1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
8 CONTENT="Modular DocBook HTML Stylesheet Version 1.77"></HEAD
28 >pdbedit -- manage the SAM database</DIV
30 CLASS="REFSYNOPSISDIV"
40 > [-l] [-v] [-w] [-u username] [-f fullname] [-h homedir] [-D drive] [-S script] [-p profile] [-a] [-m] [-x] [-i passdb-backend] [-e passdb-backend] [-b passdb-backend] [-d debuglevel] [-s configfile] [-P account-policy] [-V value]</P
50 >This tool is part of the <A
56 >The pdbedit program is used to manage the users accounts
57 stored in the sam database and can only be run by root.</P
59 >The pdbedit tool uses the passdb modular interface and is
60 independent from the kind of users database used (currently there
61 are smbpasswd, ldap, nis+ and tdb based and more can be added
62 without changing the tool).</P
64 >There are five main ways to use pdbedit: adding a user account,
65 removing a user account, modifing a user account, listing user
66 accounts, importing users accounts.</P
84 >This option lists all the user accounts
85 present in the users database.
86 This option prints a list of user/uid pairs separated by
95 CLASS="PROGRAMLISTING"
96 > sorce:500:Simo Sorce
105 >This option enables the verbose listing format.
106 It causes pdbedit to list the users in the database, printing
107 out the account fields in a descriptive format.</P
115 CLASS="PROGRAMLISTING"
118 user ID/Group: 500/500
119 user RID/GRID: 2000/2001
120 Full Name: Simo Sorce
121 Home Directory: \\BERSERKER\sorce
123 Logon Script: \\BERSERKER\netlogon\sorce.bat
124 Profile Path: \\BERSERKER\profile
128 user RID/GRID: 1090/1091
130 Home Directory: \\BERSERKER\samba
133 Profile Path: \\BERSERKER\profile
141 >This option sets the "smbpasswd" listing format.
142 It will make pdbedit list the users in the database, printing
143 out the account fields in a format compatible with the
147 > file format. (see the <A
148 HREF="smbpasswd.5.html"
162 CLASS="PROGRAMLISTING"
163 > sorce:500:508818B733CE64BEAAD3B435B51404EE:D2A2418EFC466A8A0F6B1DBB5C3DB80C:[UX ]:LCT-00000000:
164 samba:45:0F2B255F7B67A7A9AAD3B435B51404EE:BC281CE3F53B6A5146629CD4751D3490:[UX ]:LCT-3BFA1E8D:
172 >This option specifies the username to be
173 used for the operation requested (listing, adding, removing).
180 > in add, remove and modify
194 >This option can be used while adding or
195 modifing a user account. It will specify the user's full
207 >This option can be used while adding or
208 modifing a user account. It will specify the user's home
209 directory network path.</P
213 >-h "\\\\BERSERKER\\sorce"</B
221 >This option can be used while adding or
222 modifing a user account. It will specify the windows drive
223 letter to be used to map the home directory.</P
235 >This option can be used while adding or
236 modifing a user account. It will specify the user's logon
241 >-s "\\\\BERSERKER\\netlogon\\sorce.bat"</B
249 >This option can be used while adding or
250 modifing a user account. It will specify the user's profile
255 >-p "\\\\BERSERKER\\netlogon"</B
263 >This option is used to add a user into the
264 database. This command needs a user name specified with
265 the -u switch. When adding a new user, pdbedit will also
266 ask for the password to be used.</P
270 >pdbedit -a -u sorce</B
273 CLASS="PROGRAMLISTING"
275 retype new password</PRE
283 >This option may only be used in conjunction
289 > option. It will make
290 pdbedit to add a machine trust account instead of a user
291 account (-u username will provide the machine name).</P
295 >pdbedit -a -m -u w2k-wks</B
303 >This option causes pdbedit to delete an account
304 from the database. It needs a username specified with the
309 >pdbedit -x -u bob</B
313 >-i passdb-backend</DT
316 >Use a different passdb backend to retrieve users
317 than the one specified in smb.conf. Can be used to import data into
318 your local user database.</P
320 >This option will ease migration from one passdb backend to
325 >pdbedit -i smbpasswd:/etc/smbpasswd.old
330 >-e passdb-backend</DT
333 >Exports all currently available users to the
334 specified password database backend.</P
336 >This option will ease migration from one passdb backend to
337 another and will ease backing up.</P
341 >pdbedit -e smbpasswd:/root/samba-users.backup</B
345 >-b passdb-backend</DT
348 >Use a different default passdb backend. </P
352 >pdbedit -b xml:/root/pdb-backup.xml -l</B
356 >-P account-policy</DT
359 >Display an account policy</P
361 >Valid policies are: minimum password age, reset count minutes, disconnect time,
362 user must logon to change password, password history, lockout duration, min password length,
363 maximum password age and bad lockout attempt.
369 >pdbedit -P "bad lockout attempt"</B
373 CLASS="PROGRAMLISTING"
374 > account policy value for bad lockout attempt is 0
379 >-V account-policy-value</DT
382 >Sets an account policy to a specified value.
383 This option may only be used in conjunction
395 >pdbedit -P "bad lockout attempt" -V 3</B
399 CLASS="PROGRAMLISTING"
400 > account policy value for bad lockout attempt was 0
401 account policy value for bad lockout attempt is now 3
406 >-d|--debug=debuglevel</DT
415 from 0 to 10. The default value if this parameter is
416 not specified is zero.</P
418 >The higher this value, the more detail will be
419 logged to the log files about the activities of the
420 server. At level 0, only critical errors and serious
421 warnings will be logged. Level 1 is a reasonable level for
422 day to day running - it generates a small amount of
423 information about operations carried out.</P
425 >Levels above 1 will generate considerable
426 amounts of log data, and should only be used when
427 investigating a problem. Levels above 3 are designed for
428 use only by developers and generate HUGE amounts of log
429 data, most of which is extremely cryptic.</P
431 >Note that specifying this parameter here will
433 HREF="smb.conf.5.html#loglevel"
437 > parameter in the <A
438 HREF="smb.conf.5.html"
450 >Print a summary of command line options.</P
453 >-s <configuration file></DT
456 >The file specified contains the
457 configuration details required by the server. The
458 information in this file includes server-specific
459 information such as what printcap file to use, as well
460 as descriptions of all the services that the server is
462 HREF="smb.conf.5.html"
468 > for more information.
469 The default configuration file name is determined at
483 >This command may be used only by root.</P
493 >This man page is correct for version 2.2 of
505 HREF="smbpasswd.8.html"
524 >The original Samba software and related utilities
525 were created by Andrew Tridgell. Samba is now developed
526 by the Samba Team as an Open Source project similar
527 to the way the Linux kernel is developed.</P
529 >The original Samba man pages were written by Karl Auer.
530 The man page sources were converted to YODL format (another
531 excellent piece of Open Source software, available at
533 HREF="ftp://ftp.icce.rug.nl/pub/unix/"
535 > ftp://ftp.icce.rug.nl/pub/unix/</A
536 >) and updated for the Samba 2.0
537 release by Jeremy Allison. The conversion to DocBook for
538 Samba 2.2 was done by Gerald Carter</P