1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
8 CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
19 NAME="PDBEDIT">pdbedit</H1
27 >pdbedit -- manage the SAM database</DIV
29 CLASS="REFSYNOPSISDIV"
37 > [-l] [-v] [-w] [-u username] [-f fullname] [-h homedir] [-D drive] [-S script] [-p profile] [-a] [-m] [-x] [-i passdb-backend] [-e passdb-backend] [-g] [-b passdb-backend] [-d debuglevel] [-s configfile] [-P account-policy] [-V value]</P
47 >This tool is part of the <A
53 >The pdbedit program is used to manage the users accounts
54 stored in the sam database and can only be run by root.</P
56 >The pdbedit tool uses the passdb modular interface and is
57 independent from the kind of users database used (currently there
58 are smbpasswd, ldap, nis+ and tdb based and more can be added
59 without changing the tool).</P
61 >There are five main ways to use pdbedit: adding a user account,
62 removing a user account, modifing a user account, listing user
63 accounts, importing users accounts.</P
81 >This option lists all the user accounts
82 present in the users database.
83 This option prints a list of user/uid pairs separated by
98 CLASS="PROGRAMLISTING"
99 > sorce:500:Simo Sorce
111 >This option enables the verbose listing format.
112 It causes pdbedit to list the users in the database, printing
113 out the account fields in a descriptive format.</P
127 CLASS="PROGRAMLISTING"
130 user ID/Group: 500/500
131 user RID/GRID: 2000/2001
132 Full Name: Simo Sorce
133 Home Directory: \\BERSERKER\sorce
135 Logon Script: \\BERSERKER\netlogon\sorce.bat
136 Profile Path: \\BERSERKER\profile
140 user RID/GRID: 1090/1091
142 Home Directory: \\BERSERKER\samba
145 Profile Path: \\BERSERKER\profile
156 >This option sets the "smbpasswd" listing format.
157 It will make pdbedit list the users in the database, printing
158 out the account fields in a format compatible with the
162 > file format. (see the <A
163 HREF="smbpasswd.5.html"
183 CLASS="PROGRAMLISTING"
184 > sorce:500:508818B733CE64BEAAD3B435B51404EE:D2A2418EFC466A8A0F6B1DBB5C3DB80C:[UX ]:LCT-00000000:
185 samba:45:0F2B255F7B67A7A9AAD3B435B51404EE:BC281CE3F53B6A5146629CD4751D3490:[UX ]:LCT-3BFA1E8D:
196 >This option specifies the username to be
197 used for the operation requested (listing, adding, removing).
201 > in add, remove and modify
212 >This option can be used while adding or
213 modifing a user account. It will specify the user's full
225 >This option can be used while adding or
226 modifing a user account. It will specify the user's home
227 directory network path.</P
231 >-h "\\\\BERSERKER\\sorce"</B
239 >This option can be used while adding or
240 modifing a user account. It will specify the windows drive
241 letter to be used to map the home directory.</P
253 >This option can be used while adding or
254 modifing a user account. It will specify the user's logon
259 >-s "\\\\BERSERKER\\netlogon\\sorce.bat"</B
267 >This option can be used while adding or
268 modifing a user account. It will specify the user's profile
273 >-p "\\\\BERSERKER\\netlogon"</B
281 >This option is used to add a user into the
282 database. This command needs a user name specified with
283 the -u switch. When adding a new user, pdbedit will also
284 ask for the password to be used.</P
288 >pdbedit -a -u sorce</B
297 CLASS="PROGRAMLISTING"
299 retype new password</PRE
310 >This option may only be used in conjunction
316 > option. It will make
317 pdbedit to add a machine trust account instead of a user
318 account (-u username will provide the machine name).</P
322 >pdbedit -a -m -u w2k-wks</B
330 >This option causes pdbedit to delete an account
331 from the database. It needs a username specified with the
336 >pdbedit -x -u bob</B
340 >-i passdb-backend</DT
343 >Use a different passdb backend to retrieve users
344 than the one specified in smb.conf. Can be used to import data into
345 your local user database.</P
347 >This option will ease migration from one passdb backend to
352 >pdbedit -i smbpasswd:/etc/smbpasswd.old
357 >-e passdb-backend</DT
360 >Exports all currently available users to the
361 specified password database backend.</P
363 >This option will ease migration from one passdb backend to
364 another and will ease backing up.</P
368 >pdbedit -e smbpasswd:/root/samba-users.backup</B
384 >-i in-backend -e out-backend</I
387 applies to the group mapping instead of the user database.
390 >This option will ease migration from one passdb backend to
391 another and will ease backing up.</P
394 >-b passdb-backend</DT
397 >Use a different default passdb backend. </P
401 >pdbedit -b xml:/root/pdb-backup.xml -l</B
405 >-P account-policy</DT
408 >Display an account policy</P
410 >Valid policies are: minimum password age, reset count minutes, disconnect time,
411 user must logon to change password, password history, lockout duration, min password length,
412 maximum password age and bad lockout attempt.</P
416 >pdbedit -P "bad lockout attempt"</B
426 CLASS="PROGRAMLISTING"
427 > account policy value for bad lockout attempt is 0
435 >-V account-policy-value</DT
438 >Sets an account policy to a specified value.
439 This option may only be used in conjunction
450 >pdbedit -P "bad lockout attempt" -V 3</B
460 CLASS="PROGRAMLISTING"
461 > account policy value for bad lockout attempt was 0
462 account policy value for bad lockout attempt is now 3
470 >-d|--debug=debuglevel</DT
479 from 0 to 10. The default value if this parameter is
480 not specified is zero.</P
482 >The higher this value, the more detail will be
483 logged to the log files about the activities of the
484 server. At level 0, only critical errors and serious
485 warnings will be logged. Level 1 is a reasonable level for
486 day to day running - it generates a small amount of
487 information about operations carried out.</P
489 >Levels above 1 will generate considerable
490 amounts of log data, and should only be used when
491 investigating a problem. Levels above 3 are designed for
492 use only by developers and generate HUGE amounts of log
493 data, most of which is extremely cryptic.</P
495 >Note that specifying this parameter here will
497 HREF="smb.conf.5.html#loglevel"
501 > parameter in the <A
502 HREF="smb.conf.5.html"
514 >Print a summary of command line options.</P
517 >-s <configuration file></DT
520 >The file specified contains the
521 configuration details required by the server. The
522 information in this file includes server-specific
523 information such as what printcap file to use, as well
524 as descriptions of all the services that the server is
526 HREF="smb.conf.5.html"
532 > for more information.
533 The default configuration file name is determined at
547 >This command may be used only by root.</P
557 >This man page is correct for version 2.2 of
569 HREF="smbpasswd.8.html"
588 >The original Samba software and related utilities
589 were created by Andrew Tridgell. Samba is now developed
590 by the Samba Team as an Open Source project similar
591 to the way the Linux kernel is developed.</P
593 >The original Samba man pages were written by Karl Auer.
594 The man page sources were converted to YODL format (another
595 excellent piece of Open Source software, available at
597 HREF="ftp://ftp.icce.rug.nl/pub/unix/"
599 > ftp://ftp.icce.rug.nl/pub/unix/</A
600 >) and updated for the Samba 2.0
601 release by Jeremy Allison. The conversion to DocBook for
602 Samba 2.2 was done by Gerald Carter</P
git.samba.org / ira / wip.git / blob