<label>The source of the user and group database</label>
<whatsthis>This option allows you to select where the user/group data stored. Currently three storage backends are supported. <BR><B>Files</B> stores user/group data in traditional /etc/passwd and /etc/group flat files. <BR><B>LDAP</B> stores data in a directory server using the posixAccount and posixGroup object classes; this backend allows the management of Samba users/groups via the sambaSamAccount object class.<BR><B>System</B> provides a read-only access to all users and groups which your installation knows about.</whatsthis>
<choices>
<choice name="Files"/>
<choice name="LDAP"/>
<choice name="System"/>
</choices>
<default>Files</default>
</entry>
<entry name="shell" type="String">
<label>Shell</label>
<whatsthis>This option allows you to select the shell which will be the default for new users.</whatsthis>
</entry>
<entry name="homepath" type="String">
<label>Home path template</label>
<whatsthis>This option specifies the UNIX home path template for new users. The '%U' macro will replaced with the actual user name.</whatsthis>
<whatsthis>This options specifies the first user ID where searching for an available UID starts.</whatsthis>
<default code="true">KU_FIRSTUID</default>
</entry>
<entry name="firstGID" type="Int">
<label>First GID</label>
<whatsthis>This options specifies the first group ID where searching for an available GID starts.</whatsthis>
<default code="true">KU_FIRSTGID</default>
</entry>
<entry name="createHomeDir" type="Bool">
<label>Create home folder</label>
<whatsthis>If this option is checked then a home directory will created for the new user.</whatsthis>
<default>true</default>
</entry>
<entry name="copySkel" type="Bool">
<label>Copy skeleton to home folder</label>
<whatsthis>If this option is checked then the contents of the skeleton folder will copied to the new user's home directory</whatsthis>
<default>true</default>
</entry>
<entry name="userPrivateGroup" type="Bool">
<label>User private groups</label>
<whatsthis>If this option is enabled, new user creation will create a private group named as the user, and the primary group of the user will assigned to this private group.</whatsthis>
<whatsthis>Check this if the shadowAccount object should be used in the users' entries. It allows to enforce password change/expiration policies.</whatsthis>
<default>true</default>
</entry>
<entry name="ldapstructural" type="Enum">
<label>LDAP Structural objectclass</label>
<whatsthis>This option allows to specify the structural objectclass used with users' entries. If you want to use these entries not just for authentication, but for an addressbook, too, then choose inetOrgPerson.</whatsthis>
<choices>
<choice name="account"/>
<choice name="inetOrgPerson"/>
</choices>
<default>account</default>
</entry>
<entry name="ldapgrouprdn" type="Enum">
<label>LDAP Group RDN prefix</label>
<whatsthis>This specifies what prefix will used for group entries.</whatsthis>
<choices>
<choice name="cn"/>
<choice name="gidNumber"/>
</choices>
<default>cn</default>
</entry>
<entry name="ldappasswordhash" type="Enum">
<label>LDAP Password hash method</label>
<whatsthis>This specifies the password hashing method. The most secure is SSHA.</whatsthis>
<choices>
<choice name="Clear"/>
<choice name="CRYPT"/>
<choice name="MD5"/>
<choice name="SMD5"/>
<choice name="SHA"/>
<choice name="SSHA"/>
</choices>
<default>SSHA</default>
</entry>
<entry name="ldapsam" type="Bool">
<label>Enable samba account management</label>
<whatsthis>Check this if you want to use the user/group entries in a Samba domain. KUser will create sambaSamAccount objectclass for each entry which is usable with the ldapsam passdb backend with Samba version greater than 3.0.</whatsthis>
</entry>
<entry name="samdomain" type="String">
<label>Samba domain name</label>
<whatsthis>This specifies the samba domain name.</whatsthis>
</entry>
<entry name="samdomsid" type="String">
<label>Samba domain SID</label>
<whatsthis>This specifies the domain Security IDentifier. It is unique in a single domain. You can query the value of the domain SID with 'net getlocalsid domain_name'.</whatsthis>
</entry>
<entry name="samridbase" type="Int">
<label>Algorithmic RID base</label>
<whatsthis>This value is an offset for the algorithmic mapping from uids and gids to rids. The default (and minimum) value is 1000, it must be even, and the LDAP database and smb.conf must store the same values.</whatsthis>
<default>1000</default>
</entry>
<entry name="samloginscript" type="String">
<label>Samba login script</label>
<whatsthis>This specifies a name of a login script (in the `Netlogon` share) which will be executed as the user logs in to a Windows machine.</whatsthis>
</entry>
<entry name="samhomedrive" type="String">
<label>Samba home drive</label>
<whatsthis>Specifies a drive letter where the user's home directory will automatically mapped when he/she logs into a Windows machine.</whatsthis>
</entry>
<entry name="samprofilepath" type="String">
<label>Samba profile path template</label>
<whatsthis>This specifies the location of the roaming profile of the user. The '%U' macro will be replaced with the actual user name.</whatsthis>
</entry>
<entry name="samhomepath" type="String">
<label>Samba home path template</label>
<whatsthis>This specifies the location of the home directory of the user. This field is meaningful only for Windows machines. The '%U' macro will be replaced with the actual user name.</whatsthis>
</entry>
<entry name="lanmanhash" type="Bool">
<label>Store LanManager hashed password</label>
<whatsthis>Store the LanManager hashed password in the sambaLMPassword attribute. Check this if you have older clients (Win9x series and before) on your network.</whatsthis>
