Samba NT Domain Controller functionality please subscibe to the
+Samba NT Domain Controller functionality please subscribe to the
mailing list \fBSamba-ntdom\fP available by sending email to
\fIlistproc@samba\&.anu\&.edu\&.au\fP
.IP
This is an \fBEXPERIMENTAL\fP parameter that is part of the unfinished
Samba NT Domain Controller Code\&. It may be removed in a later release\&.
To work with the latest code builds that may have more support for
-Samba NT Domain Controller functionality please subscibe to the
+Samba NT Domain Controller functionality please subscribe to the
mailing list \fBSamba-ntdom\fP available by sending email to
\fIlistproc@samba\&.anu\&.edu\&.au\fP
.IP
This is an \fBEXPERIMENTAL\fP parameter that is part of the unfinished
Samba NT Domain Controller Code\&. It may be removed in a later release\&.
To work with the latest code builds that may have more support for
-Samba NT Domain Controller functionality please subscibe to the
+Samba NT Domain Controller functionality please subscribe to the
mailing list \fBSamba-ntdom\fP available by sending email to
\fIlistproc@samba\&.anu\&.edu\&.au\fP
.IP
.IP
Note that Win95/98 Domain logons are \fINOT\fP the same as Windows
NT Domain logons\&. NT Domain logons require a Primary Domain Controller
-(PDC) for the Domain\&. It is inteded that in a future release Samba
+(PDC) for the Domain\&. It is intended that in a future release Samba
will be able to provide this functionality for Windows NT clients
also\&.
.IP
.IP "\fBdomain master (G)\fP"
.IP
Tell \fBnmbd\fP to enable WAN-wide browse list
-collation\&.Setting this option causes \fBnmbd\fP to
+collation\&. Setting this option causes \fBnmbd\fP to
claim a special domain specific NetBIOS name that identifies it as a
domain master browser for its given
\fBworkgroup\fP\&. Local master browsers in the same
Note that Windows NT Primary Domain Controllers expect to be able to
claim this \fBworkgroup\fP specific special NetBIOS
name that identifies them as domain master browsers for that
-\fBworkgroup\fP by default (ie\&. there is no way to
+\fBworkgroup\fP by default (i\&.e\&. there is no way to
prevent a Windows NT PDC from attempting to do this)\&. This means that
if this parameter is set and \fBnmbd\fP claims the
special name for a \fBworkgroup\fP before a Windows NT
.IP
.IP "\fBdont descend (S)\fP"
.IP
-There are certain directories on some systems (eg\&., the \f(CW/proc\fP tree
+There are certain directories on some systems (e\&.g\&., the \f(CW/proc\fP tree
under Linux) that are either not of interest to clients or are
infinitely deep (recursive)\&. This parameter allows you to specify a
comma-delimited list of directories that the server should always show
.IP
.IP "\fBdos filetime resolution (S)\fP"
.IP
-Under the DOS and Windows FAT filesystem, the finest granulatity on
+Under the DOS and Windows FAT filesystem, the finest granularity on
time resolution is two seconds\&. Setting this parameter for a share
causes Samba to round the reported time down to the nearest two second
boundary when a query call that requires one second resolution is made
or root may change the timestamp\&. By default, Samba runs with POSIX
semantics and refuses to change the timestamp on a file if the user
smbd is acting on behalf of is not the file owner\&. Setting this option
-to True allows DOS semantics and smbd will change the file timstamp as
+to True allows DOS semantics and smbd will change the file timestamp as
DOS requires\&.
.IP
\fBDefault:\fP
particular share\&. Setting this parameter to \fI"No"\fP prevents any file
or directory that is a symbolic link from being followed (the user
will get an error)\&. This option is very useful to stop users from
-adding a symbolic link to \f(CW/etc/pasword\fP in their home directory for
+adding a symbolic link to \f(CW/etc/passwd\fP in their home directory for
instance\&. However it will slow filename lookups down slightly\&.
.IP
-This option is enabled (ie\&. \fBsmbd\fP will follow
+This option is enabled (i\&.e\&. \fBsmbd\fP will follow
symbolic links) by default\&.
.IP
.IP "\fBforce create mode (S)\fP"
This parameter specifies a set of UNIX mode bit permissions that will
\fI*always*\fP be set on a file created by Samba\&. This is done by
bitwise \'OR\'ing these bits onto the mode bits of a file that is being
-created\&. The default for this parameter is (in octel) 000\&. The modes
+created\&. The default for this parameter is (in octal) 000\&. The modes
in this parameter are bitwise \'OR\'ed onto the file mode after the mask
set in the \fB"create mask"\fP parameter is applied\&.
.IP
This parameter specifies a set of UNIX mode bit permissions that will
\fI*always*\fP be set on a directory created by Samba\&. This is done by
bitwise \'OR\'ing these bits onto the mode bits of a directory that is
-being created\&. The default for this parameter is (in octel) 0000 which
+being created\&. The default for this parameter is (in octal) 0000 which
will not add any extra permission bits to a created directory\&. This
operation is done after the mode mask in the parameter
\fB"directory mask"\fP is applied\&.
.IP
.IP "\fBgetwd cache (G)\fP"
.IP
-This is a tuning option\&. When this is enabled a cacheing algorithm
+This is a tuning option\&. When this is enabled a caching algorithm
will be used to reduce the time taken for getwd() calls\&. This can have
a significant impact on performance, especially when the
\fBwidelinks\fP parameter is set to False\&.
spaces to be included in the entry\&. \f(CW\'*\'\fP and \f(CW\'?\'\fP can be used
to specify multiple files or directories as in DOS wildcards\&.
.IP
-Each entry must be a unix path, not a DOS path and must not include the
-unix directory separator \f(CW\'/\'\fP\&.
+Each entry must be a Unix path, not a DOS path and must not include the
+Unix directory separator \f(CW\'/\'\fP\&.
.IP
Note that the case sensitivity option is applicable in hiding files\&.
.IP
Kernel oplocks support allows Samba \fBoplocks\fP to be
broken whenever a local UNIX process or NFS operation accesses a file
that \fBsmbd\fP has oplocked\&. This allows complete
-data consistancy between SMB/CIFS, NFS and local file access (and is a
+data consistency between SMB/CIFS, NFS and local file access (and is a
\fIvery\fP cool feature :-)\&.
.IP
This parameter defaults to \fI"On"\fP on systems that have the support,
\fBDefault:\fP
\f(CW load printers = yes\fP
.IP
-bg(Example:)
+\fBExample:\fP
\f(CW load printers = no\fP
.IP
.IP "\fBlocal master (G)\fP"
time, in order that the Windows 95/98 client can create the user\&.dat
and other directories\&.
.IP
-Thereafter, the directories and any of contents can, if required, be
-made read-only\&. It is not adviseable that the USER\&.DAT file be made
+Thereafter, the directories and any of the contents can, if required, be
+made read-only\&. It is not advisable that the USER\&.DAT file be made
read-only - rename it to USER\&.MAN to achieve the desired effect (a
\fIMAN\fPdatory profile)\&.
.IP
Windows clients can sometimes maintain a connection to the [homes]
share, even though there is no user logged in\&. Therefore, it is vital
that the logon path does not include a reference to the homes share
-(i\&.e setting this parameter to \f(CW\e\e%N\eHOMES\eprofile_path\fP will cause
+(i\&.e\&. setting this parameter to \f(CW\e\e%N\eHOMES\eprofile_path\fP will cause
problems)\&.
.IP
This option takes the standard substitutions, allowing you to have
.IP
The contents of the batch file is entirely your choice\&. A suggested
command would be to add \f(CWNET TIME \e\eSERVER /SET /YES\fP, to force every
-machine to synchronise clocks with the same time server\&. Another use
+machine to synchronize clocks with the same time server\&. Another use
would be to add \f(CWNET USE U: \e\eSERVER\eUTILS\fP for commonly used
utilities, or \f(CWNET USE Q: \e\eSERVER\eISO9001_QA\fP for example\&.
.IP
less than 10 seconds old\&. A large value may be advisable if your
\fBlpq\fP command is very slow\&.
.IP
-A value of 0 will disable cacheing completely\&.
+A value of 0 will disable caching completely\&.
.IP
See also the \fB"printing"\fP parameter\&.
.IP
.IP
.IP "\fBmangled map (S)\fP"
.IP
-This is for those who want to directly map UNIX file names which are
-not representable on Windows/DOS\&. The mangling of names is not always
+This is for those who want to directly map UNIX file names which can
+not be represented on Windows/DOS\&. The mangling of names is not always
what is needed\&. In particular you may have documents with file
extensions that differ between DOS and UNIX\&. For example, under UNIX
it is common to use \f(CW"\&.html"\fP for HTML files, whereas under
\f(CW mangled map = (*\&.html *\&.htm)\fP
.IP
One very useful case is to remove the annoying \f(CW";1"\fP off the ends
-of filenames on some CDROMS (only visible under some UNIXes)\&. To do
+of filenames on some CDROMS (only visible under some UNIXs)\&. To do
this use a map of (*;1 *)\&.
.IP
\fBdefault:\fP
.IP
Note that this requires the \fB"create mask"\fP
parameter to be set such that owner execute bit is not masked out
-(ie\&. it must include 100)\&. See the parameter \fB"create
+(i\&.e\&. it must include 100)\&. See the parameter \fB"create
mask"\fP for details\&.
.IP
\fBDefault:\fP
UNIX world execute bit\&.
.IP
Note that this requires the \fB"create mask"\fP to be
-set such that the world execute bit is not masked out (ie\&. it must
+set such that the world execute bit is not masked out (i\&.e\&. it must
include 001)\&. See the parameter \fB"create mask"\fP
for details\&.
.IP
UNIX group execute bit\&.
.IP
Note that this requires the \fB"create mask"\fP to be
-set such that the group execute bit is not masked out (ie\&. it must
+set such that the group execute bit is not masked out (i\&.e\&. it must
include 010)\&. See the parameter \fB"create mask"\fP
for details\&.
.IP
.IP "\fBmap to guest (G)\fP"
.IP
This parameter is only useful in \fBsecurity\fP modes
-other than \fB"security=share"\fP - ie\&. user,
+other than \fB"security=share"\fP - i\&.e\&. user,
server, and domain\&.
.IP
This parameter can take three different values, which tell
\fB"Bad Password"\fP - Means user logins with an invalid
password are treated as a guest login and mapped into the
\fB"guest account"\fP\&. Note that this can
-cause problems as it means that any user mistyping their
+cause problems as it means that any user incorrectly typing their
password will be silently logged on a \fB"guest"\fP - and
will not know the reason they cannot access files they think
they should - there will have been no message given to them
This parameter limits the maximum number of open files that one
\fBsmbd\fP file serving process may have open for
a client at any one time\&. The default for this parameter is set
-very high (10,000) as Samba uses only one bit per un-opened file\&.
+very high (10,000) as Samba uses only one bit per unopened file\&.
.IP
The limit of the number of open files is usually set by the
UNIX per-process file descriptor limit rather than this parameter
.IP
.IP "\fBnt pipe support (G)\fP"
.IP
-This boolean parameter controlls whether \fBsmbd\fP
+This boolean parameter controls whether \fBsmbd\fP
will allow Windows NT clients to connect to the NT SMB specific
\f(CWIPC$\fP pipes\&. This is a developer debugging option and can be left
alone\&.
.IP
.IP "\fBnt smb support (G)\fP"
.IP
-This boolean parameter controlls whether \fBsmbd\fP
+This boolean parameter controls whether \fBsmbd\fP
will negotiate NT specific SMB support with Windows NT
clients\&. Although this is a developer debugging option and should be
left alone, benchmarking has discovered that Windows NT clients give
.IP
This boolean option tells smbd whether to issue oplocks (opportunistic
locks) to file open requests on this share\&. The oplock code can
-dramatically (approx 30% or more) improve the speed of access to files
-on Samba servers\&. It allows the clients to agressively cache files
+dramatically (approx\&. 30% or more) improve the speed of access to files
+on Samba servers\&. It allows the clients to aggressively cache files
locally and you may want to disable this option for unreliable network
environments (it is turned on by default in Windows NT Servers)\&. For
more information see the file Speed\&.txt in the Samba docs/ directory\&.
.IP
Oplocks may be selectively turned off on certain files on a per share basis\&.
-See the \'veto oplock files\' parameter\&. On some systems oplocks are recognised
-by the underlying operating system\&. This allows data synchronisation between
+See the \'veto oplock files\' parameter\&. On some systems oplocks are recognized
+by the underlying operating system\&. This allows data synchronization between
all access to oplocked files, whether it be via Samba or NFS or a local
UNIX process\&. See the \fBkernel oplocks\fP parameter
for details\&.
This is a Samba developer option that allows a system command to be
called when either \fBsmbd\fP or
\fBnmbd\fP crashes\&. This is usually used to draw
-attention to the fact that a problem occured\&.
+attention to the fact that a problem occurred\&.
.IP
\fBDefault:\fP
\f(CW panic action = <empty string>\fP
.IP
The name of a program that can be used to set UNIX user passwords\&.
Any occurrences of \fB%u\fP will be replaced with the
-user name\&. The user name is checked for existance before calling the
+user name\&. The user name is checked for existence before calling the
password changing program\&.
.IP
Also note that many passwd programs insist in \fI"reasonable"\fP
\fINote\fP that if the \fB"unix password sync"\fP
parameter is set to \f(CW"True"\fP then this program is called \fI*AS
ROOT*\fP before the SMB password in the
-\fBsmbpassswd\fP file is changed\&. If this UNIX
+\fBsmbpasswd\fP file is changed\&. If this UNIX
password change fails, then \fBsmbd\fP will fail to
change the SMB password also (this is by design)\&.
.IP
If the \fB"security"\fP parameter is set to
\fB"domain"\fP, then the list of machines in this option must be a list
of Primary or Backup Domain controllers for the
-\fBDomain\fP, as the Samba server is cryptographically
-in that domain, and will use crpytographically authenticated RPC calls
+\fBDomain\fP, as the Samba server is cryptographicly
+in that domain, and will use cryptographicly authenticated RPC calls
to authenticate the user logging on\&. The advantage of using
\fB"security=domain"\fP is that if you list
several hosts in the \fB"password server"\fP option then
printing\&.
.IP
For a printable service offering guest access, the service should be
-readonly and the path should be world-writable and have the sticky bit
+readonly and the path should be world-writeable and have the sticky bit
set\&. This is not mandatory of course, but you probably won\'t get the
results you expect if you do otherwise\&.
.IP
nor a global print command, spool files will be created but not
processed and (most importantly) not removed\&.
.IP
-Note that printing may fail on some UNIXes from the \f(CW"nobody"\fP
+Note that printing may fail on some UNIXs from the \f(CW"nobody"\fP
account\&. If this happens then create an alternative guest account that
can print and set the \fB"guest account"\fP in the
\fB"[global]"\fP section\&.
.IP
-You can form quite complex print commands by realising that they are
+You can form quite complex print commands by realizing that they are
just passed to a shell\&. For example the following will log a print
job, print the file, then remove it\&. Note that \f(CW\';\'\fP is the usual
separator for command in shell scripts\&.
.IP
This parameter specifies the command to be executed on the server host
in order to resume the printerqueue\&. It is the command to undo the
-behaviour that is caused by the previous parameter
+behavior that is caused by the previous parameter
(\fB"queuepause command\fP)\&.
.IP
This command should be a program or script which takes a printer name
.IP "\fBread only (S)\fP"
.IP
Note that this is an inverted synonym for
-\fB"writable"\fP and \fB"write ok"\fP\&.
+\fB"writeable"\fP and \fB"write ok"\fP\&.
.IP
-See also \fB"writable"\fP and \fB"write
+See also \fB"writeable"\fP and \fB"write
ok"\fP\&.
.IP
.IP "\fBread prediction (G)\fP"
.IP "\fBremote browse sync (G)\fP"
.IP
This option allows you to setup \fBnmbd\fP to
-periodically request synchronisation of browse lists with the master
+periodically request synchronization of browse lists with the master
browser of a samba server that is on a remote segment\&. This option
will allow you to gain browse lists for multiple workgroups across
routed networks\&. This is done in a manner that does not work with any
\f(CW remote browse sync = 192\&.168\&.2\&.255 192\&.168\&.4\&.255\fP
.IP
the above line would cause \fBnmbd\fP to request the
-master browser on the specified subnets or addresses to synchronise
+master browser on the specified subnets or addresses to synchronize
their browse lists with the local server\&.
.IP
The IP addresses you choose would normally be the broadcast addresses
.IP
.IP "\fBroot directory (G)\fP"
.IP
-The server will \f(CW"chroot()"\fP (ie\&. Change it\'s root directory) to
+The server will \f(CW"chroot()"\fP (i\&.e\&. Change it\'s root directory) to
this directory on startup\&. This is not strictly necessary for secure
operation\&. Even without it the server will deny access to files not in
one of the service entries\&. It may also check for, and deny access to,
.IP
This is the same as the \fB"preexec"\fP parameter except
that the command is run as root\&. This is useful for mounting
-filesystems (such as cdroms) before a connection is finalised\&.
+filesystems (such as cdroms) before a connection is finalized\&.
.IP
See also \fB"preexec"\fP\&.
.IP
\fB"security=share"\fP mainly because that was
the only option at one stage\&.
.IP
-There is a bug in WfWg that has relevence to this setting\&. When in
+There is a bug in WfWg that has relevance to this setting\&. When in
user or server level security a WfWg client will totally ignore the
password you type in the "connect drive" dialog box\&. This makes it
very difficult (if not impossible) to connect to a Samba service as
\fBsecurity=user\fP, see the \fB"map to
guest"\fPparameter for details\&.
.IP
-It is possible to use \fBsmbd\fP in a \fI"hybred
+It is possible to use \fBsmbd\fP in a \fI"hybrid
mode"\fP where it is offers both user and share level security under
different \fBNetBIOS aliases\fP\&. See the
\fBNetBIOS aliases\fP and the
connection, but only after the user has been successfully
authenticated\&.
.IP
-\fINote\fP that the the name of the resource being requested is
+\fINote\fP that the name of the resource being requested is
\fI*not*\fP sent to the server until after the server has successfully
authenticated the client\&. This is why guest shares don\'t work in user
level security without allowing the server to automatically map unknown
affects how the server deals with the authentication, it does not in
any way affect what the client sees\&.
.IP
-\fINote\fP that the the name of the resource being requested is
+\fINote\fP that the name of the resource being requested is
\fI*not*\fP sent to the server until after the server has successfully
authenticated the client\&. This is why guest shares don\'t work in server
level security without allowing the server to automatically map unknown
affects how the server deals with the authentication, it does not in
any way affect what the client sees\&.
.IP
-\fINote\fP that the the name of the resource being requested is
+\fINote\fP that the name of the resource being requested is
\fI*not*\fP sent to the server until after the server has successfully
authenticated the client\&. This is why guest shares don\'t work in domain
level security without allowing the server to automatically map unknown
set usernames\&. The communication with a Domain Controller
must be done in UNICODE and Samba currently does not widen
multi-byte user names to UNICODE correctly, thus a multi-byte
-username will not be recognised correctly at the Domain Controller\&.
+username will not be recognized correctly at the Domain Controller\&.
This issue will be addressed in a future release\&.
.IP
See also the section \fB"NOTE ABOUT USERNAME/PASSWORD
.IP
.IP "\fBshare modes (S)\fP"
.IP
-This enables or disables the honouring of the \f(CW"share modes"\fP during a
+This enables or disables the honoring of the \f(CW"share modes"\fP during a
file open\&. These modes are used by clients to gain exclusive read or
write access to a file\&.
.IP
\fB"man setsockopt"\fP will help)\&.
.IP
You may find that on some systems Samba will say "Unknown socket
-option" when you supply an option\&. This means you either mis-typed it
-or you need to add an include file to includes\&.h for your OS\&. If the
-latter is the case please send the patch to
+option" when you supply an option\&. This means you either incorrectly
+typed it or you need to add an include file to includes\&.h for your OS\&.
+If the latter is the case please send the patch to
\fIsamba-bugs@samba\&.anu\&.edu\&.au\fP\&.
.IP
Any of the supported socket options may be combined in any way you
enabled by default in any current binary version of Samba\&.
.IP
This variable defines where to look up the Certification
-Autorities\&. The given directory should contain one file for each CA
+Authorities\&. The given directory should contain one file for each CA
that samba will trust\&. The file name must be the hash value over the
"Distinguished Name" of the CA\&. How this directory is set up is
explained later in this document\&. All files within the directory that
certificates of the trusted CAs are collected in one big file and this
variable points to the file\&. You will probably only use one of the two
ways to define your CAs\&. The first choice is preferable if you have
-many CAs or want to be flexible, the second is perferable if you only
+many CAs or want to be flexible, the second is preferable if you only
have one CA and want to keep things simple (you won\'t need to create
the hashed file names)\&. You don\'t need this variable if you don\'t
verify client certificates\&.
\fBDefault:\fP
status = yes
.IP
-dir(\fBstrict locking (S)\fP)
+.IP "\fBstrict locking (S)\fP"
.IP
This is a boolean that controls the handling of file locking in the
server\&. When this is set to \f(CW"yes"\fP the server will check every read and
seem to confuse flushing buffer contents to disk with doing a sync to
disk\&. Under UNIX, a sync call forces the process to be suspended until
the kernel has ensured that all outstanding data in kernel disk
-buffers has been safely stored onto stable storate\&. This is very slow
+buffers has been safely stored onto stable storage\&. This is very slow
and should only be done rarely\&. Setting this parameter to "no" (the
default) means that smbd ignores the Windows applications requests for
a sync call\&. There is only a possibility of losing data if the
\fBDefault:\fP
\f(CW sync always = no\fP
.IP
-\fBxample:\fP
+\fBExample:\fP
\f(CW sync always = yes\fP
.IP
.IP "\fBsyslog (G)\fP"
This parameter maps how Samba debug messages are logged onto the
system syslog logging levels\&. Samba debug level zero maps onto syslog
LOG_ERR, debug level one maps onto LOG_WARNING, debug level two maps
-to LOG_NOTICE, debug level three maps onto LOG_INFO\&. The paramter
+to LOG_NOTICE, debug level three maps onto LOG_INFO\&. The parameter
sets the threshold for doing the mapping, all Samba debug messages
-above this threashold are mapped to syslog LOG_DEBUG messages\&.
+above this threshold are mapped to syslog LOG_DEBUG messages\&.
.IP
\fBDefault:\fP
\f(CW syslog = 1\fP
.IP
.IP "\fBunix password sync (G)\fP"
.IP
-This boolean parameter controlls whether Samba attempts to synchronise
+This boolean parameter controls whether Samba attempts to synchronize
the UNIX password with the SMB password when the encrypted SMB
password in the smbpasswd file is changed\&. If this is set to true the
program specified in the \fB"passwd program"\fP
capitalized, and fails if the username is not found on the UNIX
machine\&.
.IP
-If this parameter is set to non-zero the behaviour changes\&. This
+If this parameter is set to non-zero the behavior changes\&. This
parameter is a number that specifies the number of uppercase
combinations to try whilst trying to determine the UNIX user name\&. The
higher the number the more combinations will be tried, but the slower
.IP
.IP "\fBusername map (G)\fP"
.IP
-This option allows you to to specify a file containing a mapping of
+This option allows you to specify a file containing a mapping of
usernames from the clients to the server\&. This can be used for several
purposes\&. The most common is to map usernames that users use on DOS or
Windows machines to those that the UNIX box uses\&. The other is to map
Samba defaults to using a reasonable set of valid characters
- for english systems
+ for English systems
.DE
\fBExample\fP
\f(CW valid chars = 0345:0305 0366:0326 0344:0304\fP
.IP
-The above example allows filenames to have the swedish characters in
+The above example allows filenames to have the Swedish characters in
them\&.
.IP
NOTE: It is actually quite difficult to correctly produce a \fB"valid
.IP "\fBworkgroup (G)\fP"
.IP
This controls what workgroup your server will appear to be in when
-queried by clients\&. Note that this parameter also controlls the Domain
+queried by clients\&. Note that this parameter also controls the Domain
name used with the \fB"security=domain"\fP
setting\&.
.IP
\fBDefault:\fP
\f(CW set at compile time to WORKGROUP\fP
.IP
-\&.B Example:
+\fBExample:\fP
workgroup = MYGROUP
.IP
.IP "\fBwritable (S)\fP"
.IP
-An inverted synonym is \fB"read only"\fP\&.
-.IP
-If this parameter is \f(CW"no"\fP, then users of a service may not create
-or modify files in the service\'s directory\&.
-.IP
-Note that a printable service \fB("printable = yes")\fP
-will \fI*ALWAYS*\fP allow writing to the directory (user privileges
-permitting), but only via spooling operations\&.
-.IP
-\fBDefault:\fP
-\f(CW writable = no\fP
-.IP
-\fBExamples:\fP
-
-.DS
-
-
- read only = no
- writable = yes
- write ok = yes
-
-.DE
-
-
+Synonym for \fB"writeable"\fP for people who can\'t spell :-)\&.
.IP
.IP "\fBwrite list (S)\fP"
.IP
.IP
.IP "\fBwrite ok (S)\fP"
.IP
-Synonym for \fBwritable\fP\&.
+Synonym for \fBwriteable\fP\&.
.IP
.IP "\fBwrite raw (G)\fP"
.IP
.IP
.IP "\fBwriteable\fP"
.IP
-Synonym for \fB"writable"\fP for people who can\'t spell :-)\&.
+An inverted synonym is \fB"read only"\fP\&.
+.IP
+If this parameter is \f(CW"no"\fP, then users of a service may not create
+or modify files in the service\'s directory\&.
+.IP
+Note that a printable service \fB("printable = yes")\fP
+will \fI*ALWAYS*\fP allow writing to the directory (user privileges
+permitting), but only via spooling operations\&.
+.IP
+\fBDefault:\fP
+\f(CW writeable = no\fP
+.IP
+\fBExamples:\fP
+
+.DS
+
+
+ read only = no
+ writeable = yes
+ write ok = yes
+
+.DE
+
+
.IP
.SH "WARNINGS"
.IP
-.TH "smbclient" "1" "23 Oct 1998" "Samba" "SAMBA"
+.TH "smbclient " "1" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
smbclient \- ftp-like client to access SMB/CIFS resources on servers
may be used\&.
.IP
.IP
-If this parameter is not set then the name resolver order defined
+If this parameter is not set then the name resolve order defined
in the \fBsmb\&.conf\fP file parameter
(\fBname resolve order\fP)
will be used\&.
username is supplied and neither environment variable exists the
username "GUEST" will be used\&.
.IP
-If the \f(CWUSER\fP environment variable containts a \'%\' character,
+If the \f(CWUSER\fP environment variable contains a \'%\' character,
everything after that will be treated as a password\&. This allows you
to set the environment variable to be \f(CWUSER=username%password\fP so
that a password is not passed on the command line (where it may be
.IP
.IP "\fB-m max protocol level\fP"
With the new code in Samba2\&.0,
-\fBsmbclient\fP allways attempts to connect at the maximum
+\fBsmbclient\fP always attempts to connect at the maximum
protocols level the server supports\&. This parameter is
preserved for backwards compatibility, but any string
following the \fB-m\fP will be ignored\&.
share\&. Unless the \fB-D\fP option is given, the tar files will be
restored from the top level of the share\&. Must be followed by the name
of the tar file, device or \f(CW"-"\fP for standard input\&. Mutually exclusive
-with the \fBc\fP flag\&. Restored files have theuir creation times (mtime)
+with the \fBc\fP flag\&. Restored files have their creation times (mtime)
set to the date saved in the tar file\&. Directories currently do not
get their creation dates restored properly\&.
.IP
.IP "\fBI\fP"
Include files and directories\&. Is the default
-behaviour when filenames are specified above\&. Causes tar files to
+behavior when filenames are specified above\&. Causes tar files to
be included in an extract or create (and therefore everything else to
be excluded)\&. See example below\&. Filename globbing does not work for
included files for extractions (yet)\&.
You can specify file names which have spaces in them by quoting the
name with double quotes, for example "a long file name"\&.
.PP
-Parameters shown in square brackets (eg\&., "[parameter]") are
+Parameters shown in square brackets (e\&.g\&., "[parameter]") are
optional\&. If not given, the command will use suitable
-defaults\&. Parameters shown in angle brackets (eg\&., "<parameter>") are
+defaults\&. Parameters shown in angle brackets (e\&.g\&., "<parameter>") are
required\&.
.PP
Note that all commands operating on the server are actually performed
-by issuing a request to the server\&. Thus the behaviour may vary from
+by issuing a request to the server\&. Thus the behavior may vary from
server to server, depending on how the server was implemented\&.
.PP
The commands available are given here in alphabetical order\&.
text\&. Subsequent print commands will use the currently set print
mode\&.
.IP
-dir(\fBprompt\fP) Toggle prompting for filenames during
+.IP "\fBprompt\fP"
+Toggle prompting for filenames during
operation of the \fBmget\fP and \fBmput\fP
commands\&.
.IP
Note that all transfers in smbclient are binary\&. See also the
\fBlowercase\fP command\&.
.IP
-dir(\fBqueue\fP) Displays the print queue, showing the job
+.IP "\fBqueue\fP"
+Displays the print queue, showing the job
id, name, size and current status\&.
.IP
.IP "\fBquit\fP"
See the \fBexit\fP command\&.
.IP
-dir(\fBrd <directory name>\fP) See the \fBrmdir\fP
+.IP "\fBrd <directory name>\fP"
+See the \fBrmdir\fP
command\&.
.IP
-dir(\fBrecurse\fP) Toggle directory recursion for the
+.IP "\fBrecurse\fP"
+Toggle directory recursion for the
commands \fBmget\fP and \fBmput\fP\&.
.IP
When toggled ON, these commands will process all directories in the
and any mask specified using the \fBmask\fP command will be
ignored\&.
.IP
-dir(\fBrm <mask>\fP) Remove all files matching mask from
+.IP "\fBrm <mask>\fP"
+Remove all files matching mask from
the current working directory on the server\&.
.IP
.IP "\fBrmdir <directory name>\fP"
.IP
.IP "\fBtar <c|x>[IXbgNa]\fP"
Performs a tar operation - see
-the \fB-T\fP command line option above\&. Behaviour may be
+the \fB-T\fP command line option above\&. Behavior may be
affected by the \fBtarmode\fP command (see below)\&. Using
g (incremental) and N (newer) will affect tarmode settings\&. Note that
using the "-" option with tar x may not work - use the command line
followed by a valid (greater than zero) blocksize\&. Causes tar file to
be written out in blocksize*TBLOCK (usually 512 byte) blocks\&.
.IP
-dir(\fBtarmode <full|inc|reset|noreset>\fP) Changes tar\'s
-behaviour with regard to archive bits\&. In full mode, tar will back up
+.IP "\fBtarmode <full|inc|reset|noreset>\fP"
+Changes tar\'s
+behavior with regard to archive bits\&. In full mode, tar will back up
everything regardless of the archive bit setting (this is the default
mode)\&. In incremental mode, tar will only back up files with the
archive bit set\&. In reset mode, tar will reset the archive bit on all
.SH "NOTES"
.PP
Some servers are fussy about the case of supplied usernames,
-passwords, share names (aka service names) and machine names\&. If you
+passwords, share names (AKA service names) and machine names\&. If you
fail to connect try giving all parameters in uppercase\&.
.PP
It is often necessary to use the \fB-n\fP option when connecting to some
setgid!
.PP
The client log files should be put in a directory readable and
-writable only by the user\&.
+writeable only by the user\&.
.PP
To test the client, you will need to know the name of a running
SMB/CIFS server\&. It is possible to run \fBsmbd (8)\fP
-.TH "smbd" "8" "23 Oct 1998" "Samba" "SAMBA"
+.TH "smbd " "8" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
smbd \- server to provide SMB/CIFS services to clients
.PP
This program is part of the \fBSamba\fP suite\&.
.PP
-\fBsmbd\fP is the server daemon that provides filesharing services to
+\fBsmbd\fP is the server daemon that provides filesharing and printing
+services to
Windows clients\&. The server provides filespace and printer services to
clients using the SMB (or CIFS) protocol\&. This is compatible with the
LanManager protocol, and can service LanManager clients\&. These
.PP
An extensive description of the services that the server can provide
is given in the man page for the configuration file controlling the
-attributes of those services (see \fBsmb\&.conf (5)\fP)\&. This man page
+attributes of those services (see
+\fBsmb\&.conf (5)\fP\&. This man page
will not describe the services, but will concentrate on the
administrative aspects of running the server\&.
.PP
Please note that there are significant security implications to
-running this server, and the \fBsmb\&.conf (5)\fP manpage should be
+running this server, and the
+\fBsmb\&.conf (5)\fP manpage should be
regarded as mandatory reading before proceeding with installation\&.
.PP
A session is created whenever a client requests one\&. Each client gets
a copy of the server for each session\&. This copy then services all
connections made by the client during that session\&. When all
-connections from its client are are closed, the copy of the server for
+connections from its client are closed, the copy of the server for
that client terminates\&.
.PP
The configuration file, and any files that it includes, are
situation\&.
.IP
.IP "\fB-s configuration file\fP"
-The default configuration file name is
-determined at compile time\&.
-.IP
The file specified contains the configuration details required by the
server\&. The information in this file includes server-specific
information such as what printcap file to use, as well as descriptions
of all the services that the server is to provide\&. See \fBsmb\&.conf
(5)\fP for more information\&.
+The default configuration file name is determined at compile time\&.
.IP
.IP "\fB-i scope\fP"
This specifies a NetBIOS scope that the server will use
.PP
If the server is to be run by the inetd meta-daemon, this file must
contain suitable startup information for the meta-daemon\&. See the
-section \fIINSTALLATION\fP below\&.
+section INSTALLATION below\&.
.PP
\fB/etc/rc\fP
.PP
-(or whatever initialisation script your system uses)\&.
+(or whatever initialization script your system uses)\&.
.PP
If running the server as a daemon at startup, this file will need to
contain an appropriate startup sequence for the server\&. See the
-section \fIINSTALLATION\fP below\&.
+section INSTALLATION below\&.
.PP
\fB/etc/services\fP
.PP
If running the server via the meta-daemon inetd, this file must
-contain a mapping of service name (eg\&., netbios-ssn) to service port
-(eg\&., 139) and protocol type (eg\&., tcp)\&. See the section
-\fIINSTALLATION\fP below\&.
+contain a mapping of service name (e\&.g\&., netbios-ssn) to service port
+(e\&.g\&., 139) and protocol type (e\&.g\&., tcp)\&. See the section
+INSTALLATION below\&.
.PP
\fB/usr/local/samba/lib/smb\&.conf\fP
.PP
to be immune\&.
.PP
The server log files should be put in a directory readable and
-writable only by root, as the log files may contain sensitive
+writeable only by root, as the log files may contain sensitive
information\&.
.PP
The configuration file should be placed in a directory readable and
-writable only by root, as the configuration file controls security for
+writeable only by root, as the configuration file controls security for
the services offered by the server\&. The configuration file can be made
readable by all if desired, but this is not necessary for correct
operation of the server and is not recommended\&. A sample configuration
For serious use as file server it is recommended that \fBsmbd\fP be run
as a daemon\&.
.PP
-When you\'ve decided, continue with either \fIRUNNING THE SERVER AS A
-DAEMON\fP or \fIRUNNING THE SERVER ON REQUEST\fP\&.
+When you\'ve decided, continue with either
+RUNNING THE SERVER AS A DAEMON or
+RUNNING THE SERVER ON REQUEST\&.
.PP
.SH "RUNNING THE SERVER AS A DAEMON"
.PP
.PP
\f(CW/usr/local/samba/bin/smbd -D -l /var/adm/smblogs/log -s /usr/local/samba/lib/smb\&.conf\fP
.PP
-(The above should appear in your initialisation script as a single line\&.
+(The above should appear in your initialization script as a single line\&.
Depending on your terminal characteristics, it may not appear that way in
this man page\&. If the above appears as more than one line, please treat any
newlines or indentation as a single space or TAB character\&.)
.PP
If the options used at compile time are appropriate for your system,
-all parameters except the desired debug level and \fB-D\fP may be
-omitted\&. See the section \fIOPTIONS\fP above\&.
+all parameters except \fB-D\fP may be
+omitted\&. See the section OPTIONS above\&.
.PP
.SH "RUNNING THE SERVER ON REQUEST"
.PP
-If your system uses a meta-daemon such as inetd, you can arrange to
+If your system uses a meta-daemon such as \fBinetd\fP, you can arrange to
have the smbd server started whenever a process attempts to connect to
it\&. This requires several changes to the startup files on the host
machine\&. If you are experimenting as an ordinary user rather than as
[homes]
- writable = yes
+ writeable = yes
[printers]
- writable = no
+ writeable = no
printable = yes
path = /tmp
public = yes
now be able to connect to the service \f(CW\e\efred\emary\fP\&.
.PP
To properly test and experiment with the server, we recommend using
-the smbclient program (see \fBsmbclient (1)\fP) and also going through
+the smbclient program (see
+\fBsmbclient (1)\fP) and also going through
the steps outlined in the file \fIDIAGNOSIS\&.txt\fP in the \fIdocs/\fP
directory of your Samba installation\&.
.PP
level used by the server\&. If you have problems, set the debug level to
3 and peruse the log files\&.
.PP
-Most messages are reasonably self-explanatory\&. Unfortunately, at time
-of creation of this man page there are too many diagnostics available
+Most messages are reasonably self-explanatory\&. Unfortunately, at the time
+this man page was created, there are too many diagnostics available
in the source code to warrant describing each and every diagnostic\&. At
this stage your best bet is still to grep the source code and inspect
the conditions that gave rise to the diagnostics you are seeing\&.
.PP
To shut down a users smbd process it is recommended that SIGKILL (-9)
\fINOT\fP be used, except as a last resort, as this may leave the shared
-memory area in an inconsistant state\&. The safe way to terminate an
+memory area in an inconsistent state\&. The safe way to terminate an
smbd is to send it a SIGTERM (-15) signal and wait for it to die on
its own\&.
.PP
.SH "AUTHOR"
.PP
The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@samba\&.anu\&.edu\&.au)\&. Samba is now developed
+Andrew Tridgell \fIsamba-bugs@samba\&.anu\&.edu\&.au\fP\&. Samba is now developed
by the Samba Team as an Open Source project similar to the way the
Linux kernel is developed\&.
.PP
-.TH SMBMNT 8 "09 Oct 1998" "smbmnt 2.0.0-alpha11"
+.TH SMBMNT 8 "13 Nov 1998" "smbmnt 2.0.0-beta1"
.SH NAME
smbmnt \- mount smb file system
.SH SYNOPSIS
-.TH SMBMOUNT 8 "09 Oct 1998" "smbmount 2.0.0-alpha11"
+.TH SMBMOUNT 8 "13 Nov 1998" "smbmount 2.0.0-beta1"
.SH NAME
smbmount \- mount smb file system
.SH SYNOPSIS
-.TH "smbpasswd" "5" "23 Oct 1998" "Samba" "SAMBA"
+.TH "smbpasswd " "5" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
smbpasswd \- The Samba encrypted password file
This file is part of the \fBSamba\fP suite\&.
.PP
smbpasswd is the \fBSamba\fP encrypted password file\&. It contains
-the username, unix user id and the SMB hashed passwords of the
+the username, Unix user id and the SMB hashed passwords of the
user, as well as account flag information and the time the password
was last changed\&. This file format has been evolving with Samba
and has had several different formats in the past\&.
.SH "FILE FORMAT"
.PP
The format of the smbpasswd file used by Samba 2\&.0 is very similar to
-the familiar unix \fBpasswd (5)\fP file\&. It is an ASCII file containing
+the familiar Unix \fBpasswd (5)\fP file\&. It is an ASCII file containing
one line for each user\&. Each field within each line is separated from
the next by a colon\&. Any entry beginning with # is ignored\&. The
smbpasswd file contains the following information for each user:
.br
.IP
This is the UNIX uid\&. It must match the uid field for the same
-user entry in the standard UNIX passwd file\&.
+user entry in the standard UNIX passwd file\&. If this does not
+match then Samba will refuse to recognize this \fBsmbpasswd\fP file entry
+as being valid for a user\&.
.IP
.IP "\fBLanman Password Hash\fP"
.br
string with the users password as the DES key\&. This is the same
password used by Windows 95/98 machines\&. Note that this password hash
is regarded as weak as it is vulnerable to dictionary attacks and if
-two users choose the same password this entry will be identical (ie\&.
+two users choose the same password this entry will be identical (i\&.e\&.
the password is not \fI"salted"\fP as the UNIX password is)\&. If the
user has a null password this field will contain the characters
\f(CW"NO PASSWORD"\fP as the start of the hex string\&. If the hex string
.IP
\fIWARNING !!\fP\&. Note that, due to the challenge-response nature of the
SMB/CIFS authentication protocol, anyone with a knowledge of this
-password hash will be able to impersonate the user of the network\&.
+password hash will be able to impersonate the user on the network\&.
For this reason these hashes are known as \fI"plain text equivalent"\fP
and must \fINOT\fP be made available to anyone but the root user\&. To
protect these passwords the \fBsmbpasswd\fP file is placed in a
Password Hash\fP as it preserves the case of the
password and uses a much higher quality hashing algorithm\&. However, it
is still the case that if two users choose the same password this
-entry will be identical (ie\&. the password is not \fI"salted"\fP as the
+entry will be identical (i\&.e\&. the password is not \fI"salted"\fP as the
UNIX password is)\&.
.IP
\fIWARNING !!\fP\&. Note that, due to the challenge-response nature of the
SMB/CIFS authentication protocol, anyone with a knowledge of this
-password hash will be able to impersonate the user of the network\&.
+password hash will be able to impersonate the user on the network\&.
For this reason these hashes are known as \fI"plain text equivalent"\fP
and must \fINOT\fP be made available to anyone but the root user\&. To
protect these passwords the \fBsmbpasswd\fP file is placed in a
.IP
.IP
.IP o
-\fB\'U\'\fP This means this is a \fI"User"\fP account, ie\&. an ordinary
-user\&. Only \fBUser\fP and \fBWorskstation Trust\fP accounts are
+\fB\'U\'\fP This means this is a \fI"User"\fP account, i\&.e\&. an ordinary
+user\&. Only \fBUser\fP and \fBWorkstation Trust\fP accounts are
currently supported in the \fBsmbpasswd\fP file\&.
.IP
.IP o
in the \fBsmb\&.conf (5)\fP config file\&.
.IP
.IP o
-\fB\'D\'\fP This means the account is diabled and no SMB/CIFS logins
+\fB\'D\'\fP This means the account is disabled and no SMB/CIFS logins
will be allowed for this user\&.
.IP
.IP o
.SH "AUTHOR"
.PP
The original Samba software and related utilities were created by
-Andrew Tridgell (samba-bugs@samba\&.anu\&.edu\&.au)\&. Samba is now developed
+Andrew Tridgell \fIsamba-bugs@samba\&.anu\&.edu\&.au\fP\&. Samba is now developed
by the Samba Team as an Open Source project similar to the way the
Linux kernel is developed\&.
.PP
The original Samba man pages were written by Karl Auer\&. The man page
sources were converted to YODL format (another excellent piece of Open
-Source software) and updated for the Samba2\&.0 release by Jeremy
+Source software, available at
+\fBftp://ftp\&.icce\&.rug\&.nl/pub/unix/\fP)
+and updated for the Samba2\&.0 release by Jeremy
Allison, \fIsamba-bugs@samba\&.anu\&.edu\&.au\fP\&.
.PP
See \fBsamba (7)\fP to find out how to get a full
-.TH "smbpasswd" "8" "23 Oct 1998" "Samba" "SAMBA"
+.TH "smbpasswd " "8" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
smbpasswd \- change a users SMB password
.PP
By default (when run with no arguments) it will attempt to change the
current users SMB password on the local machine\&. This is similar to
-the way the \fBpasswd (1)\fP program works\&. \fBsmbpasswd\fP differs from
+the way the \fBpasswd (1)\fP program works\&. \fBsmbpasswd\fP differs from how
the \fBpasswd\fP program works however in that it is not \fIsetuid root\fP
but works in a client-server mode and communicates with a locally
running \fBsmbd\fP\&. As a consequence in order for this
PASSWORD" in the \fBsmbpasswd\fP file) then just
press the <Enter> key when asked for your old password\&.
.PP
-\fBsmbpasswd\fP also can be used by a normal user to change their SMB
+\fBsmbpasswd\fP can also be used by a normal user to change their SMB
password on remote machines, such as Windows NT Primary Domain
Controllers\&. See the (\fB-r\fP) and
\fB-U\fP options below\&.
.PP
When run by root, \fBsmbpasswd\fP allows new users to be added and
deleted in the \fBsmbpasswd\fP file, as well as
-changes to the attributes of the user in this file to be made\&. When
+allows changes to the attributes of the user in this file to be made\&. When
run by root, \fBsmbpasswd\fP accesses the local
\fBsmbpasswd\fP file directly, thus enabling
changes to be made even if \fBsmbd\fP is not running\&.
the new password typed (type <Enter> for the old password)\&. This
option is ignored if the username following already exists in the
\fBsmbpasswd\fP file and it is treated like a
-regular change password command\&. Note that the user to be added \&.B
-must already exist in the system password file (usually /etc/passwd)
+regular change password command\&. Note that the user to be added
+\fBmust\fP already exist in the system password file (usually /etc/passwd)
else the request to add the user will fail\&.
.IP
This option is only available when running \fBsmbpasswd\fP as
Domain Controllers only have a read-only copy of the user account
database and will not allow the password change)\&.
.IP
+\fINote\fP that Windows 95/98 do not have a real password database
+so it is not possible to change passwords specifying a Win95/98
+machine as remote machine target\&.
+.IP
.IP "\fB-R name resolve order\fP"
This option allows the user of
smbclient to determine what name resolution services to use when
.IP o
\fBhost\fP : Do a standard host name to IP address resolution,
using the system /etc/hosts, NIS, or DNS lookups\&. This method of name
-resolution is operating system depended for instance on IRIX or
-Solaris this may be controlled by the \fI/etc/nsswitch\&.conf\fP file)\&.
+resolution is operating system dependent\&. For instance on IRIX or
+Solaris, this may be controlled by the \fI/etc/nsswitch\&.conf\fP file)\&.
.IP
.IP o
-\fBwins\fP : Query a name with the IP address listed in the \fBwins
-server\fP parameter in the smb\&.conf file\&. If
+\fBwins\fP : Query a name with the IP address listed in the
+\fBwins server\fP parameter in the
+\fBsmb\&.conf file\fP\&. If
no WINS server has been specified this method will be ignored\&.
.IP
.IP o
subnet\&.
.IP
.IP
-If this parameter is not set then the name resolver order defined
+If this parameter is not set then the name resolve order defined
in the \fBsmb\&.conf\fP file parameter
\fBname resolve order\fP
will be used\&.
the machine account password used to create the secure Domain
communication\&. This password is then stored by \fBsmbpasswd\fP in a
file, read only by root, called \f(CW<Domain>\&.<Machine>\&.mac\fP where
-\f(CW<Domain>\fP is the name of the Domain we are joining and tt<Machine>
+\f(CW<Domain>\fP is the name of the Domain we are joining and \f(CW<Machine>\fP
is the primary NetBIOS name of the machine we are running on\&.
.IP
Once this operation has been performed the
selecting the correct one for running as root or as an ordinary user\&.
.IP
.IP "\fB-s\fP"
-This option causes \fBsmbpasswd\fP to be silent (ie\&. not
+This option causes \fBsmbpasswd\fP to be silent (i\&.e\&. not
issue prompts) and to read it\'s old and new passwords from standard
input, rather than from \f(CW/dev/tty\fP (like the \fBpasswd (1)\fP program
does)\&. This option is to aid people writing scripts to drive \fBsmbpasswd\fP
.IP
-dir(\fBusername\fP) This specifies the username for all of the \fIroot
+.IP "\fBusername\fP"
+This specifies the username for all of the \fIroot
only\fP options to operate on\&. Only root can specify this parameter as
only root has the permission needed to modify attributes directly
in the local \fBsmbpasswd\fP file\&.
.IP
.SH "NOTES"
.IP
-As \fBsmbpasswd\fP works in client-server mode communicating with a
+Since \fBsmbpasswd\fP works in client-server mode communicating with a
local \fBsmbd\fP for a non-root user then the \fBsmbd\fP
daemon must be running for this to work\&. A common problem is to add a
restriction to the hosts that may access the \fBsmbd\fP running on the
-.TH "smbrun" "1" "23 Oct 1998" "Samba" "SAMBA"
+.TH "smbrun " "1" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
smbrun \- interface program between smbd and external programs
-.TH "smbstatus" "1" "23 Oct 1998" "Samba" "SAMBA"
+.TH "smbstatus " "1" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
smbstatus \- report on current Samba connections
-.TH "smbtar" "1" "23 Oct 1998" "Samba" "SAMBA"
+.TH "smbtar " "1" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
smbtar \- shell script for backing up SMB/CIFS shares directly to UNIX tape drives
-.TH SMBUMOUNT 8 "09 Oct 1998" "smbumount 2.0.0-alpha11"
+.TH SMBUMOUNT 8 "13 Nov 1998" "smbumount 2.0.0-beta1"
.SH NAME
smbumount \- umount for normal users
.SH SYNOPSIS
-.TH "swat" "8" "23 Oct 1998" "Samba" "SAMBA"
+.TH "swat " "8" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
swat \- swat - Samba Web Administration Tool
configurable options in the \fBsmb\&.conf\fP file
allowing an administrator to easily look up the effects of any change\&.
.PP
-\fBswat\fP can be run as a stand-alone daemon, from \fBinetd\fP,
-or invoked via CGI from a Web server\&.
+\fBswat\fP is run from \fBinetd\fP
.PP
.SH "OPTIONS"
.PP
.IP
.IP "\fB-a\fP"
.IP
-This option is only used if \fBswat\fP is running as it\'s own mini-web
-server (see the \fBINSTALLATION\fP section below)\&.
+This option disables authentication and puts \fBswat\fP in demo mode\&. In
+that mode anyone will be able to modify the
+\fBsmb\&.conf\fP file\&.
.IP
-This option removes the need for authentication needed to modify the
-\fBsmb\&.conf\fP file\&. \fI**THIS IS ONLY MEANT FOR
-DEMOING SWAT AND MUST NOT BE SET IN NORMAL SYSTEMS**\fP as it would
-allow \fI*ANYONE*\fP to modify the \fBsmb\&.conf\fP
-file, thus giving them root access\&.
+Do NOT enable this option on a production server\&.
.IP
.PP
.SH "INSTALLATION"
.PP
-.SH "RUNNING VIA INETD"
+.SH "INETD INSTALLATION"
.PP
You need to edit your \f(CW/etc/inetd\&.conf\fP and \f(CW/etc/services\fP to
-enable \fBSWAT\fP to be launched via inetd\&. Note that \fBswat\fP can also
-be launched via the cgi-bin mechanisms of a web server (such as
-apache) and that is described below in the section \fBRUNNING VIA
-CGI-BIN\fP\&.
+enable \fBSWAT\fP to be launched via inetd\&.
.PP
In \f(CW/etc/services\fP you need to add a line like this:
.PP
.PP
\f(CWswat stream tcp nowait\&.400 root /usr/local/samba/bin/swat swat\fP
.PP
-If you just want to see a demo of how swat works and don\'t want to be
-able to actually change any Samba config via swat then you may chose
-to change \f(CW"root"\fP to some other user that does not have permission
-to write to \fBsmb\&.conf\fP\&.
-.PP
One you have edited \f(CW/etc/services\fP and \f(CW/etc/inetd\&.conf\fP you need
to send a HUP signal to inetd\&. To do this use \f(CW"kill -1 PID"\fP where
PID is the process ID of the inetd daemon\&.
.PP
-.SH "RUNNING VIA CGI-BIN"
-.PP
-To run \fBswat\fP via your web servers cgi-bin capability you need to
-copy the \fBswat\fP binary to your cgi-bin directory\&. Note that you
-should run \fBswat\fP either via \fBinetd\fP or via
-cgi-bin but not both\&.
-.PP
-Then you need to create a \f(CWswat/\fP directory in your web servers root
-directory and copy the \f(CWimages/*\fP and \f(CWhelp/*\fP files found in the
-\f(CWswat/\fP directory of your Samba source distribution into there so
-that they are visible via the URL \f(CWhttp://your\&.web\&.server/swat/\fP
-.PP
-Next you need to make sure you modify your web servers authentication
-to require a username/pssword for the URL
-\f(CWhttp://your\&.web\&.server/cgi-bin/swat\fP\&. \fI**Don\'t forget this
-step!**\fP If you do forget it then you will be allowing anyone to edit
-your Samba configuration which would allow them to easily gain root
-access on your machine\&.
-.PP
-After testing the authentication you need to change the ownership and
-permissions on the \fBswat\fP binary\&. It should be owned by root wth the
-setuid bit set\&. It should be ONLY executable by the user that the web
-server runs as\&. Make sure you do this carefully!
-.PP
-for example, the following would be correct if the web server ran as
-group \f(CW"nobody"\fP\&.
-.PP
-\f(CW-rws--x--- 1 root nobody \fP
-.PP
-You must also realise that this means that any user who can run
-programs as the \f(CW"nobody"\fP group can run \fBswat\fP and modify your
-Samba config\&. Be sure to think about this!
-.PP
.SH "LAUNCHING"
.PP
-To launch \fBswat\fP just run your favourite web browser and point it at
-\f(CWhttp://localhost:901/\fP or \f(CWhttp://localhost/cgi-bin/swat/\fP
-depending on how you installed it\&.
+To launch \fBswat\fP just run your favorite web browser and point it at
+\f(CWhttp://localhost:901/\fP\&.
.PP
-Note that you can attach to \fBswat\fP from any IP connected machine but
+\fBNote that you can attach to \fBswat\fP from any IP connected machine but
connecting from a remote machine leaves your connection open to
password sniffing as passwords will be sent in the clear over the
-wire\&.
-.PP
-If installed via \fBinetd\fP then you should be prompted for a
-username/password when you connect\&. You will need to provide the
-username \f(CW"root"\fP and the correct root password\&. More sophisticated
-authentication options are planned for future versions of \fBswat\fP\&.
-.PP
-If installed via cgi-bin then you should receive whatever
-authentication request you configured in your web server\&.
+wire\&.\fP
.PP
.SH "FILES"
.PP
\fB/etc/inetd\&.conf\fP
.PP
-If the server is to be run by the inetd meta-daemon, this file must
-contain suitable startup information for the meta-daemon\&. See the
-section \fBRUNNING VIA INETD\fP above\&.
+This file must contain suitable startup information for the
+meta-daemon\&.
.PP
\fB/etc/services\fP
.PP
-If running the server via the meta-daemon inetd, this file must
-contain a mapping of service name (eg\&., swat) to service port
-(eg\&., 901) and protocol type (eg\&., tcp)\&. See the section
-\fBRUNNING VIA INETD\fP above\&.
+This file must contain a mapping of service name (e\&.g\&., swat) to
+service port (e\&.g\&., 901) and protocol type (e\&.g\&., tcp)\&.
.PP
\fB/usr/local/samba/lib/smb\&.conf\fP
.PP
-.TH "testparm" "1" "23 Oct 1998" "Samba" "SAMBA"
+.TH "testparm " "1" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
testparm \- check an smb\&.conf configuration file for internal correctness
allow"\fP and \fB"hosts
deny"\fP parameters in the
\fBsmb\&.conf\fP file to determine if the hostname
-with this IP address would be allowed acces to the
+with this IP address would be allowed access to the
\fBsmbd\fP server\&. If this parameter is supplied, the
hostIP parameter must also be supplied\&.
.IP
-.TH "testparm" "1" "23 Oct 1998" "Samba" "SAMBA"
+.TH "testprns " "1" "23 Oct 1998" "Samba" "SAMBA"
.PP
.SH "NAME"
-testparm \- check printer name for validity with smbd
+testprns \- check printer name for validity with smbd
.PP
.SH "SYNOPSIS"
.PP
.IP
Printer names are taken from the first field in each record in the
printcap file, single printer names and sets of aliases separated by
-vertical bars ("|") are recognised\&. Note that no validation or
+vertical bars ("|") are recognized\&. Note that no validation or
checking of the printcap syntax is done beyond that required to
extract the printer name\&. It may be that the print spooling system is
more forgiving or less forgiving than \fBtestprns\fP\&. However, if
!==
-!== Application_Serving.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== Application_Serving.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributed: January 7, 1997
Updated: March 24, 1998
!==
-!== BROWSING-Config.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== BROWSING-Config.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Date: July 5, 1998
Contributor: John H Terpstra <jht@samba.anu.edu.au>
!==
-!== BROWSING.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== BROWSING.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Author/s: Many (Thanks to Luke, Jeremy, Andrew, etc.)
Updated: July 5, 1998
!==
-!== BUGS.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== BUGS.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Samba Team
Updated: June 27, 1997
!==
-!== CVS_ACCESS.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== CVS_ACCESS.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Modified from the Web pages by Jeremy Allison.
Date: 23 Dec 1997
!==
-!== DHCP-Server-Configuration.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== DHCP-Server-Configuration.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Subject: DHCP Server Configuration for SMB Clients
Date: March 1, 1998
!==
-!== DIAGNOSIS.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== DIAGNOSIS.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Andrew Tridgell
Updated: October 14, 1997
!==
-!== DNIX.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== DNIX.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
DNIX has a problem with seteuid() and setegid(). These routines are
needed for Samba to work correctly, but they were left out of the DNIX
!==
-!== DOMAIN.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== DOMAIN.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Samba Team
Updated: June 27, 1997
!==
-!== DOMAIN_CONTROL.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== DOMAIN_CONTROL.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Initial Release: August 22, 1996
Contributor: John H Terpstra <samba-bugs@samba.anu.edu.au>
!==
-!== ENCRYPTION.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== ENCRYPTION.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Jeremy Allison <samba-bugs@samba.anu.edu.au>
Updated: March 19, 1998
!==
-!== Faxing.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== Faxing.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Gerhard Zuber <zuber@berlin.snafu.de>
Date: August 5th 1997.
!==
-!== GOTCHAS.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== GOTCHAS.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
This file lists Gotchas to watch out for:
=========================================================================
!==
-!== HINTS.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== HINTS.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Many
Updated: Not for a long time!
!==
-!== MIRRORS.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== MIRRORS.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
For a list of web and ftp mirrors please see
!==
-!== Macintosh_Clients.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== Macintosh_Clients.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
> Are there any Macintosh clients for Samba?
!==
-!== NTDOMAIN.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== NTDOMAIN.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Luke Kenneth Casson Leighton (samba-bugs@samba.anu.edu.au)
Copyright (C) 1997 Luke Kenneth Casson Leighton
!==
-!== NetBIOS.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== NetBIOS.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: lkcl - samba-bugs@arvidsjaur.anu.edu.au
Copyright 1997 Luke Kenneth Casson Leighton
!==
-!== OS2-Client-HOWTO.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== OS2-Client-HOWTO.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
!==
-!== PRINTER_DRIVER.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== PRINTER_DRIVER.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
==========================================================================
Supporting the famous PRINTER$ share
!==
-!== PROFILES.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== PROFILES.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributors: Bruce Cook <BC3-AU@bigfoot.com>
Copyright (C) 1998 Bruce Cook
!==
-!== Passwords.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== Passwords.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Unknown
Date: Unknown
!==
-!== Printing.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== Printing.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Unknown <samba-bugs@samba.anu.edu.au>
Date: Unknown
!==
-!== Recent-FAQs.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== Recent-FAQs.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Samba-bugs@samba.anu.edu.au
Date: July 5, 1998
!==
-!== RoutedNetworks.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== RoutedNetworks.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
#NOFNR Flag in LMHosts to Communicate Across Routers\r
\r
\r
\r
This will cause the directed Name Queries to not go out for any\r
-remote machines.
\ No newline at end of file
!==
-!== SCO.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== SCO.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Geza Makay <makayg@math.u-szeged.hu>
Date: Unknown
!==
-!== SSLeay.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== SSLeay.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Christian Starkjohann <cs@obdev.at>
Date: May 29, 1998
!==
-!== Speed.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== Speed.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Andrew Tridgell
Date: January 1995
!==
-!== Speed2.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== Speed2.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Paul Cochrane <paulc@dth.scot.nhs.uk>
Organization: Dundee Limb Fitting Centre
!==
-!== Support.txt for Samba release 2.0
+!== Support.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
The Samba Consultants List
==========================
!==
-!== Tracing.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== Tracing.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Andrew Tridgell <samba-bugs@samba.anu.edu.au>
Date: Old
!==
-!== UNIX-SMB.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== UNIX-SMB.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Andrew Tridgell <samba-bugs@samba.anu.edu.au>
Date: April 1995
!==
-!== UNIX_INSTALL.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== UNIX_INSTALL.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Andrew Tridgell <samba-bugs@samba.anu.edu.au>
Date: Unknown
!==
-!== UNIX_SECURITY.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== UNIX_SECURITY.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: John H Terpstra <jht@samba.anu.edu.au>
Date: July 5, 1998
!==
-!== Win95.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== Win95.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Copyright (C) 1997 - Samba-Team
Contributed Date: August 20, 1997
!==
-!== WinNT.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== WinNT.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributors: Various
Password Section - Copyright (C) 1997 - John H Terpstra
!==
-!== cifsntdomain.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== cifsntdomain.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
NT Domain Authentication
------------------------
!==
-!== security_level.txt for Samba release 2.0.0-alpha11 09 Oct 1998
+!== security_level.txt for Samba release 2.0.0-beta1 13 Nov 1998
!==
Contributor: Andrew Tridgell
Updated: June 27, 1997