1 <!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.01//EN">
8 CONTENT=
"Modular DocBook HTML Stylesheet Version 1.76b+
19 NAME=
"PDBEDIT">pdbedit
</H1
27 >pdbedit
--
manage the SAM database
</DIV
29 CLASS=
"REFSYNOPSISDIV"
37 > [-l] [-v] [-w] [-u username] [-f fullname] [-h homedir] [-D drive] [-S script] [-p profile] [-a] [-m] [-x] [-i passdb-backend] [-e passdb-backend] [-b passdb-backend] [-d debuglevel] [-s configfile] [-P account-policy] [-V value]
</P
47 >This tool is part of the
<A
53 >The pdbedit program is used to manage the users accounts
54 stored in the sam database and can only be run by root.
</P
56 >The pdbedit tool uses the passdb modular interface and is
57 independent from the kind of users database used (currently there
58 are smbpasswd, ldap, nis+ and tdb based and more can be added
59 without changing the tool).
</P
61 >There are five main ways to use pdbedit: adding a user account,
62 removing a user account, modifing a user account, listing user
63 accounts, importing users accounts.
</P
81 >This option lists all the user accounts
82 present in the users database.
83 This option prints a list of user/uid pairs separated by
98 CLASS=
"PROGRAMLISTING"
99 > sorce:
500:Simo Sorce
111 >This option enables the verbose listing format.
112 It causes pdbedit to list the users in the database, printing
113 out the account fields in a descriptive format.
</P
127 CLASS=
"PROGRAMLISTING"
130 user ID/Group:
500/
500
131 user RID/GRID:
2000/
2001
132 Full Name: Simo Sorce
133 Home Directory: \\BERSERKER\sorce
135 Logon Script: \\BERSERKER\netlogon\sorce.bat
136 Profile Path: \\BERSERKER\profile
140 user RID/GRID:
1090/
1091
142 Home Directory: \\BERSERKER\samba
145 Profile Path: \\BERSERKER\profile
156 >This option sets the
"smbpasswd" listing format.
157 It will make pdbedit list the users in the database, printing
158 out the account fields in a format compatible with the
162 > file format. (see the
<A
163 HREF=
"smbpasswd.5.html"
183 CLASS=
"PROGRAMLISTING"
184 > sorce:
500:
508818B733CE64BEAAD3B435B51404EE:D2A2418EFC466A8A0F6B1DBB5C3DB80C:[UX ]:LCT-
00000000:
185 samba:
45:
0F2B255F7B67A7A9AAD3B435B51404EE:BC281CE3F53B6A5146629CD4751D3490:[UX ]:LCT-
3BFA1E8D:
196 >This option specifies the username to be
197 used for the operation requested (listing, adding, removing).
201 > in add, remove and modify
212 >This option can be used while adding or
213 modifing a user account. It will specify the user's full
225 >This option can be used while adding or
226 modifing a user account. It will specify the user's home
227 directory network path.
</P
231 >-h
"\\\\BERSERKER\\sorce"</B
239 >This option can be used while adding or
240 modifing a user account. It will specify the windows drive
241 letter to be used to map the home directory.
</P
253 >This option can be used while adding or
254 modifing a user account. It will specify the user's logon
259 >-s
"\\\\BERSERKER\\netlogon\\sorce.bat"</B
267 >This option can be used while adding or
268 modifing a user account. It will specify the user's profile
273 >-p
"\\\\BERSERKER\\netlogon"</B
281 >This option is used to add a user into the
282 database. This command needs a user name specified with
283 the -u switch. When adding a new user, pdbedit will also
284 ask for the password to be used.
</P
288 >pdbedit -a -u sorce
</B
297 CLASS=
"PROGRAMLISTING"
299 retype new password
</PRE
310 >This option may only be used in conjunction
316 > option. It will make
317 pdbedit to add a machine trust account instead of a user
318 account (-u username will provide the machine name).
</P
322 >pdbedit -a -m -u w2k-wks
</B
330 >This option causes pdbedit to delete an account
331 from the database. It needs a username specified with the
336 >pdbedit -x -u bob
</B
340 >-i passdb-backend
</DT
343 >Use a different passdb backend to retrieve users
344 than the one specified in smb.conf. Can be used to import data into
345 your local user database.
</P
347 >This option will ease migration from one passdb backend to
352 >pdbedit -i smbpasswd:/etc/smbpasswd.old
357 >-e passdb-backend
</DT
360 >Exports all currently available users to the
361 specified password database backend.
</P
363 >This option will ease migration from one passdb backend to
364 another and will ease backing up.
</P
368 >pdbedit -e smbpasswd:/root/samba-users.backup
</B
372 >-b passdb-backend
</DT
375 >Use a different default passdb backend.
</P
379 >pdbedit -b xml:/root/pdb-backup.xml -l
</B
383 >-P account-policy
</DT
386 >Display an account policy
</P
388 >Valid policies are: minimum password age, reset count minutes, disconnect time,
389 user must logon to change password, password history, lockout duration, min password length,
390 maximum password age and bad lockout attempt.
</P
394 >pdbedit -P
"bad lockout attempt"</B
404 CLASS=
"PROGRAMLISTING"
405 > account policy value for bad lockout attempt is
0
413 >-V account-policy-value
</DT
416 >Sets an account policy to a specified value.
417 This option may only be used in conjunction
428 >pdbedit -P
"bad lockout attempt" -V
3</B
438 CLASS=
"PROGRAMLISTING"
439 > account policy value for bad lockout attempt was
0
440 account policy value for bad lockout attempt is now
3
448 >-d|--debug=debuglevel
</DT
457 from
0 to
10. The default value if this parameter is
458 not specified is zero.
</P
460 >The higher this value, the more detail will be
461 logged to the log files about the activities of the
462 server. At level
0, only critical errors and serious
463 warnings will be logged. Level
1 is a reasonable level for
464 day to day running - it generates a small amount of
465 information about operations carried out.
</P
467 >Levels above
1 will generate considerable
468 amounts of log data, and should only be used when
469 investigating a problem. Levels above
3 are designed for
470 use only by developers and generate HUGE amounts of log
471 data, most of which is extremely cryptic.
</P
473 >Note that specifying this parameter here will
475 HREF=
"smb.conf.5.html#loglevel"
479 > parameter in the
<A
480 HREF=
"smb.conf.5.html"
492 >Print a summary of command line options.
</P
495 >-s
<configuration file
></DT
498 >The file specified contains the
499 configuration details required by the server. The
500 information in this file includes server-specific
501 information such as what printcap file to use, as well
502 as descriptions of all the services that the server is
504 HREF=
"smb.conf.5.html"
510 > for more information.
511 The default configuration file name is determined at
525 >This command may be used only by root.
</P
535 >This man page is correct for version
2.2 of
547 HREF=
"smbpasswd.8.html"
566 >The original Samba software and related utilities
567 were created by Andrew Tridgell. Samba is now developed
568 by the Samba Team as an Open Source project similar
569 to the way the Linux kernel is developed.
</P
571 >The original Samba man pages were written by Karl Auer.
572 The man page sources were converted to YODL format (another
573 excellent piece of Open Source software, available at
575 HREF=
"ftp://ftp.icce.rug.nl/pub/unix/"
577 > ftp://ftp.icce.rug.nl/pub/unix/
</A
578 >) and updated for the Samba
2.0
579 release by Jeremy Allison. The conversion to DocBook for
580 Samba
2.2 was done by Gerald Carter
</P