mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
a72bc3e15d
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
58 lines
2.9 KiB
XML
58 lines
2.9 KiB
XML
<samba:parameter name="passwd chat"
|
|
context="G"
|
|
type="string"
|
|
substitution="1"
|
|
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
|
<description>
|
|
<para>This string controls the <emphasis>"chat"</emphasis>
|
|
conversation that takes places between <citerefentry><refentrytitle>smbd</refentrytitle>
|
|
<manvolnum>8</manvolnum></citerefentry> and the local password changing
|
|
program to change the user's password. The string describes a
|
|
sequence of response-receive pairs that <citerefentry><refentrytitle>smbd</refentrytitle>
|
|
<manvolnum>8</manvolnum></citerefentry> uses to determine what to send to the
|
|
<smbconfoption name="passwd program"/> and what to expect back. If the expected output is not
|
|
received then the password is not changed.</para>
|
|
|
|
<para>This chat sequence is often quite site specific, depending
|
|
on what local methods are used for password control.</para>
|
|
|
|
<para>Note that this parameter only is used if the <smbconfoption
|
|
name="unix password sync"/> parameter is set to <constant>yes</constant>. This sequence is
|
|
then called <emphasis>AS ROOT</emphasis> when the SMB password in the
|
|
smbpasswd file is being changed, without access to the old password
|
|
cleartext. This means that root must be able to reset the user's password without
|
|
knowing the text of the previous password.
|
|
</para>
|
|
|
|
<para>The string can contain the macro <parameter
|
|
moreinfo="none">%n</parameter> which is substituted
|
|
for the new password. The old password (<parameter
|
|
moreinfo="none">%o</parameter>) is only available when
|
|
<smbconfoption name="encrypt passwords"/> has been disabled.
|
|
The chat sequence can also contain the standard macros
|
|
\n, \r, \t and \s to give line-feed, carriage-return, tab
|
|
and space. The chat sequence string can also contain
|
|
a '*' which matches any sequence of characters. Double quotes can
|
|
be used to collect strings with spaces in them into a single
|
|
string.</para>
|
|
|
|
<para>If the send string in any part of the chat sequence is a full
|
|
stop ".", then no string is sent. Similarly, if the
|
|
expect string is a full stop then no string is expected.</para>
|
|
|
|
<para>If the <smbconfoption name="pam password change"/> parameter is set to <constant>yes</constant>, the
|
|
chat pairs may be matched in any order, and success is determined by the PAM result, not any particular
|
|
output. The \n macro is ignored for PAM conversions.
|
|
</para>
|
|
|
|
</description>
|
|
|
|
<related>unix password sync</related>
|
|
<related>passwd program</related>
|
|
<related>passwd chat debug</related>
|
|
<related>pam password change</related>
|
|
|
|
<value type="default">*new*password* %n\n *new*password* %n\n *changed*</value>
|
|
<value type="example">"*Enter NEW password*" %n\n "*Reenter NEW password*" %n\n "*Password changed*"</value>
|
|
</samba:parameter>
|