summaryrefslogtreecommitdiff
path: root/docs/docbook/manpages/smbpasswd.8.sgml
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2001-02-23 04:34:24 +0000
committerGerald Carter <jerry@samba.org>2001-02-23 04:34:24 +0000
commitb58b856db5c5c2583a4bbe24ab39726efefb18a6 (patch)
tree6bec93ee6bfb51723e3ad118621c7c8b6d1fdcab /docs/docbook/manpages/smbpasswd.8.sgml
parented77fca1990f96dba6fe9204e551056395c6ed29 (diff)
downloadsamba-b58b856db5c5c2583a4bbe24ab39726efefb18a6.tar.gz
samba-b58b856db5c5c2583a4bbe24ab39726efefb18a6.tar.bz2
samba-b58b856db5c5c2583a4bbe24ab39726efefb18a6.zip
more updates. Conversion almost done. 2 more man pages
(then all the ASCII stuff) (This used to be commit 7247027e833616bfe9350253cc1e6cdb236b2cdf)
Diffstat (limited to 'docs/docbook/manpages/smbpasswd.8.sgml')
-rw-r--r--docs/docbook/manpages/smbpasswd.8.sgml572
1 files changed, 408 insertions, 164 deletions
diff --git a/docs/docbook/manpages/smbpasswd.8.sgml b/docs/docbook/manpages/smbpasswd.8.sgml
index 15cb6ffff1..7f7783425a 100644
--- a/docs/docbook/manpages/smbpasswd.8.sgml
+++ b/docs/docbook/manpages/smbpasswd.8.sgml
@@ -1,165 +1,409 @@
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
+<refentry id="smbpasswd">
-Namesmbpasswd - change a users SMB password
-Synopsis
-smbpasswd [-a] [-x] [-d]
-[-e] [-D debug level] [-n] [-r remote_machine] [-R name resolve order] [-m] [-j
-DOMAIN] [-U username] [-h] [-s] username
-Description
-This program is part of
-the Samba suite.
-The smbpasswd program has several different functions,
-depending on whether it is run by the root user or not. When run as a normal
-user it allows the user to change the password used for their SMB sessions
-on any machines that store SMB passwords.
-By default (when run with no arguments)
-it will attempt to change the current users SMB password on the local machine.
-This is similar to the way the passwd (1) program works. smbpasswd differs
-from how the passwd program works however in that it is not setuid root
-but works in a client-server mode and communicates with a locally running
-smbd. As a consequence in order for this to succeed the smbd daemon must
-be running on the local machine. On a UNIX machine the encrypted SMB passwords
-are usually stored in the smbpasswd (5) file.
-When run by an ordinary user
-with no options. smbpasswd will prompt them for their old smb password and
-then ask them for their new password twice, to ensure that the new password
-was typed correctly. No passwords will be echoed on the screen whilst being
-typed. If you have a blank smb password (specified by the string "NO PASSWORD"
-in the smbpasswd file) then just press the <Enter> key when asked for your
-old password.
-smbpasswd can also be used by a normal user to change their
-SMB password on remote machines, such as Windows NT Primary Domain Controllers.
-See the (-r) and -U options below.
-When run by root, smbpasswd allows new
-users to be added and deleted in the smbpasswd file, as well as allows
-changes to the attributes of the user in this file to be made. When run
-by root, smbpasswd accesses the local smbpasswd file directly, thus enabling
-changes to be made even if smbd is not running.
-Options
--aThis option specifies
-that the username following should be added to the local smbpasswd file,
-with the new password typed (type <Enter> for the old password). This option
-is ignored if the username following already exists in the smbpasswd file
-and it is treated like a regular change password command. Note that the
-user to be added must already exist in the system password file (usually
-/etc/passwd) else the request to add the user will fail. This option is
-only available when running smbpasswd as root. -xThis option specifies that
-the username following should be deleted from the local smbpasswd file.
-This option is only available when running smbpasswd as root. -dThis option
-specifies that the username following should be disabled in the local smbpasswd
-file. This is done by writing a 'D' flag into the account control space in
-the smbpasswd file. Once this is done all attempts to authenticate via SMB
-using this username will fail. If the smbpasswd file is in the 'old' format
-(pre-Samba 2.0 format) there is no space in the users password entry to write
-this information and so the user is disabled by writing 'X' characters into
-the password space in the smbpasswd file. See smbpasswd (5) for details
-on the 'old' and new password file formats. This option is only available
-when running smbpasswd as root. -eThis option specifies that the username
-following should be enabled in the local smbpasswd file, if the account
-was previously disabled. If the account was not disabled this option has
-no effect. Once the account is enabled then the user will be able to authenticate
-via SMB once again. If the smbpasswd file is in the 'old' format then smbpasswd
-will prompt for a new password for this user, otherwise the account will
-be enabled by removing the 'D' flag from account control space in the smbpasswd
-file. See smbpasswd (5) for details on the 'old' and new password file formats.
-This option is only available when running smbpasswd as root. -D debugleveldebuglevel
-is an integer from 0 to 10. The default value if this parameter is not
-specified is zero. The higher this value, the more detail will be logged
-to the log files about the activities of smbpasswd. At level 0, only critical
-errors and serious warnings will be logged. Levels above 1 will generate
-considerable amounts of log data, and should only be used when investigating
-a problem. Levels above 3 are designed for use only by developers and generate
-HUGE amounts of log data, most of which is extremely cryptic. -nThis option
-specifies that the username following should have their password set to
-null (i.e. a blank password) in the local smbpasswd file. This is done by
-writing the string "NO PASSWORD" as the first part of the first password
-stored in the smbpasswd file. Note that to allow users to logon to a Samba
-server once the password has been set to "NO PASSWORD" in the smbpasswd
-file the administrator must set the following parameter in the [global]
-section of the smb.conf file : null passwords = true This option is only
-available when running smbpasswd as root. -r remote machine nameThis option
-allows a user to specify what machine they wish to change their password
-on. Without this parameter smbpasswd defaults to the local host. The "remote
-machine name" is the NetBIOS name of the SMB/CIFS server to contact to
-attempt the password change. This name is resolved into an IP address using
-the standard name resolution mechanism in all programs of the Samba suite.
-See the -R name resolve order parameter for details on changing this resolving
-mechanism. The username whose password is changed is that of the current
-UNIX logged on user. See the -U username parameter for details on changing
-the password for a different username. Note that if changing a Windows NT
-Domain password the remote machine specified must be the Primary Domain
-Controller for the domain (Backup Domain Controllers only have a read-only
-copy of the user account database and will not allow the password change).
-Note that Windows 95/98 do not have a real password database so it is not
-possible to change passwords specifying a Win95/98 machine as remote machine
-target. -R name resolve orderThis option allows the user of smbclient to
-determine what name resolution services to use when looking up the NetBIOS
-name of the host being connected to. The options are :"lmhosts", "host",
-"wins" and "bcast". They cause names to be resolved as follows : olmhosts
-: Lookup an IP address in the Samba lmhosts file. ohost : Do a standard
-host name to IP address resolution, using the system /etc/hosts, NIS, or
-DNS lookups. This method of name resolution is operating system dependent.
-For instance on IRIX or Solaris, this may be controlled by the /etc/nsswitch.conf
-file). owins : Query a name with the IP address listed in the wins server
-parameter in the smb.conf file. If no WINS server has been specified this
-method will be ignored. obcast : Do a broadcast on each of the known local
-interfaces listed in the interfaces parameter in the smb.conf file. This
-is the least reliable of the name resolution methods as it depends on the
-target host being on a locally connected subnet. If this parameter is not
-set then the name resolve order defined in the smb.conf file parameter
-name resolve order will be used. The default order is lmhosts, host, wins,
-bcast and without this parameter or any entry in the smb.conf file the
-name resolution methods will be attempted in this order. -mThis option tells
-smbpasswd that the account being changed is a MACHINE account. Currently
-this is used when Samba is being used as an NT Primary Domain Controller.
-PDC support is not a supported feature in Samba2.0 but will become supported
-in a later release. If you wish to know more about using Samba as an NT
-PDC then please subscribe to the mailing list samba-ntdom@samba.org. This
-option is only available when running smbpasswd as root. -j DOMAINThis option
-is used to add a Samba server into a Windows NT Domain, as a Domain member
-capable of authenticating user accounts to any Domain Controller in the
-same way as a Windows NT Server. See the security=domain option in the smb.conf
-(5) man page. In order to be used in this way, the Administrator for the
-Windows NT Domain must have used the program "Server Manager for Domains"
-to add the primary NetBIOS name of the Samba server as a member of the
-Domain. After this has been done, to join the Domain invoke smbpasswd with
-this parameter. smbpasswd will then look up the Primary Domain Controller
-for the Domain (found in the smb.conf file in the parameter password server
-and change the machine account password used to create the secure Domain
-communication. This password is then stored by smbpasswd in a file, read
-only by root, called CW<Domain>.<Machine>.mac where CW<Domain> is the name of the
-Domain we are joining and CW<Machine> is the primary NetBIOS name of the
-machine we are running on. Once this operation has been performed the smb.conf
-file may be updated to set the security=domain option and all future logins
-to the Samba server will be authenticated to the Windows NT PDC. Note that
-even though the authentication is being done to the PDC all users accessing
-the Samba server must still have a valid UNIX account on that machine. This
-option is only available when running smbpasswd as root. -U usernameThis
-option may only be used in conjunction with the -r option. When changing
-a password on a remote machine it allows the user to specify the user name
-on that machine whose password will be changed. It is present to allow users
-who have different user names on different systems to change these passwords.
--hThis option prints the help string for smbpasswd, selecting the correct
-one for running as root or as an ordinary user. -sThis option causes smbpasswd
-to be silent (i.e. not issue prompts) and to read it's old and new passwords
-from standard input, rather than from CW/dev/tty (like the passwd (1)
-program does). This option is to aid people writing scripts to drive smbpasswd
-usernameThis specifies the username for all of the root only options to
-operate on. Only root can specify this parameter as only root has the permission
-needed to modify attributes directly in the local smbpasswd file. NotesSince
-smbpasswd works in client-server mode communicating with a local smbd for
-a non-root user then the smbd daemon must be running for this to work. A
-common problem is to add a restriction to the hosts that may access the
-smbd running on the local machine by specifying a "allow hosts" or "deny
-hosts" entry in the smb.conf file and neglecting to allow "localhost" access
-to the smbd. In addition, the smbpasswd command is only useful if Samba
-has been set up to use encrypted passwords. See the file ENCRYPTION.txt in
-the docs directory for details on how to do this. VersionThis man page is
-correct for version 2.0 of the Samba suite. AuthorThe original Samba software
-and related utilities were created by Andrew Tridgell samba@samba.org. Samba
-is now developed by the Samba Team as an Open Source project similar to
-the way the Linux kernel is developed. The original Samba man pages were
-written by Karl Auer. The man page sources were converted to YODL format
-(another excellent piece of Open Source software, available at ftp://ftp.icce.rug.nl/pub/unix/)
-and updated for the Samba2.0 release by Jeremy Allison. samba@samba.org. See
-samba (7) to find out how to get a full list of contributors and details
-on how to submit bug reports, comments etc. \ No newline at end of file
+<refmeta>
+ <refentrytitle>smbpasswd</refentrytitle>
+ <manvolnum>8</manvolnum>
+</refmeta>
+
+
+<refnamediv>
+ <refname>smbpasswd</refname>
+ <refpurpose>change a users SMB password</refpurpose>
+</refnamediv>
+
+<refsynopsisdiv>
+ <cmdsynopsis>
+ <command>smbpasswd</command>
+ <arg choice="opt">-a</arg>
+ <arg choice="opt">-x</arg>
+ <arg choice="opt">-d</arg>
+ <arg choice="opt">-e</arg>
+ <arg choice="opt">-D debuglevel</arg>
+ <arg choice="opt">-n</arg>
+ <arg choice="opt">-r &lt;remote machine&gt;</arg>
+ <arg choice="opt">-R &lt;name resolve order&gt;</arg>
+ <arg choice="opt">-m</arg>
+ <arg choice="opt">-j DOMAIN</arg>
+ <arg choice="opt">-U username</arg>
+ <arg choice="opt">-h</arg>
+ <arg choice="opt">-s</arg>
+ <arg choice="opt">username</arg>
+ </cmdsynopsis>
+</refsynopsisdiv>
+
+<refsect1>
+ <title>DESCRIPTION</title>
+
+ <para>This tool is part of the <ulink url="samba.7.html">
+ Samba</ulink> suite.</para>
+
+ <para>The smbpasswd program has several different
+ functions, depending on whether it is run by the <emphasis>root</emphasis>
+ user or not. When run as a normal user it allows the user to change
+ the password used for their SMB sessions on any machines that store
+ SMB passwords. </para>
+
+ <para>By default (when run with no arguments) it will attempt to
+ change the current users SMB password on the local machine. This is
+ similar to the way the <command>passwd(1)</command> program works.
+ <command>smbpasswd</command> differs from how the passwd program works
+ however in that it is not <emphasis>setuid root</emphasis> but works in
+ a client-server mode and communicates with a locally running
+ <command>smbd(8)</command>. As a consequence in order for this to
+ succeed the smbd daemon must be running on the local machine. On a
+ UNIX machine the encrypted SMB passwords are usually stored in
+ the <filename>smbpasswd(5)</filename> file. </para>
+
+ <para>When run by an ordinary user with no options. smbpasswd
+ will prompt them for their old smb password and then ask them
+ for their new password twice, to ensure that the new password
+ was typed correctly. No passwords will be echoed on the screen
+ whilst being typed. If you have a blank smb password (specified by
+ the string "NO PASSWORD" in the smbpasswd file) then just press
+ the &lt;Enter&gt; key when asked for your old password. </para>
+
+ <para>smbpasswd can also be used by a normal user to change their
+ SMB password on remote machines, such as Windows NT Primary Domain
+ Controllers. See the (-r) and -U options below. </para>
+
+ <para>When run by root, smbpasswd allows new users to be added
+ and deleted in the smbpasswd file, as well as allows changes to
+ the attributes of the user in this file to be made. When run by root,
+ <command>smbpasswd</command> accesses the local smbpasswd file
+ directly, thus enabling changes to be made even if smbd is not
+ running. </para>
+</refsect1>
+
+<refsect1>
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>-a</term>
+ <listitem><para>This option specifies that the username
+ following should be added to the local smbpasswd file, with the
+ new password typed (type &lt;Enter&gt; for the old password). This
+ option is ignored if the username following already exists in
+ the smbpasswd file and it is treated like a regular change
+ password command. Note that the user to be added must already exist
+ in the system password file (usually <filename>/etc/passwd</filename>)
+ else the request to add the user will fail. </para>
+
+ <para>This option is only available when running smbpasswd
+ as root. </para></listitem>
+ </varlistentry>
+
+
+
+ <varlistentry>
+ <term>-x</term>
+ <listitem><para>This option specifies that the username
+ following should be deleted from the local smbpasswd file.
+ </para>
+
+ <para>This option is only available when running smbpasswd as
+ root.</para></listitem>
+ </varlistentry>
+
+
+
+ <varlistentry>
+ <term>-d</term>
+ <listitem><para>This option specifies that the username following
+ should be <constant>disabled</constant> in the local smbpasswd
+ file. This is done by writing a <constant>'D'</constant> flag
+ into the account control space in the smbpasswd file. Once this
+ is done all attempts to authenticate via SMB using this username
+ will fail. </para>
+
+ <para>If the smbpasswd file is in the 'old' format (pre-Samba 2.0
+ format) there is no space in the users password entry to write
+ this information and so the user is disabled by writing 'X' characters
+ into the password space in the smbpasswd file. See <command>smbpasswd(5)
+ </command> for details on the 'old' and new password file formats.
+ </para>
+
+ <para>This option is only available when running smbpasswd as
+ root.</para></listitem>
+ </varlistentry>
+
+
+ <varlistentry>
+ <term>-e</term>
+ <listitem><para>This option specifies that the username following
+ should be <constant>enabled</constant> in the local smbpasswd file,
+ if the account was previously disabled. If the account was not
+ disabled this option has no effect. Once the account is enabled then
+ the user will be able to authenticate via SMB once again. </para>
+
+ <para>If the smbpasswd file is in the 'old' format, then <command>
+ smbpasswd</command> will prompt for a new password for this user,
+ otherwise the account will be enabled by removing the <constant>'D'
+ </constant> flag from account control space in the <filename>
+ smbpasswd</filename> file. See <command>smbpasswd (5)</command> for
+ details on the 'old' and new password file formats. </para>
+
+ <para>This option is only available when running smbpasswd as root.
+ </para></listitem>
+ </varlistentry>
+
+
+
+ <varlistentry>
+ <term>-D debuglevel</term>
+ <listitem><para><parameter>debuglevel</parameter> is an integer
+ from 0 to 10. The default value if this parameter is not specified
+ is zero. </para>
+
+ <para>The higher this value, the more detail will be logged to the
+ log files about the activities of smbpasswd. At level 0, only
+ critical errors and serious warnings will be logged. </para>
+
+ <para>Levels above 1 will generate considerable amounts of log
+ data, and should only be used when investigating a problem. Levels
+ above 3 are designed for use only by developers and generate
+ HUGE amounts of log data, most of which is extremely cryptic.
+ </para></listitem>
+ </varlistentry>
+
+
+
+ <varlistentry>
+ <term>-n</term>
+ <listitem><para>This option specifies that the username following
+ should have their password set to null (i.e. a blank password) in
+ the local smbpasswd file. This is done by writing the string "NO
+ PASSWORD" as the first part of the first password stored in the
+ smbpasswd file. </para>
+
+ <para>Note that to allow users to logon to a Samba server once
+ the password has been set to "NO PASSWORD" in the smbpasswd
+ file the administrator must set the following parameter in the [global]
+ section of the <filename>smb.conf</filename> file : </para>
+
+ <para><command>null passwords = yes</command></para>
+
+ <para>This option is only available when running smbpasswd as
+ root.</para></listitem>
+ </varlistentry>
+
+
+
+ <varlistentry>
+ <term>-r remote machine name</term>
+ <listitem><para>This option allows a user to specify what machine
+ they wish to change their password on. Without this parameter
+ smbpasswd defaults to the local host. The <replaceable>remote
+ machine name</replaceable> is the NetBIOS name of the SMB/CIFS
+ server to contact to attempt the password change. This name is
+ resolved into an IP address using the standard name resolution
+ mechanism in all programs of the Samba suite. See the <parameter>-R
+ name resolve order</parameter> parameter for details on changing
+ this resolving mechanism. </para>
+
+ <para>The username whose password is changed is that of the
+ current UNIX logged on user. See the <parameter>-U username</parameter>
+ parameter for details on changing the password for a different
+ username. </para>
+
+ <para>Note that if changing a Windows NT Domain password the
+ remote machine specified must be the Primary Domain Controller for
+ the domain (Backup Domain Controllers only have a read-only
+ copy of the user account database and will not allow the password
+ change).</para>
+
+ <para><emphasis>Note</emphasis> that Windows 95/98 do not have
+ a real password database so it is not possible to change passwords
+ specifying a Win95/98 machine as remote machine target. </para>
+ </listitem>
+ </varlistentry>
+
+
+ <varlistentry>
+ <term>-R name resolve order</term>
+ <listitem><para>This option allows the user of smbclient to determine
+ what name resolution services to use when looking up the NetBIOS
+ name of the host being connected to. </para>
+
+ <para>The options are :"lmhosts", "host", "wins" and "bcast". They cause
+ names to be resolved as follows : </para>
+ <itemizedlist>
+ <listitem><para><constant>lmhosts</constant> : Lookup an IP
+ address in the Samba lmhosts file. If the line in lmhosts has
+ no name type attached to the NetBIOS name (see the <ulink
+ url="lmhosts.5.html">lmhosts(5)</ulink> for details) then
+ any name type matches for lookup.</para></listitem>
+
+ <listitem><para><constant>host</constant> : Do a standard host
+ name to IP address resolution, using the system <filename>/etc/hosts
+ </filename>, NIS, or DNS lookups. This method of name resolution
+ is operating system depended for instance on IRIX or Solaris this
+ may be controlled by the <filename>/etc/nsswitch.conf</filename>
+ file). Note that this method is only used if the NetBIOS name
+ type being queried is the 0x20 (server) name type, otherwise
+ it is ignored.</para></listitem>
+
+ <listitem><para><constant>wins</constant> : Query a name with
+ the IP address listed in the <parameter>wins server</parameter>
+ parameter. If no WINS server has been specified this method
+ will be ignored.</para></listitem>
+
+ <listitem><para><constant>bcast</constant> : Do a broadcast on
+ each of the known local interfaces listed in the
+ <parameter>interfaces</parameter> parameter. This is the least
+ reliable of the name resolution methods as it depends on the
+ target host being on a locally connected subnet.</para></listitem>
+ </itemizedlist>
+
+ <para>The default order is <command>lmhosts, host, wins, bcast</command>
+ and without this parameter or any entry in the
+ <filename>smb.conf</filename> file the name resolution methods will
+ be attempted in this order. </para></listitem>
+ </varlistentry>
+
+
+ <varlistentry>
+ <term>-m</term>
+ <listitem><para>This option tells smbpasswd that the account
+ being changed is a MACHINE account. Currently this is used
+ when Samba is being used as an NT Primary Domain Controller.</para>
+
+ <para>This option is only available when running smbpasswd as root.
+ </para></listitem>
+ </varlistentry>
+
+
+ <varlistentry>
+ <term>-j DOMAIN</term>
+ <listitem><para>This option is used to add a Samba server
+ into a Windows NT Domain, as a Domain member capable of authenticating
+ user accounts to any Domain Controller in the same way as a Windows
+ NT Server. See the <command>security = domain</command> option in
+ the <filename>smb.conf(5)</filename> man page. </para>
+
+ <para>In order to be used in this way, the Administrator for
+ the Windows NT Domain must have used the program "Server Manager
+ for Domains" to add the primary NetBIOS name of the Samba server
+ as a member of the Domain. </para>
+
+ <para>After this has been done, to join the Domain invoke <command>
+ smbpasswd</command> with this parameter. smbpasswd will then
+ look up the Primary Domain Controller for the Domain (found in
+ the <filename>smb.conf</filename> file in the parameter
+ <parameter>password server</parameter> and change the machine account
+ password used to create the secure Domain communication. This
+ password is then stored by smbpasswd in a TDB, writeable only by root,
+ called <filename>secrets.tdb</filename> </para>
+
+ <para>Once this operation has been performed the <filename>
+ smb.conf</filename> file may be updated to set the <command>
+ security = domain</command> option and all future logins
+ to the Samba server will be authenticated to the Windows NT
+ PDC. </para>
+
+ <para>Note that even though the authentication is being
+ done to the PDC all users accessing the Samba server must still
+ have a valid UNIX account on that machine. </para>
+
+
+ <para>This option is only available when running smbpasswd as root.
+ </para></listitem>
+ </varlistentry>
+
+
+
+ <varlistentry>
+ <term>-U username</term>
+ <listitem><para>This option may only be used in conjunction
+ with the <parameter>-r</parameter> option. When changing
+ a password on a remote machine it allows the user to specify
+ the user name on that machine whose password will be changed. It
+ is present to allow users who have different user names on
+ different systems to change these passwords. </para></listitem>
+ </varlistentry>
+
+
+ <varlistentry>
+ <term>-h</term>
+ <listitem><para>This option prints the help string for <command>
+ smbpasswd</command>, selecting the correct one for running as root
+ or as an ordinary user. </para></listitem>
+ </varlistentry>
+
+
+
+ <varlistentry>
+ <term>-s</term>
+ <listitem><para>This option causes smbpasswd to be silent (i.e.
+ not issue prompts) and to read it's old and new passwords from
+ standard input, rather than from <filename>/dev/tty</filename>
+ (like the <command>passwd(1)</command> program does). This option
+ is to aid people writing scripts to drive smbpasswd</para>
+ </listitem>
+ </varlistentry>
+
+
+
+ <varlistentry>
+ <term>username</term>
+ <listitem><para>This specifies the username for all of the
+ <emphasis>root only</emphasis> options to operate on. Only root
+ can specify this parameter as only root has the permission needed
+ to modify attributes directly in the local smbpasswd file.
+ </para></listitem>
+ </varlistentry>
+ </variablelist>
+</refsect1>
+
+
+<refsect1>
+ <title>NOTES</title>
+
+ <para>Since <command>smbpasswd</command> works in client-server
+ mode communicating with a local smbd for a non-root user then
+ the smbd daemon must be running for this to work. A common problem
+ is to add a restriction to the hosts that may access the <command>
+ smbd</command> running on the local machine by specifying a
+ <parameter>allow hosts</parameter> or <parameter>deny hosts</parameter>
+ entry in the <filename>smb.conf</filename> file and neglecting to
+ allow "localhost" access to the smbd. </para>
+
+ <para>In addition, the smbpasswd command is only useful if Samba
+ has been set up to use encrypted passwords. See the file
+ <filename>ENCRYPTION.txt</filename> in the docs directory for details
+ on how to do this. </para>
+</refsect1>
+
+
+<refsect1>
+ <title>VERSION</title>
+
+ <para>This man page is correct for version 2.2 of
+ the Samba suite.</para>
+</refsect1>
+
+<refsect1>
+ <title>SEE ALSO</title>
+ <para><ulink url="smbpasswd.5.html"><filename>smbpasswd(5)</filename></ulink>,
+ <ulink url="samba.7.html">samba(7)</ulink>
+ </para>
+</refsect1>
+
+<refsect1>
+ <title>AUTHOR</title>
+
+ <para>The original Samba software and related utilities
+ were created by Andrew Tridgell. Samba is now developed
+ by the Samba Team as an Open Source project similar
+ to the way the Linux kernel is developed.</para>
+
+ <para>The original Samba man pages were written by Karl Auer.
+ The man page sources were converted to YODL format (another
+ excellent piece of Open Source software, available at
+ <ulink url="ftp://ftp.icce.rug.nl/pub/unix/">
+ ftp://ftp.icce.rug.nl/pub/unix/</ulink>) and updated for the Samba 2.0
+ release by Jeremy Allison. The conversion to DocBook for
+ Samba 2.2 was done by Gerald Carter</para>
+</refsect1>
+
+</refentry>