1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-28 07:21:54 +03:00
samba-mirror/docs/htmldocs/pdbedit.8.html
Jelmer Vernooij 8d7c96a4e2 - Regenerate docs
- Fix db2latex (it depended on the $Id$ tags)
- Fix CUPS-Printing syntax
- Update instructions in docbook.txt
0001-01-01 00:00:00 +00:00

137 lines
12 KiB
HTML

<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>pdbedit</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.60.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="pdbedit.8"></a><div class="titlepage"><div></div><div></div></div><div class="refnamediv"><h2>Name</h2><p>pdbedit &#8212; manage the SAM database</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><tt class="command">pdbedit</tt> [-L] [-v] [-w] [-u username] [-f fullname] [-h homedir] [-D drive] [-S script] [-p profile] [-a] [-m] [-x] [-i passdb-backend] [-e passdb-backend] [-b passdb-backend] [-g] [-d debuglevel] [-s configfile] [-P account-policy] [-C value]</p></div></div><div class="refsect1" lang="en"><h2>DESCRIPTION</h2><p>This tool is part of the <a href="Samba.7.html"><span class="citerefentry"><span class="refentrytitle">Samba</span>(7)</span></a> suite.</p><p>The pdbedit program is used to manage the users accounts
stored in the sam database and can only be run by root.</p><p>The pdbedit tool uses the passdb modular interface and is
independent from the kind of users database used (currently there
are smbpasswd, ldap, nis+ and tdb based and more can be added
without changing the tool).</p><p>There are five main ways to use pdbedit: adding a user account,
removing a user account, modifing a user account, listing user
accounts, importing users accounts.</p></div><div class="refsect1" lang="en"><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">-L</span></dt><dd><p>This option lists all the user accounts
present in the users database.
This option prints a list of user/uid pairs separated by
the ':' character.</p><p>Example: <b class="command">pdbedit -L</b></p><pre class="screen">
sorce:500:Simo Sorce
samba:45:Test User
</pre></dd><dt><span class="term">-v</span></dt><dd><p>This option enables the verbose listing format.
It causes pdbedit to list the users in the database, printing
out the account fields in a descriptive format.</p><p>Example: <b class="command">pdbedit -l -v</b></p><pre class="screen">
---------------
username: sorce
user ID/Group: 500/500
user RID/GRID: 2000/2001
Full Name: Simo Sorce
Home Directory: \\BERSERKER\sorce
HomeDir Drive: H:
Logon Script: \\BERSERKER\netlogon\sorce.bat
Profile Path: \\BERSERKER\profile
---------------
username: samba
user ID/Group: 45/45
user RID/GRID: 1090/1091
Full Name: Test User
Home Directory: \\BERSERKER\samba
HomeDir Drive:
Logon Script:
Profile Path: \\BERSERKER\profile
</pre></dd><dt><span class="term">-w</span></dt><dd><p>This option sets the &quot;smbpasswd&quot; listing format.
It will make pdbedit list the users in the database, printing
out the account fields in a format compatible with the
<tt class="filename">smbpasswd</tt> file format. (see the
<a href="smbpasswd.5.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(5)</span></a> for details)</p><p>Example: <b class="command">pdbedit -L -w</b></p><pre class="screen">
sorce:500:508818B733CE64BEAAD3B435B51404EE:D2A2418EFC466A8A0F6B1DBB5C3DB80C:[UX ]:LCT-00000000:
samba:45:0F2B255F7B67A7A9AAD3B435B51404EE:BC281CE3F53B6A5146629CD4751D3490:[UX ]:LCT-3BFA1E8D:
</pre></dd><dt><span class="term">-u username</span></dt><dd><p>This option specifies the username to be
used for the operation requested (listing, adding, removing).
It is <span class="emphasis"><em>required</em></span> in add, remove and modify
operations and <span class="emphasis"><em>optional</em></span> in list
operations.</p></dd><dt><span class="term">-f fullname</span></dt><dd><p>This option can be used while adding or
modifing a user account. It will specify the user's full
name. </p><p>Example: <b class="command">-f &quot;Simo Sorce&quot;</b></p></dd><dt><span class="term">-h homedir</span></dt><dd><p>This option can be used while adding or
modifing a user account. It will specify the user's home
directory network path.</p><p>Example: <b class="command">-h &quot;\\\\BERSERKER\\sorce&quot;</b>
</p></dd><dt><span class="term">-D drive</span></dt><dd><p>This option can be used while adding or
modifing a user account. It will specify the windows drive
letter to be used to map the home directory.</p><p>Example: <b class="command">-d &quot;H:&quot;</b>
</p></dd><dt><span class="term">-S script</span></dt><dd><p>This option can be used while adding or
modifing a user account. It will specify the user's logon
script path.</p><p>Example: <b class="command">-s &quot;\\\\BERSERKER\\netlogon\\sorce.bat&quot;</b>
</p></dd><dt><span class="term">-p profile</span></dt><dd><p>This option can be used while adding or
modifing a user account. It will specify the user's profile
directory.</p><p>Example: <b class="command">-p &quot;\\\\BERSERKER\\netlogon&quot;</b>
</p></dd><dt><span class="term">-G SID|rid</span></dt><dd><p>
This option can be used while adding or modifying a user account. It
will specify the users' new primary group SID (Security Identifier) or
rid. </p><p>Example: <b class="command">-G S-1-5-21-2447931902-1787058256-3961074038-1201</b></p></dd><dt><span class="term">-U SID|rid</span></dt><dd><p>
This option can be used while adding or modifying a user account. It
will specify the users' new SID (Security Identifier) or
rid. </p><p>Example: <b class="command">-U S-1-5-21-2447931902-1787058256-3961074038-5004</b></p></dd><dt><span class="term">-c account-control</span></dt><dd><p>This option can be used while adding or modifying a user
account. It will specify the users' account control property. Possible
flags that can be set are: N, D, H, L, X.
</p><p>Example: <b class="command">-c &quot;[X ]&quot;</b></p></dd><dt><span class="term">-a</span></dt><dd><p>This option is used to add a user into the
database. This command needs a user name specified with
the -u switch. When adding a new user, pdbedit will also
ask for the password to be used.</p><p>Example: <b class="command">pdbedit -a -u sorce</b>
</p><pre class="programlisting">new password:
retype new password
</pre><p>
</p></dd><dt><span class="term">-r</span></dt><dd><p>This option is used to modify an existing user
in the database. This command needs a user name specified with the -u
switch. Other options can be specified to modify the properties of
the specified user. This flag is kept for backwards compatibility, but
it is no longer necessary to specify it.
</p></dd><dt><span class="term">-m</span></dt><dd><p>This option may only be used in conjunction
with the <i class="parameter"><tt>-a</tt></i> option. It will make
pdbedit to add a machine trust account instead of a user
account (-u username will provide the machine name).</p><p>Example: <b class="command">pdbedit -a -m -u w2k-wks</b>
</p></dd><dt><span class="term">-x</span></dt><dd><p>This option causes pdbedit to delete an account
from the database. It needs a username specified with the
-u switch.</p><p>Example: <b class="command">pdbedit -x -u bob</b></p></dd><dt><span class="term">-i passdb-backend</span></dt><dd><p>Use a different passdb backend to retrieve users
than the one specified in smb.conf. Can be used to import data into
your local user database.</p><p>This option will ease migration from one passdb backend to
another.</p><p>Example: <b class="command">pdbedit -i smbpasswd:/etc/smbpasswd.old
</b></p></dd><dt><span class="term">-e passdb-backend</span></dt><dd><p>Exports all currently available users to the
specified password database backend.</p><p>This option will ease migration from one passdb backend to
another and will ease backing up.</p><p>Example: <b class="command">pdbedit -e smbpasswd:/root/samba-users.backup</b></p></dd><dt><span class="term">-g</span></dt><dd><p>If you specify <i class="parameter"><tt>-g</tt></i>,
then <i class="parameter"><tt>-i in-backend -e out-backend</tt></i>
applies to the group mapping instead of the user database.</p><p>This option will ease migration from one passdb backend to
another and will ease backing up.</p></dd><dt><span class="term">-b passdb-backend</span></dt><dd><p>Use a different default passdb backend. </p><p>Example: <b class="command">pdbedit -b xml:/root/pdb-backup.xml -l</b></p></dd><dt><span class="term">-P account-policy</span></dt><dd><p>Display an account policy</p><p>Valid policies are: minimum password age, reset count minutes, disconnect time,
user must logon to change password, password history, lockout duration, min password length,
maximum password age and bad lockout attempt.</p><p>Example: <b class="command">pdbedit -P &quot;bad lockout attempt&quot;</b></p><pre class="programlisting">
account policy value for bad lockout attempt is 0
</pre></dd><dt><span class="term">-C account-policy-value</span></dt><dd><p>Sets an account policy to a specified value.
This option may only be used in conjunction
with the <i class="parameter"><tt>-P</tt></i> option.
</p><p>Example: <b class="command">pdbedit -P &quot;bad lockout attempt&quot; -C 3</b></p><pre class="programlisting">
account policy value for bad lockout attempt was 0
account policy value for bad lockout attempt is now 3
</pre></dd><dt><span class="term">-h|--help</span></dt><dd><p>Print a summary of command line options.
</p></dd><dt><span class="term">-V</span></dt><dd><p>Prints the version number for
<b class="command">smbd</b>.</p></dd><dt><span class="term">-s &lt;configuration file&gt;</span></dt><dd><p>The file specified contains the
configuration details required by the server. The
information in this file includes server-specific
information such as what printcap file to use, as well
as descriptions of all the services that the server is
to provide. See <a href="smb.conf.5.html" target="_top"><tt class="filename">
smb.conf(5)</tt></a> for more information.
The default configuration file name is determined at
compile time.</p></dd><dt><span class="term">-d|--debug=debuglevel</span></dt><dd><p><i class="replaceable"><tt>debuglevel</tt></i> is an integer
from 0 to 10. The default value if this parameter is
not specified is zero.</p><p>The higher this value, the more detail will be
logged to the log files about the activities of the
server. At level 0, only critical errors and serious
warnings will be logged. Level 1 is a reasonable level for
day to day running - it generates a small amount of
information about operations carried out.</p><p>Levels above 1 will generate considerable
amounts of log data, and should only be used when
investigating a problem. Levels above 3 are designed for
use only by developers and generate HUGE amounts of log
data, most of which is extremely cryptic.</p><p>Note that specifying this parameter here will
override the <a href="smb.conf.5.html#loglevel" target="_top">log
level</a> parameter in the <a href="smb.conf.5.html" target="_top">
<tt class="filename">smb.conf(5)</tt></a> file.</p></dd><dt><span class="term">-l|--logfile=logbasename</span></dt><dd><p>File name for log/debug files. The extension
<tt class="constant">&quot;.client&quot;</tt> will be appended. The log file is
never removed by the client.
</p></dd></dl></div></div><div class="refsect1" lang="en"><h2>NOTES</h2><p>This command may be used only by root.</p></div><div class="refsect1" lang="en"><h2>VERSION</h2><p>This man page is correct for version 3.0 of
the Samba suite.</p></div><div class="refsect1" lang="en"><h2>SEE ALSO</h2><p><a href="smbpasswd.5.html"><span class="citerefentry"><span class="refentrytitle">smbpasswd</span>(5)</span></a>, <a href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a></p></div><div class="refsect1" lang="en"><h2>AUTHOR</h2><p>The original Samba software and related utilities
were created by Andrew Tridgell. Samba is now developed
by the Samba Team as an Open Source project similar
to the way the Linux kernel is developed.</p></div></div></body></html>