blob: a35fa00fd791a16ea80e52461b30162b068e337d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
|
<?xml version="1.0" encoding="UTF-8"?>
<kcfg xmlns="http://www.kde.org/standards/kcfg/1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.kde.org/standards/kcfg/1.0
http://www.kde.org/standards/kcfg/1.0/kcfg.xsd" >
<include>tqfile.h</include>
<include>tdeapplication.h</include>
<include>config.h</include>
<kcfgfile arg="true">
<parameter name="connection"/>
</kcfgfile>
<group name="general">
<entry name="connection" type="String">
<label>Default connection</label>
<default>default</default>
</entry>
<entry name="showsys" type="Bool">
<label>Show system users</label>
<default>true</default>
</entry>
</group>
<group name="connection-$(connection)">
<entry name="source" type="Enum">
<label>The source of the user and group database</label>
<whatsthis>This option allows you to select where the user/group data stored. Currently three storage backends are supported. <BR><B>Files</B> stores user/group data in traditional /etc/passwd and /etc/group flat files. <BR><B>LDAP</B> stores data in a directory server using the posixAccount and posixGroup object classes; this backend allows the management of Samba users/groups via the sambaSamAccount object class.<BR><B>System</B> provides a read-only access to all users and groups which your installation knows about.</whatsthis>
<choices>
<choice name="Files"/>
<choice name="LDAP"/>
<choice name="System"/>
</choices>
<default>Files</default>
</entry>
<entry name="shell" type="String">
<label>Shell</label>
<whatsthis>This option allows you to select the shell which will be the default for new users.</whatsthis>
</entry>
<entry name="homepath" type="String">
<label>Home path template</label>
<whatsthis>This option specifies the UNIX home path template for new users. The '%U' macro will replaced with the actual user name.</whatsthis>
<default code="true">TQFile::decodeName(KU_HOMETEMPLATE)</default>
</entry>
<entry name="firstUID" type="Int">
<label>First UID</label>
<whatsthis>This options specifies the first user ID where searching for an available UID starts.</whatsthis>
<default code="true">KU_FIRSTUID</default>
</entry>
<entry name="firstGID" type="Int">
<label>First GID</label>
<whatsthis>This options specifies the first group ID where searching for an available GID starts.</whatsthis>
<default code="true">KU_FIRSTGID</default>
</entry>
<entry name="createHomeDir" type="Bool">
<label>Create home folder</label>
<whatsthis>If this option is checked then a home directory will created for the new user.</whatsthis>
<default>true</default>
</entry>
<entry name="copySkel" type="Bool">
<label>Copy skeleton to home folder</label>
<whatsthis>If this option is checked then the contents of the skeleton folder will copied to the new user's home directory</whatsthis>
<default>true</default>
</entry>
<entry name="userPrivateGroup" type="Bool">
<label>User private groups</label>
<whatsthis>If this option is enabled, new user creation will create a private group named as the user, and the primary group of the user will assigned to this private group.</whatsthis>
<default code="true">KU_USERPRIVATEGROUP</default>
</entry>
<entry name="defaultgroup" type="Int">
<label>Default primary group</label>
<whatsthis>This is the default primary group which will be assigned to a newly created user.</whatsthis>
<default>100</default>
</entry>
<entry name="smin" type="Int">
<label>smin</label>
<default>0</default>
</entry>
<entry name="smax" type="Int">
<label>smax</label>
<default>-1</default>
</entry>
<entry name="swarn" type="Int">
<label>swarn</label>
<default>-1</default>
</entry>
<entry name="sinact" type="Int">
<label>sinact</label>
<default>-1</default>
</entry>
<entry name="sexpire" type="DateTime">
<label>sexpire</label>
<whatsthis>This setting is for specifying a date when user accounts will expire.</whatsthis>
<default code="true">TQDateTime(TQDate(1970,1,1))</default>
</entry>
<entry name="sneverexpire" type="Bool">
<label>sneverexpire</label>
<whatsthis>Check this if you want to user accounts never expire.</whatsthis>
<default>true</default>
</entry>
<entry name="passwdsrc" type="String">
<label>Password file</label>
<whatsthis>This specifies the users database file (usually /etc/passwd).</whatsthis>
<default>/etc/passwd</default>
</entry>
<entry name="groupsrc" type="String">
<label>Group file</label>
<whatsthis>This specifies the groups database file (usually /etc/group).</whatsthis>
<default>/etc/group</default>
</entry>
<entry name="md5shadow" type="Bool">
<label>MD5 Shadow passwords</label>
<whatsthis>Check this if you want the passwords in the shadow file MD5 hashed. Leave this unchecked if DES encryption should be used.</whatsthis>
</entry>
<entry name="shadowsrc" type="String">
<label>Shadow password file</label>
<whatsthis>Specifies the shadow password file (usually /etc/shadow). Leave this empty if your system does not use a shadow password file.</whatsthis>
<default>/etc/shadow</default>
</entry>
<entry name="gshadowsrc" type="String">
<label>Group shadow file</label>
<whatsthis>Specifies the shadow group file (usually /etc/gshadow). Leave this empty if your system does not use a shadow group file.</whatsthis>
<default>/etc/gshadow</default>
</entry>
<entry name="nispasswdsrc" type="String">
<label>NIS password source</label>
</entry>
<entry name="nisminuid" type="Int">
<label>NIS minimum UID</label>
</entry>
<entry name="nisgroupsrc" type="String">
<label>NIS group source</label>
</entry>
<entry name="nismingid" type="Int">
<label>NIS minimum GID</label>
</entry>
<entry name="ldapuser" type="String">
<label>LDAP User</label>
</entry>
<entry name="ldappassword" type="Password">
<label>LDAP Password</label>
</entry>
<entry name="ldaprealm" type="String">
<label>LDAP SASL Realm</label>
</entry>
<entry name="ldapbinddn" type="String">
<label>LDAP Bind DN</label>
</entry>
<entry name="ldaphost" type="String">
<label>LDAP Host</label>
</entry>
<entry name="ldapport" type="Int">
<label>LDAP Port</label>
<default>389</default>
</entry>
<entry name="ldapver" type="Int">
<label>LDAP version</label>
<default>3</default>
</entry>
<entry name="ldapsizelimit" type="Int">
<label>LDAP Size limit</label>
<default>0</default>
</entry>
<entry name="ldaptimelimit" type="Int">
<label>LDAP Time limit</label>
<default>0</default>
</entry>
<entry name="ldapdn" type="String">
<label>LDAP Base DN</label>
</entry>
<entry name="ldapfilter" type="String">
<label>LDAP Filter</label>
</entry>
<entry name="ldapnosec" type="Bool">
<label>LDAP no encryption</label>
<default>false</default>
</entry>
<entry name="ldaptls" type="Bool">
<label>LDAP TLS</label>
<default>true</default>
</entry>
<entry name="ldapssl" type="Bool">
<label>LDAP SSL</label>
<default>false</default>
</entry>
<entry name="ldapanon" type="Bool">
<label>LDAP Anonymous</label>
<default>false</default>
</entry>
<entry name="ldapsimple" type="Bool">
<label>LDAP Simple auth</label>
<default>true</default>
</entry>
<entry name="ldapsasl" type="Bool">
<label>LDAP SASL auth</label>
<default>false</default>
</entry>
<entry name="ldapsaslmech" type="String">
<label>LDAP SASL mechanism</label>
<default>LOGIN</default>
</entry>
<entry name="ldapuserbase" type="String">
<label>LDAP User container</label>
<whatsthis>This specifies where to store users' entries relative to the LDAP base DN.</whatsthis>
<default>ou=People</default>
</entry>
<entry name="ldapuserfilter" type="String">
<label>LDAP User filter</label>
<whatsthis>This specifies the filter used for user entries.</whatsthis>
</entry>
<entry name="ldapgroupbase" type="String">
<label>LDAP Group container</label>
<whatsthis>This specifies where to store groups' entries relative to the LDAP base DN.</whatsthis>
<default>ou=Group</default>
</entry>
<entry name="ldapgroupfilter" type="String">
<label>LDAP Group filter</label>
<whatsthis>This specifies the filter used for group entries.</whatsthis>
</entry>
<entry name="ldapuserrdn" type="Enum">
<label>LDAP User RDN prefix</label>
<whatsthis>This specifies what prefix will used for user entries.</whatsthis>
<choices>
<choice name="uid"/>
<choice name="uidNumber"/>
<choice name="cn"/>
</choices>
<default>uid</default>
</entry>
<entry name="ldapcnfullname" type="Bool">
<label>Store the user's full name in the cn attribute</label>
<whatsthis>Check this if the user's full name should be stored in the cn (Canonical Name) attribute.</whatsthis>
<default>true</default>
</entry>
<entry name="ldapgecos" type="Bool">
<label>Update the gecos field</label>
<whatsthis>Check this if the gecos attribute should be updated.</whatsthis>
<default>false</default>
</entry>
<entry name="ldapshadow" type="Bool">
<label>Manage LDAP shadowAccount objectclass</label>
<whatsthis>Check this if the shadowAccount object should be used in the users' entries. It allows to enforce password change/expiration policies.</whatsthis>
<default>true</default>
</entry>
<entry name="ldapstructural" type="Enum">
<label>LDAP Structural objectclass</label>
<whatsthis>This option allows to specify the structural objectclass used with users' entries. If you want to use these entries not just for authentication, but for an addressbook, too, then choose inetOrgPerson.</whatsthis>
<choices>
<choice name="account"/>
<choice name="inetOrgPerson"/>
</choices>
<default>account</default>
</entry>
<entry name="ldapgrouprdn" type="Enum">
<label>LDAP Group RDN prefix</label>
<whatsthis>This specifies what prefix will used for group entries.</whatsthis>
<choices>
<choice name="cn"/>
<choice name="gidNumber"/>
</choices>
<default>cn</default>
</entry>
<entry name="ldappasswordhash" type="Enum">
<label>LDAP Password hash method</label>
<whatsthis>This specifies the password hashing method. The most secure is SSHA.</whatsthis>
<choices>
<choice name="Clear"/>
<choice name="CRYPT"/>
<choice name="MD5"/>
<choice name="SMD5"/>
<choice name="SHA"/>
<choice name="SSHA"/>
</choices>
<default>SSHA</default>
</entry>
<entry name="ldapsam" type="Bool">
<label>Enable samba account management</label>
<whatsthis>Check this if you want to use the user/group entries in a Samba domain. KUser will create sambaSamAccount objectclass for each entry which is usable with the ldapsam passdb backend with Samba version greater than 3.0.</whatsthis>
</entry>
<entry name="samdomain" type="String">
<label>Samba domain name</label>
<whatsthis>This specifies the samba domain name.</whatsthis>
</entry>
<entry name="samdomsid" type="String">
<label>Samba domain SID</label>
<whatsthis>This specifies the domain Security IDentifier. It is unique in a single domain. You can query the value of the domain SID with 'net getlocalsid domain_name'.</whatsthis>
</entry>
<entry name="samridbase" type="Int">
<label>Algorithmic RID base</label>
<whatsthis>This value is an offset for the algorithmic mapping from uids and gids to rids. The default (and minimum) value is 1000, it must be even, and the LDAP database and smb.conf must store the same values.</whatsthis>
<default>1000</default>
</entry>
<entry name="samloginscript" type="String">
<label>Samba login script</label>
<whatsthis>This specifies a name of a login script (in the `Netlogon` share) which will be executed as the user logs in to a Windows machine.</whatsthis>
</entry>
<entry name="samhomedrive" type="String">
<label>Samba home drive</label>
<whatsthis>Specifies a drive letter where the user's home directory will automatically mapped when he/she logs into a Windows machine.</whatsthis>
</entry>
<entry name="samprofilepath" type="String">
<label>Samba profile path template</label>
<whatsthis>This specifies the location of the roaming profile of the user. The '%U' macro will be replaced with the actual user name.</whatsthis>
</entry>
<entry name="samhomepath" type="String">
<label>Samba home path template</label>
<whatsthis>This specifies the location of the home directory of the user. This field is meaningful only for Windows machines. The '%U' macro will be replaced with the actual user name.</whatsthis>
</entry>
<entry name="lanmanhash" type="Bool">
<label>Store LanManager hashed password</label>
<whatsthis>Store the LanManager hashed password in the sambaLMPassword attribute. Check this if you have older clients (Win9x series and before) on your network.</whatsthis>
<default>false</default>
</entry>
</group>
</kcfg>
|