set version string

[Samba.git] / docs / htmldocs / pdbedit.8.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<HTML
><HEAD
><TITLE
>pdbedit</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
"></HEAD
><BODY
CLASS="REFENTRY"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><H1
><A
NAME="PDBEDIT">pdbedit</H1
><DIV
CLASS="REFNAMEDIV"
><A
NAME="AEN5"
></A
><H2
>Name</H2
>pdbedit&nbsp;--&nbsp;manage the SAM database</DIV
><DIV
CLASS="REFSYNOPSISDIV"
><A
NAME="AEN8"><H2
>Synopsis</H2
><P
><B
CLASS="COMMAND"
>pdbedit</B
> [-l] [-v] [-w] [-u username] [-f fullname] [-h homedir] [-D drive] [-S script] [-p profile] [-a] [-m] [-x] [-i passdb-backend] [-e passdb-backend] [-b passdb-backend] [-d debuglevel] [-s configfile] [-P account-policy] [-V value]</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN30"
></A
><H2
>DESCRIPTION</H2
><P
>This tool is part of the <A
HREF="samba.7.html"
TARGET="_top"
>       Samba</A
> suite.</P
><P
>The pdbedit program is used to manage the users accounts
        stored in the sam database and can only be run by root.</P
><P
>The pdbedit tool uses the passdb modular interface and is
        independent from the kind of users database used (currently there
        are smbpasswd, ldap, nis+ and tdb based and more can be added
        without changing the tool).</P
><P
>There are five main ways to use pdbedit: adding a user account,
        removing a user account, modifing a user account, listing user
        accounts, importing users accounts.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN37"
></A
><H2
>OPTIONS</H2
><P
></P
><DIV
CLASS="VARIABLELIST"
><DL
><DT
>-l</DT
><DD
><P
>This option lists all the user accounts
                present in the users database.
                This option prints a list of user/uid pairs separated by
                the ':' character.</P
><P
>Example: <B
CLASS="COMMAND"
>pdbedit -l</B
></P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><PRE
CLASS="PROGRAMLISTING"
>               sorce:500:Simo Sorce
                samba:45:Test User
                </PRE
></TD
></TR
></TABLE
></P
></DD
><DT
>-v</DT
><DD
><P
>This option enables the verbose listing format.
                It causes pdbedit to list the users in the database, printing
                out the account fields in a descriptive format.</P
><P
>Example: <B
CLASS="COMMAND"
>pdbedit -l -v</B
></P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><PRE
CLASS="PROGRAMLISTING"
>               ---------------
                username:       sorce
                user ID/Group:  500/500
                user RID/GRID:  2000/2001
                Full Name:      Simo Sorce
                Home Directory: \\BERSERKER\sorce
                HomeDir Drive:  H:
                Logon Script:   \\BERSERKER\netlogon\sorce.bat
                Profile Path:   \\BERSERKER\profile
                ---------------
                username:       samba
                user ID/Group:  45/45
                user RID/GRID:  1090/1091
                Full Name:      Test User
                Home Directory: \\BERSERKER\samba
                HomeDir Drive:  
                Logon Script:   
                Profile Path:   \\BERSERKER\profile
                </PRE
></TD
></TR
></TABLE
></P
></DD
><DT
>-w</DT
><DD
><P
>This option sets the "smbpasswd" listing format.
                It will make pdbedit list the users in the database, printing
                out the account fields in a format compatible with the
                <TT
CLASS="FILENAME"
>smbpasswd</TT
> file format. (see the <A
HREF="smbpasswd.5.html"
TARGET="_top"
><TT
CLASS="FILENAME"
>smbpasswd(5)</TT
></A
> for details)</P
><P
>Example: <B
CLASS="COMMAND"
>pdbedit -l -w</B
></P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><PRE
CLASS="PROGRAMLISTING"
>               sorce:500:508818B733CE64BEAAD3B435B51404EE:D2A2418EFC466A8A0F6B1DBB5C3DB80C:[UX         ]:LCT-00000000:
                samba:45:0F2B255F7B67A7A9AAD3B435B51404EE:BC281CE3F53B6A5146629CD4751D3490:[UX         ]:LCT-3BFA1E8D:
                </PRE
></TD
></TR
></TABLE
></P
></DD
><DT
>-u username</DT
><DD
><P
>This option specifies the username to be
                used for the operation requested (listing, adding, removing).
                It is <I
CLASS="EMPHASIS"
>required</I
> in add, remove and modify
                operations and <I
CLASS="EMPHASIS"
>optional</I
> in list
                operations.</P
></DD
><DT
>-f fullname</DT
><DD
><P
>This option can be used while adding or
                modifing a user account. It will specify the user's full
                name. </P
><P
>Example: <B
CLASS="COMMAND"
>-f "Simo Sorce"</B
></P
></DD
><DT
>-h homedir</DT
><DD
><P
>This option can be used while adding or
                modifing a user account. It will specify the user's home
                directory network path.</P
><P
>Example: <B
CLASS="COMMAND"
>-h "\\\\BERSERKER\\sorce"</B
>
                </P
></DD
><DT
>-D drive</DT
><DD
><P
>This option can be used while adding or
                modifing a user account. It will specify the windows drive
                letter to be used to map the home directory.</P
><P
>Example: <B
CLASS="COMMAND"
>-d "H:"</B
>
                </P
></DD
><DT
>-S script</DT
><DD
><P
>This option can be used while adding or
                modifing a user account. It will specify the user's logon
                script path.</P
><P
>Example: <B
CLASS="COMMAND"
>-s "\\\\BERSERKER\\netlogon\\sorce.bat"</B
>
                </P
></DD
><DT
>-p profile</DT
><DD
><P
>This option can be used while adding or
                modifing a user account. It will specify the user's profile
                directory.</P
><P
>Example: <B
CLASS="COMMAND"
>-p "\\\\BERSERKER\\netlogon"</B
>
                </P
></DD
><DT
>-a</DT
><DD
><P
>This option is used to add a user into the
                database. This command needs a user name specified with
                the -u switch. When adding a new user, pdbedit will also
                ask for the password to be used.</P
><P
>Example: <B
CLASS="COMMAND"
>pdbedit -a -u sorce</B
>
                <TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><PRE
CLASS="PROGRAMLISTING"
>new password:
                retype new password</PRE
></TD
></TR
></TABLE
>
                </P
></DD
><DT
>-m</DT
><DD
><P
>This option may only be used in conjunction 
                with the <TT
CLASS="PARAMETER"
><I
>-a</I
></TT
> option. It will make
                pdbedit to add a machine trust account instead of a user
                account (-u username will provide the machine name).</P
><P
>Example: <B
CLASS="COMMAND"
>pdbedit -a -m -u w2k-wks</B
>
                </P
></DD
><DT
>-x</DT
><DD
><P
>This option causes pdbedit to delete an account
                from the database. It needs a username specified with the
                -u switch.</P
><P
>Example: <B
CLASS="COMMAND"
>pdbedit -x -u bob</B
></P
></DD
><DT
>-i passdb-backend</DT
><DD
><P
>Use a different passdb backend to retrieve users
                than the one specified in smb.conf. Can be used to import data into
                your local user database.</P
><P
>This option will ease migration from one passdb backend to
                another.</P
><P
>Example: <B
CLASS="COMMAND"
>pdbedit -i smbpasswd:/etc/smbpasswd.old
                </B
></P
></DD
><DT
>-e passdb-backend</DT
><DD
><P
>Exports all currently available users to the
                specified password database backend.</P
><P
>This option will ease migration from one passdb backend to
                another and will ease backing up.</P
><P
>Example: <B
CLASS="COMMAND"
>pdbedit -e smbpasswd:/root/samba-users.backup</B
></P
></DD
><DT
>-b passdb-backend</DT
><DD
><P
>Use a different default passdb backend. </P
><P
>Example: <B
CLASS="COMMAND"
>pdbedit -b xml:/root/pdb-backup.xml -l</B
></P
></DD
><DT
>-P account-policy</DT
><DD
><P
>Display an account policy</P
><P
>Valid policies are: minimum password age, reset count minutes, disconnect time,
                user must logon to change password, password history, lockout duration, min password length,
                maximum password age and bad lockout attempt.</P
><P
>Example: <B
CLASS="COMMAND"
>pdbedit -P "bad lockout attempt"</B
></P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><PRE
CLASS="PROGRAMLISTING"
>               account policy value for bad lockout attempt is 0
                </PRE
></TD
></TR
></TABLE
></P
></DD
><DT
>-V account-policy-value</DT
><DD
><P
>Sets an account policy to a specified value. 
                This option may only be used in conjunction
                with the <TT
CLASS="PARAMETER"
><I
>-P</I
></TT
> option.
                </P
><P
>Example: <B
CLASS="COMMAND"
>pdbedit -P "bad lockout attempt" -V 3</B
></P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="90%"
><TR
><TD
><PRE
CLASS="PROGRAMLISTING"
>               account policy value for bad lockout attempt was 0
                account policy value for bad lockout attempt is now 3
                </PRE
></TD
></TR
></TABLE
></P
></DD
><DT
>-d|--debug=debuglevel</DT
><DD
><P
><TT
CLASS="REPLACEABLE"
><I
>debuglevel</I
></TT
> is an integer 
from 0 to 10.  The default value if this parameter is 
not specified is zero.</P
><P
>The higher this value, the more detail will be 
logged to the log files about the activities of the 
server. At level 0, only critical errors and serious 
warnings will be logged. Level 1 is a reasonable level for
day to day running - it generates a small amount of 
information about operations carried out.</P
><P
>Levels above 1 will generate considerable 
amounts of log data, and should only be used when 
investigating a problem. Levels above 3 are designed for 
use only by developers and generate HUGE amounts of log
data, most of which is extremely cryptic.</P
><P
>Note that specifying this parameter here will 
override the <A
HREF="smb.conf.5.html#loglevel"
TARGET="_top"
>log
level</A
> parameter in the <A
HREF="smb.conf.5.html"
TARGET="_top"
><TT
CLASS="FILENAME"
>smb.conf(5)</TT
></A
> file.</P
></DD
><DT
>-h|--help</DT
><DD
><P
>Print a summary of command line options.</P
></DD
><DT
>-s &#60;configuration file&#62;</DT
><DD
><P
>The file specified contains the 
configuration details required by the server.  The 
information in this file includes server-specific
information such as what printcap file to use, as well 
as descriptions of all the services that the server is 
to provide. See <A
HREF="smb.conf.5.html"
TARGET="_top"
><TT
CLASS="FILENAME"
>smb.conf(5)</TT
></A
> for more information.
The default configuration file name is determined at 
compile time.</P
></DD
></DL
></DIV
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN182"
></A
><H2
>NOTES</H2
><P
>This command may be used only by root.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN185"
></A
><H2
>VERSION</H2
><P
>This man page is correct for version 2.2 of 
        the Samba suite.</P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN188"
></A
><H2
>SEE ALSO</H2
><P
><A
HREF="smbpasswd.8.html"
TARGET="_top"
>smbpasswd(8)</A
>, 
        <A
HREF="samba.7.html"
TARGET="_top"
>samba(7)</A
>
        </P
></DIV
><DIV
CLASS="REFSECT1"
><A
NAME="AEN193"
></A
><H2
>AUTHOR</H2
><P
>The original Samba software and related utilities 
        were created by Andrew Tridgell. Samba is now developed
        by the Samba Team as an Open Source project similar 
        to the way the Linux kernel is developed.</P
><P
>The original Samba man pages were written by Karl Auer. 
        The man page sources were converted to YODL format (another 
        excellent piece of Open Source software, available at
        <A
HREF="ftp://ftp.icce.rug.nl/pub/unix/"
TARGET="_top"
>       ftp://ftp.icce.rug.nl/pub/unix/</A
>) and updated for the Samba 2.0 
        release by Jeremy Allison.  The conversion to DocBook for 
        Samba 2.2 was done by Gerald Carter</P
></DIV
></BODY
></HTML
>