diff options
Diffstat (limited to 'docs/htmldocs/smbpasswd.8.html')
| -rw-r--r-- | docs/htmldocs/smbpasswd.8.html | 533 |
1 files changed, 249 insertions, 284 deletions
diff --git a/docs/htmldocs/smbpasswd.8.html b/docs/htmldocs/smbpasswd.8.html index 6bff986f751..dfcb71baed2 100644 --- a/docs/htmldocs/smbpasswd.8.html +++ b/docs/htmldocs/smbpasswd.8.html @@ -33,24 +33,15 @@ NAME="AEN8" ><H2 >Synopsis</H2 ><P ->When run by root:</P -><P ><B CLASS="COMMAND" >smbpasswd</B -> [options] [username] [password]</P -><P ->otherwise:</P -><P -><B -CLASS="COMMAND" ->smbpasswd</B -> [options] [password]</P +> [-a] [-x] [-d] [-e] [-D debuglevel] [-n] [-r <remote machine>] [-R <name resolve order>] [-m] [-j DOMAIN] [-U username[%password]] [-h] [-s] [-w pass] [username]</P ></DIV ><DIV CLASS="REFSECT1" ><A -NAME="AEN20" +NAME="AEN26" ></A ><H2 >DESCRIPTION</H2 @@ -119,7 +110,7 @@ CLASS="COMMAND" ><DIV CLASS="REFSECT1" ><A -NAME="AEN36" +NAME="AEN42" ></A ><H2 >OPTIONS</H2 @@ -129,166 +120,13 @@ NAME="AEN36" CLASS="VARIABLELIST" ><DL ><DT ->-L</DT -><DD -><P ->Run the smbpasswd command in local mode. This - allows a non-root user to specify the root-only options. This - is used mostly in test environments where a non-root user needs - to make changes to the local <TT -CLASS="FILENAME" ->smbpasswd</TT -> file. - The <TT -CLASS="FILENAME" ->smbpasswd</TT -> file must have read/write - permissions for the user running the command.</P -></DD -><DT ->-h</DT -><DD -><P ->This option prints the help string for - <B -CLASS="COMMAND" ->smbpasswd</B ->. </P -></DD -><DT ->-s</DT -><DD -><P ->This option causes smbpasswd to be silent (i.e. - not issue prompts) and to read its old and new passwords from - standard input, rather than from <TT -CLASS="FILENAME" ->/dev/tty</TT -> - (like the <B -CLASS="COMMAND" ->passwd(1)</B -> program does). This option - is to aid people writing scripts to drive smbpasswd</P -></DD -><DT ->-c smb.conf file</DT -><DD -><P ->This option specifies that the configuration - file specified should be used instead of the default value - specified at compile time. </P -></DD -><DT ->-D debuglevel</DT -><DD -><P -><TT -CLASS="REPLACEABLE" -><I ->debuglevel</I -></TT -> is an integer - from 0 to 10. The default value if this parameter is not specified - is zero. </P -><P ->The higher this value, the more detail will be logged to the - log files about the activities of smbpasswd. At level 0, only - critical errors and serious warnings will be logged. </P -><P ->Levels above 1 will generate considerable amounts of log - data, and should only be used when investigating a problem. Levels - above 3 are designed for use only by developers and generate - HUGE amounts of log data, most of which is extremely cryptic. - </P -></DD -><DT ->-r remote machine name</DT -><DD -><P ->This option allows a user to specify what machine - they wish to change their password on. Without this parameter - smbpasswd defaults to the local host. The <TT -CLASS="REPLACEABLE" -><I ->remote - machine name</I -></TT -> is the NetBIOS name of the SMB/CIFS - server to contact to attempt the password change. This name is - resolved into an IP address using the standard name resolution - mechanism in all programs of the Samba suite. See the <TT -CLASS="PARAMETER" -><I ->-R - name resolve order</I -></TT -> parameter for details on changing - this resolving mechanism. </P -><P ->The username whose password is changed is that of the - current UNIX logged on user. See the <TT -CLASS="PARAMETER" -><I ->-U username</I -></TT -> - parameter for details on changing the password for a different - username. </P -><P ->Note that if changing a Windows NT Domain password the - remote machine specified must be the Primary Domain Controller for - the domain (Backup Domain Controllers only have a read-only - copy of the user account database and will not allow the password - change).</P -><P -><EM ->Note</EM -> that Windows 95/98 do not have - a real password database so it is not possible to change passwords - specifying a Win95/98 machine as remote machine target. </P -></DD -><DT ->-U username[%pass]</DT -><DD -><P ->This option may only be used in conjunction - with the <TT -CLASS="PARAMETER" -><I ->-r</I -></TT -> option. When changing - a password on a remote machine it allows the user to specify - the user name on that machine whose password will be changed. It - is present to allow users who have different user names on - different systems to change these passwords. The optional - %pass may be used to specify to old password.</P -><P ->In particular, this parameter specifies the username - used to create the machine account when invoked with -j</P -></DD -><DT -><B -CLASS="COMMAND" ->NOTE:</B -></DT -><DD -><P -><B -CLASS="COMMAND" ->The following options are available only when the smbpasswd command is -run as root or in local mode.</B -></P -></DD -><DT >-a</DT ><DD ><P >This option specifies that the username following should be added to the local smbpasswd file, with the - new password typed. This - option is ignored if the username specified already exists in + new password typed (type <Enter> for the old password). This + option is ignored if the username following already exists in the smbpasswd file and it is treated like a regular change password command. Note that the user to be added must already exist in the system password file (usually <TT @@ -296,6 +134,20 @@ CLASS="FILENAME" >/etc/passwd</TT >) else the request to add the user will fail. </P +><P +>This option is only available when running smbpasswd + as root. </P +></DD +><DT +>-x</DT +><DD +><P +>This option specifies that the username + following should be deleted from the local smbpasswd file. + </P +><P +>This option is only available when running smbpasswd as + root.</P ></DD ><DT >-d</DT @@ -323,6 +175,9 @@ CLASS="COMMAND" </B > for details on the 'old' and new password file formats. </P +><P +>This option is only available when running smbpasswd as + root.</P ></DD ><DT >-e</DT @@ -353,14 +208,32 @@ CLASS="COMMAND" >smbpasswd (5)</B > for details on the 'old' and new password file formats. </P +><P +>This option is only available when running smbpasswd as root. + </P ></DD ><DT ->-m</DT +>-D debuglevel</DT ><DD ><P ->This option tells smbpasswd that the account - being changed is a MACHINE account. Currently this is used - when Samba is being used as an NT Primary Domain Controller.</P +><TT +CLASS="REPLACEABLE" +><I +>debuglevel</I +></TT +> is an integer + from 0 to 10. The default value if this parameter is not specified + is zero. </P +><P +>The higher this value, the more detail will be logged to the + log files about the activities of smbpasswd. At level 0, only + critical errors and serious warnings will be logged. </P +><P +>Levels above 1 will generate considerable amounts of log + data, and should only be used when investigating a problem. Levels + above 3 are designed for use only by developers and generate + HUGE amounts of log data, most of which is extremely cryptic. + </P ></DD ><DT >-n</DT @@ -384,54 +257,156 @@ CLASS="FILENAME" CLASS="COMMAND" >null passwords = yes</B ></P +><P +>This option is only available when running smbpasswd as + root.</P ></DD ><DT ->-w password</DT +>-r remote machine name</DT ><DD ><P ->This parameter is only available is Samba - has been configured to use the experimental - <B -CLASS="COMMAND" ->--with-ldapsam</B -> option. The <TT +>This option allows a user to specify what machine + they wish to change their password on. Without this parameter + smbpasswd defaults to the local host. The <TT +CLASS="REPLACEABLE" +><I +>remote + machine name</I +></TT +> is the NetBIOS name of the SMB/CIFS + server to contact to attempt the password change. This name is + resolved into an IP address using the standard name resolution + mechanism in all programs of the Samba suite. See the <TT CLASS="PARAMETER" ><I ->-w</I +>-R + name resolve order</I ></TT -> - switch is used to specify the password to be used with the - <A -HREF="smb.conf.5.html#LDAPADMINDN" +> parameter for details on changing + this resolving mechanism. </P +><P +>The username whose password is changed is that of the + current UNIX logged on user. See the <TT +CLASS="PARAMETER" +><I +>-U username</I +></TT +> + parameter for details on changing the password for a different + username. </P +><P +>Note that if changing a Windows NT Domain password the + remote machine specified must be the Primary Domain Controller for + the domain (Backup Domain Controllers only have a read-only + copy of the user account database and will not allow the password + change).</P +><P +><EM +>Note</EM +> that Windows 95/98 do not have + a real password database so it is not possible to change passwords + specifying a Win95/98 machine as remote machine target. </P +></DD +><DT +>-R name resolve order</DT +><DD +><P +>This option allows the user of smbpasswd to determine + what name resolution services to use when looking up the NetBIOS + name of the host being connected to. </P +><P +>The options are :"lmhosts", "host", "wins" and "bcast". They cause + names to be resolved as follows : </P +><P +></P +><UL +><LI +><P +><TT +CLASS="CONSTANT" +>lmhosts</TT +> : Lookup an IP + address in the Samba lmhosts file. If the line in lmhosts has + no name type attached to the NetBIOS name (see the <A +HREF="lmhosts.5.html" TARGET="_top" +>lmhosts(5)</A +> for details) then + any name type matches for lookup.</P +></LI +><LI +><P ><TT +CLASS="CONSTANT" +>host</TT +> : Do a standard host + name to IP address resolution, using the system <TT +CLASS="FILENAME" +>/etc/hosts + </TT +>, NIS, or DNS lookups. This method of name resolution + is operating system depended for instance on IRIX or Solaris this + may be controlled by the <TT +CLASS="FILENAME" +>/etc/nsswitch.conf</TT +> + file). Note that this method is only used if the NetBIOS name + type being queried is the 0x20 (server) name type, otherwise + it is ignored.</P +></LI +><LI +><P +><TT +CLASS="CONSTANT" +>wins</TT +> : Query a name with + the IP address listed in the <TT CLASS="PARAMETER" ><I ->ldap admin - dn</I +>wins server</I ></TT -></A ->. Note that the password is stored in - the <TT -CLASS="FILENAME" ->private/secrets.tdb</TT -> and is keyed off - of the admin's DN. This means that if the value of <TT +> + parameter. If no WINS server has been specified this method + will be ignored.</P +></LI +><LI +><P +><TT +CLASS="CONSTANT" +>bcast</TT +> : Do a broadcast on + each of the known local interfaces listed in the + <TT CLASS="PARAMETER" ><I ->ldap - admin dn</I +>interfaces</I ></TT -> ever changes, the password will beed to be - manually updated as well. - </P +> parameter. This is the least + reliable of the name resolution methods as it depends on the + target host being on a locally connected subnet.</P +></LI +></UL +><P +>The default order is <B +CLASS="COMMAND" +>lmhosts, host, wins, bcast</B +> + and without this parameter or any entry in the + <TT +CLASS="FILENAME" +>smb.conf</TT +> file the name resolution methods will + be attempted in this order. </P ></DD ><DT ->-x</DT +>-m</DT ><DD ><P ->This option specifies that the username - following should be deleted from the local smbpasswd file. +>This option tells smbpasswd that the account + being changed is a MACHINE account. Currently this is used + when Samba is being used as an NT Primary Domain Controller.</P +><P +>This option is only available when running smbpasswd as root. </P ></DD ><DT @@ -505,97 +480,95 @@ CLASS="COMMAND" >winbindd(8)</B > daemon can be used to create UNIX accounts for NT users.</P +><P +>This option is only available when running smbpasswd as root. + </P ></DD ><DT ->-R name resolve order</DT +>-U username</DT ><DD ><P ->This option allows the user of smbpasswd to determine - what name resolution services to use when looking up the NetBIOS - name of the host being connected to. </P -><P ->The options are :"lmhosts", "host", "wins" and "bcast". They cause - names to be resolved as follows : </P +>This option may only be used in conjunction + with the <TT +CLASS="PARAMETER" +><I +>-r</I +></TT +> option. When changing + a password on a remote machine it allows the user to specify + the user name on that machine whose password will be changed. It + is present to allow users who have different user names on + different systems to change these passwords. </P ><P -></P -><UL -><LI +>In particular, this parameter specifies the username + used to create the machine account when invoked with -j</P +></DD +><DT +>-h</DT +><DD ><P -><TT -CLASS="CONSTANT" ->lmhosts</TT -> : Lookup an IP - address in the Samba lmhosts file. If the line in lmhosts has - no name type attached to the NetBIOS name (see the <A -HREF="lmhosts.5.html" -TARGET="_top" ->lmhosts(5)</A -> for details) then - any name type matches for lookup.</P -></LI -><LI +>This option prints the help string for <B +CLASS="COMMAND" +> smbpasswd</B +>, selecting the correct one for running as root + or as an ordinary user. </P +></DD +><DT +>-s</DT +><DD ><P -><TT -CLASS="CONSTANT" ->host</TT -> : Do a standard host - name to IP address resolution, using the system <TT -CLASS="FILENAME" ->/etc/hosts - </TT ->, NIS, or DNS lookups. This method of name resolution - is operating system dependent. For instance, on IRIX or Solaris this - may be controlled by the <TT +>This option causes smbpasswd to be silent (i.e. + not issue prompts) and to read its old and new passwords from + standard input, rather than from <TT CLASS="FILENAME" ->/etc/nsswitch.conf</TT +>/dev/tty</TT > - file). Note that this method is only used if the NetBIOS name - type being queried is the 0x20 (server) name type, otherwise - it is ignored.</P -></LI -><LI + (like the <B +CLASS="COMMAND" +>passwd(1)</B +> program does). This option + is to aid people writing scripts to drive smbpasswd</P +></DD +><DT +>-w password</DT +><DD ><P -><TT -CLASS="CONSTANT" ->wins</TT -> : Query a name with - the IP address listed in the <TT +>This parameter is only available is Samba + has been configured to use the experimental + <B +CLASS="COMMAND" +>--with-ldapsam</B +> option. The <TT CLASS="PARAMETER" ><I ->wins server</I +>-w</I ></TT > - parameter. If no WINS server has been specified this method - will be ignored.</P -></LI -><LI -><P + switch is used to specify the password to be used with the + <A +HREF="smb.conf.5.html#LDAPADMINDN" +TARGET="_top" ><TT -CLASS="CONSTANT" ->bcast</TT -> : Do a broadcast on - each of the known local interfaces listed in the - <TT CLASS="PARAMETER" ><I ->interfaces</I +>ldap admin + dn</I ></TT -> parameter. This is the least - reliable of the name resolution methods as it depends on the - target host being on a locally connected subnet.</P -></LI -></UL -><P ->The default order is <B -CLASS="COMMAND" ->lmhosts, host, wins, bcast</B -> - and without this parameter or any entry in the - <TT +></A +>. Note that the password is stored in + the <TT CLASS="FILENAME" ->smb.conf</TT -> file the name resolution methods will - be attempted in this order. </P +>private/secrets.tdb</TT +> and is keyed off + of the admin's DN. This means that if the value of <TT +CLASS="PARAMETER" +><I +>ldap + admin dn</I +></TT +> ever changes, the password will beed to be + manually updated as well. + </P ></DD ><DT >username</DT @@ -609,21 +582,13 @@ CLASS="FILENAME" to modify attributes directly in the local smbpasswd file. </P ></DD -><DT ->password</DT -><DD -><P ->This specifies the new password. If this parameter - is specified you will not be prompted for the new password. - </P -></DD ></DL ></DIV ></DIV ><DIV CLASS="REFSECT1" ><A -NAME="AEN195" +NAME="AEN188" ></A ><H2 >NOTES</H2 @@ -666,7 +631,7 @@ CLASS="FILENAME" ><DIV CLASS="REFSECT1" ><A -NAME="AEN205" +NAME="AEN198" ></A ><H2 >VERSION</H2 @@ -677,7 +642,7 @@ NAME="AEN205" ><DIV CLASS="REFSECT1" ><A -NAME="AEN208" +NAME="AEN201" ></A ><H2 >SEE ALSO</H2 @@ -700,7 +665,7 @@ TARGET="_top" ><DIV CLASS="REFSECT1" ><A -NAME="AEN214" +NAME="AEN207" ></A ><H2 >AUTHOR</H2 |