]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
manpages:samba-tool gpo manage security set
authorDouglas Bagnall <douglas.bagnall@catalyst.net.nz>
Sun, 2 Mar 2025 01:01:53 +0000 (14:01 +1300)
committerDouglas Bagnall <dbagnall@samba.org>
Wed, 12 Mar 2025 19:57:34 +0000 (19:57 +0000)
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Rowland Penny <rpenny@samba.org>
docs-xml/manpages/samba-tool.8.xml

index c4c6f10028260534f1eaae6580b2710bd299f6da..4eeebab8e4c055936c5e206b86aaaff956cd9ed1 100644 (file)
@@ -2986,6 +2986,91 @@ enables most Registry policies.
          </varlistentry>
       </variablelist>
 </refsect3>
+
+<refsect3>
+       <title>gpo manage security set <replaceable>gpo</replaceable> [options]</title>
+
+       <para>Set Samba Security Group Policy to the sysvol.</para>
+
+       <para>This command sets a security setting to the sysvol for
+       applying to winbind clients. Not providing a value will unset
+       the policy. These settings only apply to the AD DC.</para>
+
+       <para>Example:
+       <programlisting>samba-tool gpo manage security set {31B2F340-016D-11D2-945F-00C04FB984F9} MaxTicketAge 10</programlisting>
+       </para>
+       <para>
+         Possible policies:
+         <variablelist>
+           <varlistentry>
+             <term>MaxTicketAge</term>
+             <listitem><para>Maximum lifetime for user ticket (hours).</para></listitem>
+           </varlistentry>
+
+           <varlistentry>
+             <term>MaxServiceAge</term>
+             <listitem><para>Maximum lifetime for service ticket in minutes.
+              Defined in minutes</para></listitem>
+           </varlistentry>
+
+           <varlistentry>
+             <term>MaxRenewAge</term>
+             <listitem><para>Maximum lifetime for user ticket renewal, in minutes.
+              </para></listitem>
+           </varlistentry>
+
+           <varlistentry>
+             <term>MinimumPasswordAge</term>
+             <listitem><para>Minimum password age, in days.
+              </para></listitem>
+           </varlistentry>
+
+           <varlistentry>
+             <term>MaximumPasswordAge</term>
+             <listitem><para>Maximum password age, in days.</para></listitem>
+           </varlistentry>
+
+           <varlistentry>
+             <term>MinimumPasswordLength</term>
+             <listitem><para>Minimum password length, in characters.
+             </para></listitem>
+           </varlistentry>
+
+           <varlistentry>
+             <term>PasswordComplexity</term>
+             <listitem><para>Password must meet complexity requirements.
+              1 is Enabled, 0 is Disabled.</para></listitem>
+           </varlistentry>
+         </variablelist>
+       </para>
+
+<variablelist>
+         <varlistentry>
+           <term>-H URL, --URL=URL</term>
+           <listitem><para>LDB URL for database or target server</para></listitem>
+         </varlistentry>
+</variablelist>
+
+
+       <para>List Samba Security Group Policy from the sysvol.</para>
+
+       <para>This command lists security settings from the sysvol that will
+       be applied to winbind clients. These settings only apply to the
+       AD DC.</para>
+       <para>
+       Example:
+       <programlisting>samba-tool gpo manage security list {31B2F340-016D-11D2-945F-00C04FB984F9}</programlisting>
+      </para>
+
+      <variablelist>
+         <varlistentry>
+           <term>-H URL, --URL=URL</term>
+           <listitem><para>LDB URL for database or target server</para></listitem>
+         </varlistentry>
+      </variablelist>
+</refsect3>
+
+
 <refsect3>
        <title>gpo setinheritance <replaceable>container_dn</replaceable> <replaceable>block|inherit</replaceable> [options]</title>
        <para>Set inheritance flag on a container.</para>