From: Jelmer Vernooij <jelmer@samba.org> 
Date: Mon, 31 Mar 2003 21:08:23 +0000 (+0000)
Subject: Update NT_Security for 3.0
X-Git-Url: http://git.samba.org/samba.git/?a=commitdiff_plain;ds=sidebyside;h=6cb01d215621af0cb6ecd3e503ca0182f448c4a2;hp=137254a16cf48a37be53477713dd41af7a81f505;p=kai%2Fsamba.git

Update NT_Security for 3.0
---

diff --git a/docs/docbook/projdoc/NT_Security.sgml b/docs/docbook/projdoc/NT_Security.sgml
index 28433315195..a68a820b76e 100644
--- a/docs/docbook/projdoc/NT_Security.sgml
+++ b/docs/docbook/projdoc/NT_Security.sgml
@@ -22,10 +22,8 @@
 	<title>Viewing and changing UNIX permissions using the NT 
 	security dialogs</title>
 
-
-	<para>New in the Samba 2.0.4 release is the ability for Windows 
-	NT clients to use their native security settings dialog box to 
-	view and modify the underlying UNIX permissions.</para>
+	<para>Windows NT clients can use their native security settings 
+	dialog box to view and modify the underlying UNIX permissions.</para>
 
 	<para>Note that this ability is careful not to compromise 
 	the security of the UNIX host Samba is running on, and 
@@ -36,13 +34,12 @@
 <sect1>
 	<title>How to view file security on a Samba share</title>
 
-	<para>From an NT 4.0 client, single-click with the right 
+	<para>From an NT4/2000/XP client, single-click with the right 
 	mouse button on any file or directory in a Samba mounted 
 	drive letter or UNC path. When the menu pops-up, click 
 	on the <emphasis>Properties</emphasis> entry at the bottom of 
-	the menu. This brings up the normal file properties dialog
-	box, but with Samba 2.0.4 this will have a new tab along the top
-	marked <emphasis>Security</emphasis>. Click on this tab and you 
+	the menu. This brings up the file properties dialog
+	box. Click on the tab <emphasis>Security</emphasis> and you 
 	will see three buttons, <emphasis>Permissions</emphasis>, 	
 	<emphasis>Auditing</emphasis>, and <emphasis>Ownership</emphasis>. 
 	The <emphasis>Auditing</emphasis> button will cause either 
@@ -89,7 +86,7 @@
 
 	<para>There is an NT chown command that will work with Samba 
 	and allow a user with Administrator privilege connected 
-	to a Samba 2.0.4 server as root to change the ownership of 
+	to a Samba server as root to change the ownership of 
 	files on both a local NTFS filesystem or remote mounted NTFS 
 	or Samba drive. This is available as part of the <emphasis>Seclib
 	</emphasis> NT security library written by Jeremy Allison of 
@@ -193,7 +190,7 @@
 	</command> message.</para>
 
 	<para>The first thing to note is that the <command>"Add"</command> 
-	button will not return a list of users in Samba 2.0.4 (it will give 
+	button will not return a list of users in Samba (it will give 
 	an error message of <command>"The remote procedure call failed 
 	and did not execute"</command>). This means that you can only 
 	manipulate the current user/group/world permissions listed in 
@@ -233,8 +230,9 @@
 	<title>Interaction with the standard Samba create mask 
 	parameters</title>
 
-	<para>Note that with Samba 2.0.5 there are four new parameters 
-	to control this interaction.  These are :</para>
+	<para>There are four parameters 
+	to control interaction with the standard Samba create mask parameters.
+	These are :</para>
 
 	<para><parameter>security mask</parameter></para>
 	<para><parameter>force security mode</parameter></para>
@@ -256,9 +254,8 @@
 
 	<para>If not set explicitly this parameter is set to the same value as 
 	the <ulink url="smb.conf.5.html#CREATEMASK"><parameter>create mask
-	</parameter></ulink> parameter to provide compatibility with Samba 2.0.4 
-	where this permission change facility was introduced. To allow a user to 
-	modify all the user/group/world permissions on a file, set this parameter 
+	</parameter></ulink> parameter. To allow a user to modify all the
+	user/group/world permissions on a file, set this parameter 
 	to 0777.</para>
 
 	<para>Next Samba checks the changed permissions for a file against 
@@ -273,8 +270,7 @@
 
 	<para>If not set explicitly this parameter is set to the same value 
 	as the <ulink url="smb.conf.5.html#FORCECREATEMODE"><parameter>force 
-	create mode</parameter></ulink> parameter to provide compatibility
-	with Samba 2.0.4 where the permission change facility was introduced.
+	create mode</parameter></ulink> parameter.
 	To allow a user to modify all the user/group/world permissions on a file
 	with no restrictions set this parameter to 000.</para>
 
@@ -293,9 +289,7 @@
 	by default is set to the same value as the <parameter>directory mask
 	</parameter> parameter and the <parameter>force directory security 
 	mode</parameter> parameter by default is set to the same value as 
- 	the <parameter>force directory mode</parameter> parameter to provide 
-	compatibility with Samba 2.0.4 where the permission change facility 
-	was introduced.</para>
+ 	the <parameter>force directory mode</parameter> parameter. </para>
 
 	<para>In this way Samba enforces the permission restrictions that 
 	an administrator can set on a Samba share, whilst still allowing users 
@@ -311,15 +305,6 @@
 	<para><parameter>force security mode = 0</parameter></para>
 	<para><parameter>directory security mask = 0777</parameter></para>
 	<para><parameter>force directory security mode = 0</parameter></para>
-
-	<para>As described, in Samba 2.0.4 the parameters :</para>
-
-	<para><parameter>create mask</parameter></para>
-	<para><parameter>force create mode</parameter></para>
-	<para><parameter>directory mask</parameter></para>
-	<para><parameter>force directory mode</parameter></para>
-
-	<para>were used instead of the parameters discussed here.</para>
 </sect1>
 
 <sect1>
diff --git a/docs/docs-status b/docs/docs-status
index c1b17d0838e..28b88f428f7 100644
--- a/docs/docs-status
+++ b/docs/docs-status
@@ -11,7 +11,6 @@ docs/docbook/manpages/smb.conf.5.sgml - 'restrict anonymous' isn't documented pr
 docs/docbook/projdoc/DOMAIN_MEMBER.sgml - Needs update to 3.0
 docs/docbook/projdoc/ADS-HOWTO.sgml - seems outdated (it says we require 'ads server' when in ads mode, though that's not true, according to the manpages...)
 docs/docbook/projdoc/Integrating-with-Windows.sgml - Should slowly go a way. Contains a little bit information about wins, a little bit about domain membership, a little about winbind, etc
-docs/docbook/projdoc/NT_Security.sgml - probably outdated
 docs/docbook/projdoc/PAM-Authentication-And-Samba.sgml
 docs/docbook/projdoc/Printing.sgml - Cups is not documented, smbprint, printing /to/ a windows server... - Kurt Pfeifle
 docs/docbook/projdoc/Samba-BDC-HOWTO.sgml - Needs update to 3.0
@@ -25,6 +24,7 @@ docs/textdocs/CUPS-PrintingInfo.txt - needs to be converted to sgml - Kurt Pfeif
 docs/textdocs/PROFILES.txt - needs to be converted to sgml
 docs/textdocs/README.jis - Seems to need updating - possibly obsoleted by a newer japanese howto?
 docs/textdocs/RoutedNetworks.txt - still valid, but shouldn't this go into Other_clients.sgml ? This text originally comes from microsoft, what about copyright?
+docs/docbook/manpages/ntlm_auth.1.sgml - Is very basic at the moment, parameters need better descriptions
 
 These still need to be checked:
 docs/docbook/manpages/smbmnt.8.sgml
@@ -38,9 +38,7 @@ docs/docbook/manpages/smbumount.8.sgml
 docs/docbook/manpages/testprns.1.sgml
 
 Stuff that needs to be documented:
-ntlm_auth
 wrepld
-editreg
 Windows NT 4.0 Style Trust Relationship
 Winbind in a samba controlled domain
 One Time Migration script from a Windows NT 4.0 PDC to a Samba PDC