mirror of
https://github.com/samba-team/samba.git
synced 2024-12-28 07:21:54 +03:00
314 lines
8.5 KiB
Groff
314 lines
8.5 KiB
Groff
.\"Generated by db2man.xsl. Don't modify this, modify the source.
|
|
.de Sh \" Subsection
|
|
.br
|
|
.if t .Sp
|
|
.ne 5
|
|
.PP
|
|
\fB\\$1\fR
|
|
.PP
|
|
..
|
|
.de Sp \" Vertical space (when we can't use .PP)
|
|
.if t .sp .5v
|
|
.if n .sp
|
|
..
|
|
.de Ip \" List item
|
|
.br
|
|
.ie \\n(.$>=3 .ne \\$3
|
|
.el .ne 3
|
|
.IP "\\$1" \\$2
|
|
..
|
|
.TH "PDBEDIT" 8 "" "" ""
|
|
.SH NAME
|
|
pdbedit \- manage the SAM database
|
|
.SH "SYNOPSIS"
|
|
|
|
.nf
|
|
\fBpdbedit\fR [-l] [-v] [-w] [-u username] [-f fullname] [-h homedir] [-D drive] [-S
|
|
script] [-p profile] [-a] [-m] [-x] [-i passdb-backend] [-e passdb-backend]
|
|
[-g] [-b passdb-backend] [-g] [-d debuglevel] [-s configfile] [-P account-policy]
|
|
[-C value]
|
|
.fi
|
|
|
|
.SH "DESCRIPTION"
|
|
|
|
.PP
|
|
This tool is part of the \fBSamba\fR(7) suite\&.
|
|
|
|
.PP
|
|
The pdbedit program is used to manage the users accounts stored in the sam database and can only be run by root\&.
|
|
|
|
.PP
|
|
The pdbedit tool uses the passdb modular interface and is independent from the kind of users database used (currently there are smbpasswd, ldap, nis+ and tdb based and more can be added without changing the tool)\&.
|
|
|
|
.PP
|
|
There are five main ways to use pdbedit: adding a user account, removing a user account, modifing a user account, listing user accounts, importing users accounts\&.
|
|
|
|
.SH "OPTIONS"
|
|
|
|
.TP
|
|
-l
|
|
This option lists all the user accounts present in the users database\&. This option prints a list of user/uid pairs separated by the ':' character\&.
|
|
|
|
|
|
Example: \fBpdbedit -l\fR
|
|
|
|
|
|
.nf
|
|
|
|
sorce:500:Simo Sorce
|
|
samba:45:Test User
|
|
.fi
|
|
|
|
|
|
.TP
|
|
-v
|
|
This option enables the verbose listing format\&. It causes pdbedit to list the users in the database, printing out the account fields in a descriptive format\&.
|
|
|
|
|
|
Example: \fBpdbedit -l -v\fR
|
|
|
|
|
|
.nf
|
|
|
|
---------------
|
|
username: sorce
|
|
user ID/Group: 500/500
|
|
user RID/GRID: 2000/2001
|
|
Full Name: Simo Sorce
|
|
Home Directory: \\\\BERSERKER\\sorce
|
|
HomeDir Drive: H:
|
|
Logon Script: \\\\BERSERKER\\netlogon\\sorce\&.bat
|
|
Profile Path: \\\\BERSERKER\\profile
|
|
---------------
|
|
username: samba
|
|
user ID/Group: 45/45
|
|
user RID/GRID: 1090/1091
|
|
Full Name: Test User
|
|
Home Directory: \\\\BERSERKER\\samba
|
|
HomeDir Drive:
|
|
Logon Script:
|
|
Profile Path: \\\\BERSERKER\\profile
|
|
.fi
|
|
|
|
|
|
.TP
|
|
-w
|
|
This option sets the "smbpasswd" listing format\&. It will make pdbedit list the users in the database, printing out the account fields in a format compatible with the \fIsmbpasswd\fR file format\&. (see the \fBsmbpasswd\fR(5) for details)
|
|
|
|
|
|
Example: \fBpdbedit -l -w\fR
|
|
|
|
|
|
sorce:500:508818B733CE64BEAAD3B435B51404EE:D2A2418EFC466A8A0F6B1DBB5C3DB80C:[UX ]:LCT-00000000:
|
|
samba:45:0F2B255F7B67A7A9AAD3B435B51404EE:BC281CE3F53B6A5146629CD4751D3490:[UX ]:LCT-3BFA1E8D:
|
|
|
|
.TP
|
|
-u username
|
|
This option specifies the username to be used for the operation requested (listing, adding, removing)\&. It is \fBrequired\fR in add, remove and modify operations and \fBoptional\fR in list operations\&.
|
|
|
|
|
|
.TP
|
|
-f fullname
|
|
This option can be used while adding or modifing a user account\&. It will specify the user's full name\&.
|
|
|
|
|
|
Example: \fB-f "Simo Sorce"\fR
|
|
|
|
|
|
.TP
|
|
-h homedir
|
|
This option can be used while adding or modifing a user account\&. It will specify the user's home directory network path\&.
|
|
|
|
|
|
Example: \fB-h "\\\\BERSERKER\\sorce"\fR
|
|
|
|
|
|
.TP
|
|
-D drive
|
|
This option can be used while adding or modifing a user account\&. It will specify the windows drive letter to be used to map the home directory\&.
|
|
|
|
|
|
Example: \fB-d "H:"\fR
|
|
|
|
|
|
.TP
|
|
-S script
|
|
This option can be used while adding or modifing a user account\&. It will specify the user's logon script path\&.
|
|
|
|
|
|
Example: \fB-s "\\\\BERSERKER\\netlogon\\sorce.bat"\fR
|
|
|
|
|
|
.TP
|
|
-p profile
|
|
This option can be used while adding or modifing a user account\&. It will specify the user's profile directory\&.
|
|
|
|
|
|
Example: \fB-p "\\\\BERSERKER\\netlogon"\fR
|
|
|
|
|
|
.TP
|
|
-a
|
|
This option is used to add a user into the database\&. This command needs a user name specified with the -u switch\&. When adding a new user, pdbedit will also ask for the password to be used\&.
|
|
|
|
|
|
Example: \fBpdbedit -a -u sorce\fR
|
|
.nf
|
|
new password:
|
|
retype new password
|
|
.fi
|
|
|
|
|
|
|
|
.TP
|
|
-m
|
|
This option may only be used in conjunction with the \fI-a\fR option\&. It will make pdbedit to add a machine trust account instead of a user account (-u username will provide the machine name)\&.
|
|
|
|
|
|
Example: \fBpdbedit -a -m -u w2k-wks\fR
|
|
|
|
|
|
.TP
|
|
-x
|
|
This option causes pdbedit to delete an account from the database\&. It needs a username specified with the -u switch\&.
|
|
|
|
|
|
Example: \fBpdbedit -x -u bob\fR
|
|
|
|
|
|
.TP
|
|
-i passdb-backend
|
|
Use a different passdb backend to retrieve users than the one specified in smb\&.conf\&. Can be used to import data into your local user database\&.
|
|
|
|
|
|
This option will ease migration from one passdb backend to another\&.
|
|
|
|
|
|
Example: \fBpdbedit -i smbpasswd:/etc/smbpasswd.old \fR
|
|
|
|
|
|
.TP
|
|
-e passdb-backend
|
|
Exports all currently available users to the specified password database backend\&.
|
|
|
|
|
|
This option will ease migration from one passdb backend to another and will ease backing up\&.
|
|
|
|
|
|
Example: \fBpdbedit -e smbpasswd:/root/samba-users.backup\fR
|
|
|
|
|
|
.TP
|
|
-g
|
|
If you specify \fI-g\fR, then \fI-i in-backend -e out-backend\fR applies to the group mapping instead of the user database\&.
|
|
|
|
|
|
This option will ease migration from one passdb backend to another and will ease backing up\&.
|
|
|
|
|
|
.TP
|
|
-g
|
|
If you specify \fI-g\fR, then \fI-i in-backend -e out-backend\fR applies to the group mapping instead of the user database\&.
|
|
|
|
|
|
This option will ease migration from one passdb backend to another and will ease backing up\&.
|
|
|
|
|
|
.TP
|
|
-b passdb-backend
|
|
Use a different default passdb backend\&.
|
|
|
|
|
|
Example: \fBpdbedit -b xml:/root/pdb-backup.xml -l\fR
|
|
|
|
|
|
.TP
|
|
-P account-policy
|
|
Display an account policy
|
|
|
|
|
|
Valid policies are: minimum password age, reset count minutes, disconnect time, user must logon to change password, password history, lockout duration, min password length, maximum password age and bad lockout attempt\&.
|
|
|
|
|
|
Example: \fBpdbedit -P "bad lockout attempt"\fR
|
|
|
|
|
|
.nf
|
|
|
|
account policy value for bad lockout attempt is 0
|
|
.fi
|
|
|
|
|
|
.TP
|
|
-C account-policy-value
|
|
Sets an account policy to a specified value\&. This option may only be used in conjunction with the \fI-P\fR option\&.
|
|
|
|
|
|
Example: \fBpdbedit -P "bad lockout attempt" -C 3\fR
|
|
|
|
|
|
.nf
|
|
|
|
account policy value for bad lockout attempt was 0
|
|
account policy value for bad lockout attempt is now 3
|
|
.fi
|
|
|
|
|
|
.TP
|
|
-h|--help
|
|
Print a summary of command line options\&.
|
|
|
|
|
|
.TP
|
|
-V
|
|
Prints the version number for \fBsmbd\fR\&.
|
|
|
|
|
|
.TP
|
|
-s <configuration file>
|
|
The file specified contains the configuration details required by the server\&. The information in this file includes server-specific information such as what printcap file to use, as well as descriptions of all the services that the server is to provide\&. See \fI smb\&.conf(5)\fR for more information\&. The default configuration file name is determined at compile time\&.
|
|
|
|
|
|
.TP
|
|
-d|--debug=debuglevel
|
|
\fIdebuglevel\fR is an integer from 0 to 10\&. The default value if this parameter is not specified is zero\&.
|
|
|
|
|
|
The higher this value, the more detail will be logged to the log files about the activities of the server\&. At level 0, only critical errors and serious warnings will be logged\&. Level 1 is a reasonable level for day to day running - it generates a small amount of information about operations carried out\&.
|
|
|
|
|
|
Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem\&. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic\&.
|
|
|
|
|
|
Note that specifying this parameter here will override the log level parameter in the \fIsmb\&.conf(5)\fR file\&.
|
|
|
|
|
|
.TP
|
|
-l|--logfile=logbasename
|
|
File name for log/debug files\&. The extension \fB"\&.client"\fR will be appended\&. The log file is never removed by the client\&.
|
|
|
|
|
|
.SH "NOTES"
|
|
|
|
.PP
|
|
This command may be used only by root\&.
|
|
|
|
.SH "VERSION"
|
|
|
|
.PP
|
|
This man page is correct for version 2\&.2 of the Samba suite\&.
|
|
|
|
.SH "SEE ALSO"
|
|
|
|
.PP
|
|
\fBsmbpasswd\fR(5), \fBsamba\fR(7)
|
|
|
|
.SH "AUTHOR"
|
|
|
|
.PP
|
|
The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&.
|
|
|
|
.PP
|
|
The original Samba man pages were written by Karl Auer\&. The man page sources were converted to YODL format (another excellent piece of Open Source software, available at ftp://ftp\&.icce\&.rug\&.nl/pub/unix/) and updated for the Samba 2\&.0 release by Jeremy Allison\&. The conversion to DocBook for Samba 2\&.2 was done by Gerald Carter\&. The conversion to DocBook XML 4\&.2 for Samba 3\&.0 was done by Alexander Bokovoy\&.
|
|
|