diff options
| author | Jeremy Allison <jra@samba.org> | 2002-04-30 13:28:41 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2002-04-30 13:28:41 +0000 |
| commit | d04b55f2186fb8af998cf61c576771a5f72f4892 (patch) | |
| tree | 9ff8c3a7cf34cefc0ee9a550a3bb1236a9e77595 /docs/htmldocs/smbpasswd.8.html | |
| parent | 73267ca42d9eddabb71b31b4c5068ebbe7bc9f7c (diff) | |
| download | samba-d04b55f2186fb8af998cf61c576771a5f72f4892.tar.gz samba-d04b55f2186fb8af998cf61c576771a5f72f4892.tar.xz samba-d04b55f2186fb8af998cf61c576771a5f72f4892.zip | |
Start of merge to 2_2_RELEASE branch for release.
Jeremy.
Diffstat (limited to 'docs/htmldocs/smbpasswd.8.html')
| -rw-r--r-- | docs/htmldocs/smbpasswd.8.html | 533 |
1 files changed, 284 insertions, 249 deletions
diff --git a/docs/htmldocs/smbpasswd.8.html b/docs/htmldocs/smbpasswd.8.html index dfcb71baed2..6bff986f751 100644 --- a/docs/htmldocs/smbpasswd.8.html +++ b/docs/htmldocs/smbpasswd.8.html @@ -33,15 +33,24 @@ NAME="AEN8" ><H2 >Synopsis</H2 ><P +>When run by root:</P +><P ><B CLASS="COMMAND" >smbpasswd</B -> [-a] [-x] [-d] [-e] [-D debuglevel] [-n] [-r <remote machine>] [-R <name resolve order>] [-m] [-j DOMAIN] [-U username[%password]] [-h] [-s] [-w pass] [username]</P +> [options] [username] [password]</P +><P +>otherwise:</P +><P +><B +CLASS="COMMAND" +>smbpasswd</B +> [options] [password]</P ></DIV ><DIV CLASS="REFSECT1" ><A -NAME="AEN26" +NAME="AEN20" ></A ><H2 >DESCRIPTION</H2 @@ -110,7 +119,7 @@ CLASS="COMMAND" ><DIV CLASS="REFSECT1" ><A -NAME="AEN42" +NAME="AEN36" ></A ><H2 >OPTIONS</H2 @@ -120,13 +129,166 @@ NAME="AEN42" CLASS="VARIABLELIST" ><DL ><DT +>-L</DT +><DD +><P +>Run the smbpasswd command in local mode. This + allows a non-root user to specify the root-only options. This + is used mostly in test environments where a non-root user needs + to make changes to the local <TT +CLASS="FILENAME" +>smbpasswd</TT +> file. + The <TT +CLASS="FILENAME" +>smbpasswd</TT +> file must have read/write + permissions for the user running the command.</P +></DD +><DT +>-h</DT +><DD +><P +>This option prints the help string for + <B +CLASS="COMMAND" +>smbpasswd</B +>. </P +></DD +><DT +>-s</DT +><DD +><P +>This option causes smbpasswd to be silent (i.e. + not issue prompts) and to read its old and new passwords from + standard input, rather than from <TT +CLASS="FILENAME" +>/dev/tty</TT +> + (like the <B +CLASS="COMMAND" +>passwd(1)</B +> program does). This option + is to aid people writing scripts to drive smbpasswd</P +></DD +><DT +>-c smb.conf file</DT +><DD +><P +>This option specifies that the configuration + file specified should be used instead of the default value + specified at compile time. </P +></DD +><DT +>-D debuglevel</DT +><DD +><P +><TT +CLASS="REPLACEABLE" +><I +>debuglevel</I +></TT +> is an integer + from 0 to 10. The default value if this parameter is not specified + is zero. </P +><P +>The higher this value, the more detail will be logged to the + log files about the activities of smbpasswd. At level 0, only + critical errors and serious warnings will be logged. </P +><P +>Levels above 1 will generate considerable amounts of log + data, and should only be used when investigating a problem. Levels + above 3 are designed for use only by developers and generate + HUGE amounts of log data, most of which is extremely cryptic. + </P +></DD +><DT +>-r remote machine name</DT +><DD +><P +>This option allows a user to specify what machine + they wish to change their password on. Without this parameter + smbpasswd defaults to the local host. The <TT +CLASS="REPLACEABLE" +><I +>remote + machine name</I +></TT +> is the NetBIOS name of the SMB/CIFS + server to contact to attempt the password change. This name is + resolved into an IP address using the standard name resolution + mechanism in all programs of the Samba suite. See the <TT +CLASS="PARAMETER" +><I +>-R + name resolve order</I +></TT +> parameter for details on changing + this resolving mechanism. </P +><P +>The username whose password is changed is that of the + current UNIX logged on user. See the <TT +CLASS="PARAMETER" +><I +>-U username</I +></TT +> + parameter for details on changing the password for a different + username. </P +><P +>Note that if changing a Windows NT Domain password the + remote machine specified must be the Primary Domain Controller for + the domain (Backup Domain Controllers only have a read-only + copy of the user account database and will not allow the password + change).</P +><P +><EM +>Note</EM +> that Windows 95/98 do not have + a real password database so it is not possible to change passwords + specifying a Win95/98 machine as remote machine target. </P +></DD +><DT +>-U username[%pass]</DT +><DD +><P +>This option may only be used in conjunction + with the <TT +CLASS="PARAMETER" +><I +>-r</I +></TT +> option. When changing + a password on a remote machine it allows the user to specify + the user name on that machine whose password will be changed. It + is present to allow users who have different user names on + different systems to change these passwords. The optional + %pass may be used to specify to old password.</P +><P +>In particular, this parameter specifies the username + used to create the machine account when invoked with -j</P +></DD +><DT +><B +CLASS="COMMAND" +>NOTE:</B +></DT +><DD +><P +><B +CLASS="COMMAND" +>The following options are available only when the smbpasswd command is +run as root or in local mode.</B +></P +></DD +><DT >-a</DT ><DD ><P >This option specifies that the username following should be added to the local smbpasswd file, with the - new password typed (type <Enter> for the old password). This - option is ignored if the username following already exists in + new password typed. This + option is ignored if the username specified already exists in the smbpasswd file and it is treated like a regular change password command. Note that the user to be added must already exist in the system password file (usually <TT @@ -134,20 +296,6 @@ CLASS="FILENAME" >/etc/passwd</TT >) else the request to add the user will fail. </P -><P ->This option is only available when running smbpasswd - as root. </P -></DD -><DT ->-x</DT -><DD -><P ->This option specifies that the username - following should be deleted from the local smbpasswd file. - </P -><P ->This option is only available when running smbpasswd as - root.</P ></DD ><DT >-d</DT @@ -175,9 +323,6 @@ CLASS="COMMAND" </B > for details on the 'old' and new password file formats. </P -><P ->This option is only available when running smbpasswd as - root.</P ></DD ><DT >-e</DT @@ -208,32 +353,14 @@ CLASS="COMMAND" >smbpasswd (5)</B > for details on the 'old' and new password file formats. </P -><P ->This option is only available when running smbpasswd as root. - </P ></DD ><DT ->-D debuglevel</DT +>-m</DT ><DD ><P -><TT -CLASS="REPLACEABLE" -><I ->debuglevel</I -></TT -> is an integer - from 0 to 10. The default value if this parameter is not specified - is zero. </P -><P ->The higher this value, the more detail will be logged to the - log files about the activities of smbpasswd. At level 0, only - critical errors and serious warnings will be logged. </P -><P ->Levels above 1 will generate considerable amounts of log - data, and should only be used when investigating a problem. Levels - above 3 are designed for use only by developers and generate - HUGE amounts of log data, most of which is extremely cryptic. - </P +>This option tells smbpasswd that the account + being changed is a MACHINE account. Currently this is used + when Samba is being used as an NT Primary Domain Controller.</P ></DD ><DT >-n</DT @@ -257,156 +384,54 @@ CLASS="FILENAME" CLASS="COMMAND" >null passwords = yes</B ></P -><P ->This option is only available when running smbpasswd as - root.</P ></DD ><DT ->-r remote machine name</DT +>-w password</DT ><DD ><P ->This option allows a user to specify what machine - they wish to change their password on. Without this parameter - smbpasswd defaults to the local host. The <TT -CLASS="REPLACEABLE" -><I ->remote - machine name</I -></TT -> is the NetBIOS name of the SMB/CIFS - server to contact to attempt the password change. This name is - resolved into an IP address using the standard name resolution - mechanism in all programs of the Samba suite. See the <TT -CLASS="PARAMETER" -><I ->-R - name resolve order</I -></TT -> parameter for details on changing - this resolving mechanism. </P -><P ->The username whose password is changed is that of the - current UNIX logged on user. See the <TT +>This parameter is only available is Samba + has been configured to use the experimental + <B +CLASS="COMMAND" +>--with-ldapsam</B +> option. The <TT CLASS="PARAMETER" ><I ->-U username</I +>-w</I ></TT -> - parameter for details on changing the password for a different - username. </P -><P ->Note that if changing a Windows NT Domain password the - remote machine specified must be the Primary Domain Controller for - the domain (Backup Domain Controllers only have a read-only - copy of the user account database and will not allow the password - change).</P -><P -><EM ->Note</EM -> that Windows 95/98 do not have - a real password database so it is not possible to change passwords - specifying a Win95/98 machine as remote machine target. </P -></DD -><DT ->-R name resolve order</DT -><DD -><P ->This option allows the user of smbpasswd to determine - what name resolution services to use when looking up the NetBIOS - name of the host being connected to. </P -><P ->The options are :"lmhosts", "host", "wins" and "bcast". They cause - names to be resolved as follows : </P -><P -></P -><UL -><LI -><P -><TT -CLASS="CONSTANT" ->lmhosts</TT -> : Lookup an IP - address in the Samba lmhosts file. If the line in lmhosts has - no name type attached to the NetBIOS name (see the <A -HREF="lmhosts.5.html" -TARGET="_top" ->lmhosts(5)</A -> for details) then - any name type matches for lookup.</P -></LI -><LI -><P -><TT -CLASS="CONSTANT" ->host</TT -> : Do a standard host - name to IP address resolution, using the system <TT -CLASS="FILENAME" ->/etc/hosts - </TT ->, NIS, or DNS lookups. This method of name resolution - is operating system depended for instance on IRIX or Solaris this - may be controlled by the <TT -CLASS="FILENAME" ->/etc/nsswitch.conf</TT > - file). Note that this method is only used if the NetBIOS name - type being queried is the 0x20 (server) name type, otherwise - it is ignored.</P -></LI -><LI -><P + switch is used to specify the password to be used with the + <A +HREF="smb.conf.5.html#LDAPADMINDN" +TARGET="_top" ><TT -CLASS="CONSTANT" ->wins</TT -> : Query a name with - the IP address listed in the <TT CLASS="PARAMETER" ><I ->wins server</I +>ldap admin + dn</I ></TT -> - parameter. If no WINS server has been specified this method - will be ignored.</P -></LI -><LI -><P -><TT -CLASS="CONSTANT" ->bcast</TT -> : Do a broadcast on - each of the known local interfaces listed in the - <TT +></A +>. Note that the password is stored in + the <TT +CLASS="FILENAME" +>private/secrets.tdb</TT +> and is keyed off + of the admin's DN. This means that if the value of <TT CLASS="PARAMETER" ><I ->interfaces</I +>ldap + admin dn</I ></TT -> parameter. This is the least - reliable of the name resolution methods as it depends on the - target host being on a locally connected subnet.</P -></LI -></UL -><P ->The default order is <B -CLASS="COMMAND" ->lmhosts, host, wins, bcast</B -> - and without this parameter or any entry in the - <TT -CLASS="FILENAME" ->smb.conf</TT -> file the name resolution methods will - be attempted in this order. </P +> ever changes, the password will beed to be + manually updated as well. + </P ></DD ><DT ->-m</DT +>-x</DT ><DD ><P ->This option tells smbpasswd that the account - being changed is a MACHINE account. Currently this is used - when Samba is being used as an NT Primary Domain Controller.</P -><P ->This option is only available when running smbpasswd as root. +>This option specifies that the username + following should be deleted from the local smbpasswd file. </P ></DD ><DT @@ -480,95 +505,97 @@ CLASS="COMMAND" >winbindd(8)</B > daemon can be used to create UNIX accounts for NT users.</P -><P ->This option is only available when running smbpasswd as root. - </P ></DD ><DT ->-U username</DT +>-R name resolve order</DT ><DD ><P ->This option may only be used in conjunction - with the <TT -CLASS="PARAMETER" -><I ->-r</I -></TT -> option. When changing - a password on a remote machine it allows the user to specify - the user name on that machine whose password will be changed. It - is present to allow users who have different user names on - different systems to change these passwords. </P +>This option allows the user of smbpasswd to determine + what name resolution services to use when looking up the NetBIOS + name of the host being connected to. </P ><P ->In particular, this parameter specifies the username - used to create the machine account when invoked with -j</P -></DD -><DT ->-h</DT -><DD +>The options are :"lmhosts", "host", "wins" and "bcast". They cause + names to be resolved as follows : </P ><P ->This option prints the help string for <B -CLASS="COMMAND" -> smbpasswd</B ->, selecting the correct one for running as root - or as an ordinary user. </P -></DD -><DT ->-s</DT -><DD +></P +><UL +><LI ><P ->This option causes smbpasswd to be silent (i.e. - not issue prompts) and to read its old and new passwords from - standard input, rather than from <TT +><TT +CLASS="CONSTANT" +>lmhosts</TT +> : Lookup an IP + address in the Samba lmhosts file. If the line in lmhosts has + no name type attached to the NetBIOS name (see the <A +HREF="lmhosts.5.html" +TARGET="_top" +>lmhosts(5)</A +> for details) then + any name type matches for lookup.</P +></LI +><LI +><P +><TT +CLASS="CONSTANT" +>host</TT +> : Do a standard host + name to IP address resolution, using the system <TT CLASS="FILENAME" ->/dev/tty</TT +>/etc/hosts + </TT +>, NIS, or DNS lookups. This method of name resolution + is operating system dependent. For instance, on IRIX or Solaris this + may be controlled by the <TT +CLASS="FILENAME" +>/etc/nsswitch.conf</TT > - (like the <B -CLASS="COMMAND" ->passwd(1)</B -> program does). This option - is to aid people writing scripts to drive smbpasswd</P -></DD -><DT ->-w password</DT -><DD + file). Note that this method is only used if the NetBIOS name + type being queried is the 0x20 (server) name type, otherwise + it is ignored.</P +></LI +><LI ><P ->This parameter is only available is Samba - has been configured to use the experimental - <B -CLASS="COMMAND" ->--with-ldapsam</B -> option. The <TT +><TT +CLASS="CONSTANT" +>wins</TT +> : Query a name with + the IP address listed in the <TT CLASS="PARAMETER" ><I ->-w</I +>wins server</I ></TT > - switch is used to specify the password to be used with the - <A -HREF="smb.conf.5.html#LDAPADMINDN" -TARGET="_top" + parameter. If no WINS server has been specified this method + will be ignored.</P +></LI +><LI +><P ><TT +CLASS="CONSTANT" +>bcast</TT +> : Do a broadcast on + each of the known local interfaces listed in the + <TT CLASS="PARAMETER" ><I ->ldap admin - dn</I +>interfaces</I ></TT -></A ->. Note that the password is stored in - the <TT +> parameter. This is the least + reliable of the name resolution methods as it depends on the + target host being on a locally connected subnet.</P +></LI +></UL +><P +>The default order is <B +CLASS="COMMAND" +>lmhosts, host, wins, bcast</B +> + and without this parameter or any entry in the + <TT CLASS="FILENAME" ->private/secrets.tdb</TT -> and is keyed off - of the admin's DN. This means that if the value of <TT -CLASS="PARAMETER" -><I ->ldap - admin dn</I -></TT -> ever changes, the password will beed to be - manually updated as well. - </P +>smb.conf</TT +> file the name resolution methods will + be attempted in this order. </P ></DD ><DT >username</DT @@ -582,13 +609,21 @@ CLASS="PARAMETER" to modify attributes directly in the local smbpasswd file. </P ></DD +><DT +>password</DT +><DD +><P +>This specifies the new password. If this parameter + is specified you will not be prompted for the new password. + </P +></DD ></DL ></DIV ></DIV ><DIV CLASS="REFSECT1" ><A -NAME="AEN188" +NAME="AEN195" ></A ><H2 >NOTES</H2 @@ -631,7 +666,7 @@ CLASS="FILENAME" ><DIV CLASS="REFSECT1" ><A -NAME="AEN198" +NAME="AEN205" ></A ><H2 >VERSION</H2 @@ -642,7 +677,7 @@ NAME="AEN198" ><DIV CLASS="REFSECT1" ><A -NAME="AEN201" +NAME="AEN208" ></A ><H2 >SEE ALSO</H2 @@ -665,7 +700,7 @@ TARGET="_top" ><DIV CLASS="REFSECT1" ><A -NAME="AEN207" +NAME="AEN214" ></A ><H2 >AUTHOR</H2 |