source: trunk/server/docs/manpages/pdbedit.8@ 745

'\" t
.\"     Title: pdbedit
.\"    Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
.\"      Date: 08/08/2011
.\"    Manual: System Administration tools
.\"    Source: Samba 3.6
.\"  Language: English
.\"
.TH "PDBEDIT" "8" "08/08/2011" "Samba 3\&.6" "System Administration tools"
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
pdbedit \- manage the SAM database (Database of Samba Users)
.SH "SYNOPSIS"
.HP \w'\ 'u
pdbedit [\-a] [\-b\ passdb\-backend] [\-c\ account\-control] [\-C\ value] [\-d\ debuglevel] [\-D\ drive] [\-e\ passdb\-backend] [\-f\ fullname] [\-\-force\-initialized\-passwords] [\-g] [\-h\ homedir] [\-i\ passdb\-backend] [\-I\ domain] [\-K] [\-L] [\-m] [\-M\ SID|RID] [\-N\ description] [\-P\ account\-policy] [\-p\ profile] [\-\-policies\-reset] [\-r] [\-s\ configfile] [\-S\ script] [\-t] [\-\-time\-format] [\-u\ username] [\-U\ SID|RID] [\-v] [\-V] [\-w] [\-x] [\-y] [\-z] [\-Z]
.SH "DESCRIPTION"
.PP
This tool is part of the
\fBsamba\fR(7)
suite\&.
.PP
The pdbedit program is used to manage the users accounts stored in the sam database and can only be run by root\&.
.PP
The pdbedit tool uses the passdb modular interface and is independent from the kind of users database used (currently there are smbpasswd, ldap, nis+ and tdb based and more can be added without changing the tool)\&.
.PP
There are five main ways to use pdbedit: adding a user account, removing a user account, modifing a user account, listing user accounts, importing users accounts\&.
.SH "OPTIONS"
.PP
\-L|\-\-list
.RS 4
This option lists all the user accounts present in the users database\&. This option prints a list of user/uid pairs separated by the \':\' character\&.
.sp
Example:
pdbedit \-L
.sp
.if n \{\
.RS 4
.\}
.nf
sorce:500:Simo Sorce
samba:45:Test User
.fi
.if n \{\
.RE
.\}
.RE
.PP
\-v|\-\-verbose
.RS 4
This option enables the verbose listing format\&. It causes pdbedit to list the users in the database, printing out the account fields in a descriptive format\&.
.sp
Example:
pdbedit \-L \-v
.sp
.if n \{\
.RS 4
.\}
.nf
\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-
username:       sorce
user ID/Group:  500/500
user RID/GRID:  2000/2001
Full Name:      Simo Sorce
Home Directory: \e\eBERSERKER\esorce
HomeDir Drive:  H:
Logon Script:   \e\eBERSERKER\enetlogon\esorce\&.bat
Profile Path:   \e\eBERSERKER\eprofile
\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-
username:       samba
user ID/Group:  45/45
user RID/GRID:  1090/1091
Full Name:      Test User
Home Directory: \e\eBERSERKER\esamba
HomeDir Drive:  
Logon Script:   
Profile Path:   \e\eBERSERKER\eprofile
.fi
.if n \{\
.RE
.\}
.RE
.PP
\-w|\-\-smbpasswd\-style
.RS 4
This option sets the "smbpasswd" listing format\&. It will make pdbedit list the users in the database, printing out the account fields in a format compatible with the
smbpasswd
file format\&. (see the
\fBsmbpasswd\fR(5)
for details)
.sp
Example:
pdbedit \-L \-w
.sp
.if n \{\
.RS 4
.\}
.nf
sorce:500:508818B733CE64BEAAD3B435B51404EE:
          D2A2418EFC466A8A0F6B1DBB5C3DB80C:
          [UX         ]:LCT\-00000000:
samba:45:0F2B255F7B67A7A9AAD3B435B51404EE:
          BC281CE3F53B6A5146629CD4751D3490:
          [UX         ]:LCT\-3BFA1E8D:
.fi
.if n \{\
.RE
.\}
.RE
.PP
\-u|\-\-user username
.RS 4
This option specifies the username to be used for the operation requested (listing, adding, removing)\&. It is
\fIrequired\fR
in add, remove and modify operations and
\fIoptional\fR
in list operations\&.
.RE
.PP
\-f|\-\-fullname fullname
.RS 4
This option can be used while adding or modifing a user account\&. It will specify the user\'s full name\&.
.sp
Example:
\-f "Simo Sorce"
.RE
.PP
\-h|\-\-homedir homedir
.RS 4
This option can be used while adding or modifing a user account\&. It will specify the user\'s home directory network path\&.
.sp
Example:
\-h "\e\e\e\eBERSERKER\e\esorce"
.RE
.PP
\-D|\-\-drive drive
.RS 4
This option can be used while adding or modifing a user account\&. It will specify the windows drive letter to be used to map the home directory\&.
.sp
Example:
\-D "H:"
.RE
.PP
\-S|\-\-script script
.RS 4
This option can be used while adding or modifing a user account\&. It will specify the user\'s logon script path\&.
.sp
Example:
\-S "\e\e\e\eBERSERKER\e\enetlogon\e\esorce\&.bat"
.RE
.PP
\-p|\-\-profile profile
.RS 4
This option can be used while adding or modifing a user account\&. It will specify the user\'s profile directory\&.
.sp
Example:
\-p "\e\e\e\eBERSERKER\e\enetlogon"
.RE
.PP
\-M|\'\-\-machine SID\' SID|rid
.RS 4
This option can be used while adding or modifying a machine account\&. It will specify the machines\' new primary group SID (Security Identifier) or rid\&.
.sp
Example:
\-M S\-1\-5\-21\-2447931902\-1787058256\-3961074038\-1201
.RE
.PP
\-U|\'\-\-user SID\' SID|rid
.RS 4
This option can be used while adding or modifying a user account\&. It will specify the users\' new SID (Security Identifier) or rid\&.
.sp
Example:
\-U S\-1\-5\-21\-2447931902\-1787058256\-3961074038\-5004
.sp
Example:
\'\-\-user SID\' S\-1\-5\-21\-2447931902\-1787058256\-3961074038\-5004
.sp
Example:
\-U 5004
.sp
Example:
\'\-\-user SID\' 5004
.RE
.PP
\-c|\-\-account\-control account\-control
.RS 4
This option can be used while adding or modifying a user account\&. It will specify the users\' account control property\&. Possible flags are listed below\&.
.sp

.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
N: No password required
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
D: Account disabled
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
H: Home directory required
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
T: Temporary duplicate of other account
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
U: Regular user account
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
M: MNS logon user account
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
W: Workstation Trust Account
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
S: Server Trust Account
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
L: Automatic Locking
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
X: Password does not expire
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}
I: Domain Trust Account
.RE
.sp
.RE
.sp
Example:
\-c "[X ]"
.RE
.PP
\-K|\-\-kickoff\-time
.RS 4
This option is used to modify the kickoff time for a certain user\&. Use "never" as argument to set the kickoff time to unlimited\&.
.sp
Example:
pdbedit \-K never user
.RE
.PP
\-a|\-\-create
.RS 4
This option is used to add a user into the database\&. This command needs a user name specified with the \-u switch\&. When adding a new user, pdbedit will also ask for the password to be used\&.
.sp
Example:
pdbedit \-a \-u sorce
.sp
.if n \{\
.RS 4
.\}
.nf
new password:
retype new password
.fi
.if n \{\
.RE
.\}
.sp
.if n \{\
.sp
.\}
.RS 4
.it 1 an-trap
.nr an-no-space-flag 1
.nr an-break-flag 1
.br