1 From caea507e6b57a82e059803e307f87fd39affde9c Mon Sep 17 00:00:00 2001
2 From: Andreas Schneider <asn@samba.org>
3 Date: Wed, 15 Jul 2015 13:22:40 +0200
4 Subject: [PATCH] PATCHSET31: docs: Documents length limitations for NetBIOS
7 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11401
9 Signed-off-by: Andreas Schneider <asn@samba.org>
10 Reviewed-by: Michael Adam <obnox@samba.org>
12 Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
13 Autobuild-Date(master): Wed Jul 15 19:35:48 CEST 2015 on sn-devel-104
15 docs-xml/smbdotconf/base/netbiosname.xml | 2 ++
16 1 file changed, 2 insertions(+)
18 Index: samba-3.6.23/docs-xml/smbdotconf/base/netbiosname.xml
19 ===================================================================
20 --- samba-3.6.23.orig/docs-xml/smbdotconf/base/netbiosname.xml
21 +++ samba-3.6.23/docs-xml/smbdotconf/base/netbiosname.xml
23 the hosts DNS name) will be the name that these services are advertised under.
26 + <para>Note that the maximum length for a NetBIOS name is 15 charactars.</para>
29 There is a bug in Samba-3 that breaks operation of browsing and access to shares if the netbios name
30 is set to the literal name <literal>PIPE</literal>. To avoid this problem, do not name your Samba-3
31 Index: samba-3.6.23/docs/manpages/smb.conf.5
32 ===================================================================
33 --- samba-3.6.23.orig/docs/manpages/smb.conf.5
34 +++ samba-3.6.23/docs/manpages/smb.conf.5
38 .\" Author: [see the "AUTHOR" section]
39 -.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
41 +.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
43 .\" Manual: File Formats and Conventions
47 -.TH "SMB\&.CONF" "5" "09/18/2013" "Samba 3\&.6" "File Formats and Conventions"
48 +.TH "SMB\&.CONF" "5" "10/15/2015" "Samba 3\&.6" "File Formats and Conventions"
49 .\" -----------------------------------------------------------------
50 .\" * Define some portability stuff
51 .\" -----------------------------------------------------------------
52 @@ -1201,8 +1201,7 @@ add user to group script (G)
55 Full path to the script that will be called when a user is added to a group using the Windows NT domain administration tools\&. It will be run by
58 +\fBsmbd\fR(8)\fIAS ROOT\fR\&. Any
60 will be replaced with the group name and any
62 @@ -1563,8 +1562,7 @@ smbpasswd
63 will fail to connect in it\*(Aqs default mode\&.
65 can be forced to use the primary IP interface of the local host by using its
67 -\fI\-r \fR\fI\fIremote machine\fR\fR
68 +\fBsmbpasswd\fR(8)\fI\-r \fR\fI\fIremote machine\fR\fR
71 set to the IP name of the primary interface of the local host\&.
72 @@ -1868,8 +1866,7 @@ and
74 are only available if Samba has been compiled against a modern OpenLDAP version (2\&.3\&.x or higher)\&.
76 -This option is needed in the case of Domain Controllers enforcing the usage of signed LDAP connections (e\&.g\&. Windows 2000 SP3 or higher)\&. LDAP sign and seal can be controlled with the registry key "HKLM\eSystem\eCurrentControlSet\eServices\e
77 -NTDS\eParameters\eLDAPServerIntegrity" on the Windows server side\&.
78 +This option is needed in the case of Domain Controllers enforcing the usage of signed LDAP connections (e\&.g\&. Windows 2000 SP3 or higher)\&. LDAP sign and seal can be controlled with the registry key "HKLM\eSystem\eCurrentControlSet\eServices\eNTDS\eParameters\eLDAPServerIntegrity" on the Windows server side\&.
80 Depending on the used KRB5 library (MIT and older Heimdal versions) it is possible that the message "integrity only" is not supported\&. In this case,
82 @@ -2513,8 +2510,7 @@ delete group script (G)
85 This is the full pathname to a script that will be run
88 +\fIAS ROOT\fR\fBsmbd\fR(8)
89 when a group is requested to be deleted\&. It will expand any
91 to the group name passed\&. This script is only useful for installations using the Windows NT domain administration tools\&.
92 @@ -2633,8 +2629,7 @@ delete user from group script (G)
95 Full path to the script that will be called when a user is removed from a group using the Windows NT domain administration tools\&. It will be run by
98 +\fBsmbd\fR(8)\fIAS ROOT\fR\&. Any
100 will be replaced with the group name and any
102 @@ -4895,8 +4890,7 @@ script\&.
103 LDAP connections should be secured where possible\&. This may be done setting
108 +\fIStart_tls\fR\fIor\fR
111 in the URL argument of
112 @@ -4935,9 +4929,7 @@ Please note that this parameter does onl
114 methods\&. To enable the LDAPv3 StartTLS extended operation (RFC2830) for
116 -\m[blue]\fBldap ssl = yes\fR\m[]
118 -\m[blue]\fBldap ssl ads = yes\fR\m[]\&. See
119 +\m[blue]\fBldap ssl = yes\fR\m[]\fIand\fR\m[blue]\fBldap ssl ads = yes\fR\m[]\&. See
121 for more information on
122 \m[blue]\fBldap ssl ads\fR\m[]\&.
123 @@ -5100,8 +5092,7 @@ in elections for local master browser\&.
124 Setting this value to
130 to become a local master browser\&.
133 @@ -5463,7 +5454,6 @@ logon home (G)
135 This parameter specifies the home directory location when a Win95/98 or NT Workstation logs into a Samba PDC\&. It allows you to do
138 C:\e>\fBNET USE H: /HOME\fR
140 from a command prompt, for example\&.
141 @@ -5472,7 +5462,6 @@ This option takes the standard substitut
143 This parameter can be used with Win9X workstations to ensure that roaming profiles are stored in a subdirectory of the user\*(Aqs home directory\&. This is done in the following way:
146 logon home = \e\e%N\e%U\eprofile
148 This tells Samba to return the above string, with substitutions made when a client requests the info, generally in a NetUserGetInfo request\&. Win9X clients truncate the info to \e\eserver\eshare when a user does
149 @@ -6050,7 +6039,6 @@ The three settings are :
155 \- The read only DOS attribute is mapped to the inverse of the user or owner write bit in the unix permission mode set\&. If the owner write bit is not set, the read only attribute is reported as being set on the file\&. If the read only DOS attribute is set, Samba sets the owner, group and others write bits to zero\&. Write bits set in an ACL are ignored by Samba\&. If the read only DOS attribute is unset, Samba simply sets the write bit of the owner to one\&.
157 @@ -6063,7 +6051,6 @@ The three settings are :
163 \- The read only DOS attribute is mapped to the effective permissions of the connecting user, as evaluated by
165 @@ -6078,7 +6065,6 @@ by reading the unix permissions and POSI
171 \- The read only DOS attribute is unaffected by permissions, and can only be set by the
172 \m[blue]\fBstore dos attributes\fR\m[]
173 @@ -6732,7 +6718,6 @@ The options are: "lmhosts", "host", "win
179 : Lookup an IP address in the Samba lmhosts file\&. If the line in lmhosts has no name type attached to the NetBIOS name (see the manpage for lmhosts for details) then any name type matches for lookup\&.
181 @@ -6745,7 +6730,6 @@ The options are: "lmhosts", "host", "win
187 : Do a standard host name to IP address resolution, using the system
188 /etc/hosts, NIS, or DNS lookups\&. This method of name resolution is operating system depended for instance on IRIX or Solaris this may be controlled by the
189 @@ -6833,6 +6817,8 @@ netbios name (G)
191 This sets the NetBIOS name by which a Samba server is known\&. By default it is the same as the first component of the host\*(Aqs DNS name\&. If a machine is a browse server or logon server this name (or the first component of the hosts DNS name) will be the name that these services are advertised under\&.
193 +Note that the maximum length for a NetBIOS name is 15 charactars\&.
195 There is a bug in Samba\-3 that breaks operation of browsing and access to shares if the netbios name is set to the literal name
196 PIPE\&. To avoid this problem, do not name your Samba\-3 server
198 @@ -7639,7 +7625,6 @@ This option specifies a command to be ru
200 An interesting example is to send the users a welcome message every time they log in\&. Maybe a message of the day? Here is an example:
203 preexec = csh \-c \*(Aqecho \e"Welcome to %S!\e" | /usr/local/samba/bin/smbclient \-M %m \-I %I\*(Aq &
205 Of course, this could get annoying after a while :\-)
206 @@ -8452,9 +8437,7 @@ rpc_server (G)
207 Defines what kind of rpc server to use for a named pipe\&. The rpc_server prefix must be followed by the pipe name, and a value\&.
209 Three possible values are currently supported:
213 +embeddeddaemonexternal
215 The classic method is to run every pipe as an internal function
217 @@ -8632,8 +8615,7 @@ security = share
218 server)\&. Instead, the clients send authentication information (passwords) on a per\-share basis, at the time they attempt to connect to that share\&.
224 uses a valid UNIX user to act on behalf of the client, even in
227 @@ -10177,8 +10159,6 @@ This parameter specifies the absolute pa
229 For example, a valid usershare directory might be /usr/local/samba/lib/usershares, set up as follows\&.
236 @@ -10650,10 +10630,10 @@ and
240 -\fI<sfu | rfc2307 >\fR
241 -\- When Samba is running in security = ads and your Active Directory Domain Controller does support the Microsoft "Services for Unix" (SFU) LDAP schema, winbind can retrieve the login shell and the home directory attributes directly from your Directory Server\&. Note that retrieving UID and GID from your ADS\-Server requires to use
242 +\fI<sfu | sfu20 | rfc2307 >\fR
243 +\- When Samba is running in security = ads and your Active Directory Domain Controller does support the Microsoft "Services for Unix" (SFU) LDAP schema, winbind can retrieve the login shell and the home directory attributes directly from your Directory Server\&. For SFU 3\&.0 or 3\&.5 simply choose "sfu", if you use SFU 2\&.0 please choose "sfu20"\&. Note that retrieving UID and GID from your ADS\-Server requires to use
244 \fIidmap config DOMAIN:backend\fR
246 += ad as well\&. The primary group membership is currently always calculated via the "primaryGroupID" LDAP attribute\&.
250 @@ -11036,7 +11016,6 @@ special sections make life for an admini
251 This man page is correct for version 3 of the Samba suite\&.