1 <samba:parameter xmlns:samba="http://samba.org/common">
2 <term><anchor id="UPDATEENCRYPTED"/>update encrypted (G)</term>
3 <listitem><para>This boolean parameter allows a user logging
4 on with a plaintext password to have their encrypted (hashed)
5 password in the smbpasswd file to be updated automatically as
6 they log on. This option allows a site to migrate from plaintext
7 password authentication (users authenticate with plaintext
8 password over the wire, and are checked against a UNIX account
9 database) to encrypted password authentication (the SMB
10 challenge/response authentication mechanism) without forcing
11 all users to re-enter their passwords via smbpasswd at the time the
12 change is made. This is a convenience option to allow the change over
13 to encrypted passwords to be made over a longer period. Once all users
14 have encrypted representations of their passwords in the smbpasswd
15 file this parameter should be set to <constant>no</constant>.</para>
17 <para>In order for this parameter to work correctly the <link linkend="ENCRYPTPASSWORDS"><parameter moreinfo="none">encrypt passwords</parameter>
18 </link> parameter must be set to <constant>no</constant> when
19 this parameter is set to <constant>yes</constant>.</para>
21 <para>Note that even when this parameter is set a user
22 authenticating to <command moreinfo="none">smbd</command> must still enter a valid
23 password in order to connect correctly, and to update their hashed
24 (smbpasswd) passwords.</para>
26 <para>Default: <command moreinfo="none">update encrypted = no</command></para>