First versions of the man pages auto-generated from the YODL

source.
Jeremy.
(This used to be commit 00241b15fa8ccd21e1b43726ea131a189c14074e)

1 files changed, 292 insertions, 137 deletions

diff --git a/docs/manpages/smbpasswd.8 b/docs/manpages/smbpasswd.8
index 4f2658736f..e958266560 100644
--- a/docs/manpages/smbpasswd.8
+++ b/docs/manpages/smbpasswd.8
@@ -1,138 +1,293 @@
-.TH SMBPASSWD 8 "09 Oct 1998" "smbpasswd 2.0.0-alpha11"
-.SH NAME
-smbpasswd \- change a users smb password in the smbpasswd file.
-.SH SYNOPSIS
-.B smbpasswd
-[
-.B \-a
-] [
-.B \-r
-remote_machine
-] [
-.B username
-]
-.SH DESCRIPTION
-
-This program is part of the Samba suite.
-
-.B smbpasswd 
-allows a user to change their encrypted smb password which
-is stored in the smbpasswd file (usually kept in the
-.I private
-directory under the
-.I Samba 
-directory hierarchy. Ordinary users can only run the command 
-with no options. It will prompt them for their old smb password
-and then ask them for their new password twice, to ensure that
-the new password was typed correctly. No passwords will
-be echoed on the screen whilst being typed. If you have a blank
-smb password (specified by the string "NO PASSWORD" in the
-smbpasswd file) then just press the <Enter> key when asked
-for your old password.
-
-.B New for 1.9.18p4.
-smbpasswd will now allow a user to change their password
-on a Windows NT server. To use this add the 
-.I \-r
-.I \<remote_machine\>
-paramter to the smbpasswd command. The machine name is looked
-up using the "name resolve order" parameter defined in the
-smb.conf [global] section. Note that when changing a Windows
-NT password for a domain user,
-.I \<remote machine\>
-must be the name of the Primary domain controller.
-
-To allow users to change their passwords from "NO PASSWORD"
-in the smbpasswd file to a valid password the administrator
-must set the following parameter in the [global] section of
-the smb.conf :
-
+.TH "smbpasswd" "8" "23 Oct 1998" "Samba" "SAMBA" 
+.PP 
+.SH "NAME" 
+smbpasswd \- change a users SMB password
+.PP 
+.SH "SYNOPSIS" 
+.PP 
+\fBsmbpasswd\fP [-a] [-d] [-e] [-D debug level] [-n] [-r remote_machine] [-R name resolve order] [-m] [-j DOMAIN] [-U username] [-h] [-s] username
+.PP 
+.SH "DESCRIPTION" 
+.PP 
+This program is part of the \fBSamba\fP suite\&.
+.PP 
+The \fBsmbpasswd\fP program has several different functions, depending
+on whether it is run by the \fIroot\fP user or not\&. When run as a normal
+user it allows the user to change the password used for their SMB
+sessions on any machines that store SMB passwords\&.
+.PP 
+By default (when run with no arguments) it will attempt to change the
+current users SMB password on the local machine\&. This is similar to
+the way the \fBpasswd (1)\fP program works\&. \fBsmbpasswd\fP differs from
+the \fBpasswd\fP program works however in that it is not \fIsetuid root\fP
+but works in a client-server mode and communicates with a locally
+running \fBsmbd\fP\&. As a consequence in order for this
+to succeed the \fBsmbd\fP daemon must be running on
+the local machine\&. On a UNIX machine the encrypted SMB passwords are
+usually stored in the \fBsmbpasswd (5)\fP file\&.
+.PP 
+When run by an ordinary user with no options\&. \fBsmbpasswd\fP will
+prompt them for their old smb password and then ask them for their new
+password twice, to ensure that the new password was typed
+correctly\&. No passwords will be echoed on the screen whilst being
+typed\&. If you have a blank smb password (specified by the string "NO
+PASSWORD" in the \fBsmbpasswd\fP file) then just
+press the <Enter> key when asked for your old password\&.
+.PP 
+\fBsmbpasswd\fP also can be used by a normal user to change their SMB
+password on remote machines, such as Windows NT Primary Domain
+Controllers\&. See the (\fB-r\fP) and
+\fB-U\fP options below\&.
+.PP 
+When run by root, \fBsmbpasswd\fP allows new users to be added and
+deleted in the \fBsmbpasswd\fP file, as well as
+changes to the attributes of the user in this file to be made\&. When
+run by root, \fBsmbpasswd\fP accesses the local
+\fBsmbpasswd\fP file directly, thus enabling
+changes to be made even if \fBsmbd\fP is not running\&.
+.PP 
+.SH "OPTIONS" 
+.PP 
+.IP 
+.IP "\fB-a\fP" 
+This option specifies that the username following should
+be added to the local \fBsmbpasswd\fP file, with
+the new password typed (type <Enter> for the old password)\&. This
+option is ignored if the username following already exists in the
+\fBsmbpasswd\fP file and it is treated like a
+regular change password command\&. Note that the user to be added \&.B
+must already exist in the system password file (usually /etc/passwd)
+else the request to add the user will fail\&.
+.IP 
+This option is only available when running \fBsmbpasswd\fP as
+root\&.
+.IP 
+.IP "\fB-d\fP" 
+This option specifies that the username following should be
+\fIdisabled\fP in the local \fBsmbpasswd\fP file\&.
+This is done by writing a \fI\'D\'\fP flag into the account control space
+in the \fBsmbpasswd\fP file\&. Once this is done
+all attempts to authenticate via SMB using this username will fail\&.
+.IP 
+If the \fBsmbpasswd\fP file is in the \'old\'
+format (pre-Samba 2\&.0 format) there is no space in the users password
+entry to write this information and so the user is disabled by writing
+\'X\' characters into the password space in the
+\fBsmbpasswd\fP file\&. See \fBsmbpasswd
+(5)\fP for details on the \'old\' and new password file
+formats\&.
+.IP 
+This option is only available when running \fBsmbpasswd\fP as root\&.
+.IP 
+.IP "\fB-e\fP" 
+This option specifies that the username following should be
+\fIenabled\fP in the local \fBsmbpasswd\fP file,
+if the account was previously disabled\&. If the account was not
+disabled this option has no effect\&. Once the account is enabled
+then the user will be able to authenticate via SMB once again\&.
+.IP 
+If the smbpasswd file is in the \'old\' format then \fBsmbpasswd\fP will
+prompt for a new password for this user, otherwise the account will be
+enabled by removing the \fI\'D\'\fP flag from account control space in the
+\fBsmbpasswd\fP file\&. See \fBsmbpasswd
+(5)\fP for details on the \'old\' and new password file
+formats\&.
+.IP 
+This option is only available when running \fBsmbpasswd\fP as root\&.
+.IP 
+.IP "\fB-D debuglevel\fP" 
+debuglevel is an integer from 0
+to 10\&.  The default value if this parameter is not specified is zero\&.
+.IP 
+The higher this value, the more detail will be logged to the log files
+about the activities of smbpasswd\&. At level 0, only critical errors
+and serious warnings will be logged\&.
+.IP 
+Levels above 1 will generate considerable amounts of log data, and
+should only be used when investigating a problem\&. Levels above 3 are
+designed for use only by developers and generate HUGE amounts of log
+data, most of which is extremely cryptic\&.
+.IP 
+.IP "\fB-n\fP" 
+This option specifies that the username following should
+have their password set to null (i\&.e\&. a blank password) in the local
+\fBsmbpasswd\fP file\&. This is done by writing the
+string "NO PASSWORD" as the first part of the first password stored in
+the \fBsmbpasswd\fP file\&.
+.IP 
+Note that to allow users to logon to a Samba server once the password
+has been set to "NO PASSWORD" in the
+\fBsmbpasswd\fP file the administrator must set
+the following parameter in the [global] section of the
+\fBsmb\&.conf\fP file :
+.IP 
 null passwords = true
-
-This is 
-.B NOT
-recommended as a general policy, it is recommended that
-new users be assigned a default password instead.
-
-The 
-.I \-a
-and 
-.I username
-options can only be used by a user running as root.
-
-.SH OPTIONS
-.I \-a
-
-.RS 3
-Specifies that the username following should be added to
-the
-.I smbpasswd
-file, with the new password typed (type <Enter> for the
-old password). This option is ignored if the username 
-following already exists in the
-.I smbpasswd
-file and it is treated like a regular change password 
-command. Note that the user to be added
-.B must
-already exist in the system password file (usually /etc/passwd)
-else the request to add the user will fail.
-
-.RE
-.I username
-
-.RS 3
-You may only specify a username to the smbpasswd command
-if you are running as root. Only root should have the
-permission to modify other users smb passwords.
-
-.RE
-.RE
-.SH INSTALLATION
-
-The location of the server and its support files is a matter for individual
-system administrators. The following are thus suggestions only.
-
-It is recommended that the
-.B smbpasswd
-program be installed in the /usr/local/samba/bin directory. This should be
-a directory readable by all, writeable only by root. The program should be
-executable by all. The program 
-.B must not 
-be setuid root.
-
-.SH VERSION
-
-This man page is correct for version 1.9.18p4 of the Samba suite.
-These notes will necessarily lag behind 
-development of the software, so it is possible that your version of 
-the program has extensions or parameter semantics that differ from or are not 
-covered by this man page. Please notify these to the address below for 
-rectification.
-.SH SEE ALSO
-.BR smbd (8), 
-.BR smb.conf (5) 
-.SH
-.B BUGS
-
-.RE
-The
-.B smbpasswd
-command is only useful if
-.I Samba
-has been set up to use encrypted passwords. See the file
-.I ENCRYPTION.txt
-in the docs directory for details on how to do this.
-
-.SH CREDITS
-.RE
-The original Samba software and related utilities were created by 
-Andrew Tridgell (samba-bugs@samba.anu.edu.au). Andrew is also the Keeper
-of the Source for this project. smbpasswd and the encrypted password
-file code was written by Jeremy Allison (samba-bugs@samba.anu.edu.au).
-
-This man page was written by Jeremy Allison. Bug reports to samba-bugs@samba.anu.edu.au.
-
-See
-.BR smb.conf (5)
-for a full list of contributors and details of how to 
-submit bug reports, comments etc.
+.IP 
+This option is only available when running \fBsmbpasswd\fP as root\&.
+.IP 
+.IP "\fB-r remote machine name\fP" 
+This option allows a
+user to specify what machine they wish to change their password
+on\&. Without this parameter \fBsmbpasswd\fP defaults to the local
+host\&. The \fI"remote machine name"\fP is the NetBIOS name of the
+SMB/CIFS server to contact to attempt the password change\&. This name
+is resolved into an IP address using the standard name resolution
+mechanism in all programs of the \fBSamba\fP
+suite\&. See the \fB-R name resolve order\fP parameter for details on changing this resolving
+mechanism\&.
+.IP 
+The username whose password is changed is that of the current UNIX
+logged on user\&. See the \fB-U username\fP
+parameter for details on changing the password for a different
+username\&.
+.IP 
+Note that if changing a Windows NT Domain password the remote machine
+specified must be the Primary Domain Controller for the domain (Backup
+Domain Controllers only have a read-only copy of the user account
+database and will not allow the password change)\&.
+.IP 
+.IP "\fB-R name resolve order\fP" 
+This option allows the user of
+smbclient to determine what name resolution services to use when
+looking up the NetBIOS name of the host being connected to\&.
+.IP 
+The options are :"lmhosts", "host",
+"wins" and "bcast"\&. They cause names to be
+resolved as follows :
+.IP 
+.IP 
+.IP o 
+\fBlmhosts\fP : Lookup an IP address in the Samba lmhosts file\&.
+.IP 
+.IP o 
+\fBhost\fP : Do a standard host name to IP address resolution,
+using the system /etc/hosts, NIS, or DNS lookups\&. This method of name
+resolution is operating system depended for instance on IRIX or
+Solaris this may be controlled by the \fI/etc/nsswitch\&.conf\fP file)\&.
+.IP 
+.IP o 
+\fBwins\fP : Query a name with the IP address listed in the \fBwins
+server\fP parameter in the smb\&.conf file\&. If 
+no WINS server has been specified this method will be ignored\&.
+.IP 
+.IP o 
+\fBbcast\fP : Do a broadcast on each of the known local interfaces
+listed in the \fBinterfaces\fP parameter
+in the smb\&.conf file\&. This is the least reliable of the name resolution
+methods as it depends on the target host being on a locally connected
+subnet\&.
+.IP 
+.IP 
+If this parameter is not set then the name resolver order defined
+in the \fBsmb\&.conf\fP file parameter 
+\fBname resolve order\fP
+will be used\&.
+.IP 
+The default order is lmhosts, host, wins, bcast and without this
+parameter or any entry in the \fBsmb\&.conf\fP 
+file the name resolution methods will be attempted in this order\&.
+.IP 
+.IP "\fB-m\fP" 
+This option tells \fBsmbpasswd\fP that the account being
+changed is a \fIMACHINE\fP account\&. Currently this is used when Samba is
+being used as an NT Primary Domain Controller\&. PDC support is not a
+supported feature in Samba2\&.0 but will become supported in a later
+release\&. If you wish to know more about using Samba as an NT PDC then
+please subscribe to the mailing list
+\fIsamba-ntdom@samba\&.anu\&.edu\&.au\fP\&.
+.IP 
+This option is only available when running \fBsmbpasswd\fP as root\&.
+.IP 
+.IP "\fB-j DOMAIN\fP" 
+This option is used to add a Samba server into a
+Windows NT Domain, as a Domain member capable of authenticating user
+accounts to any Domain Controller in the same way as a Windows NT
+Server\&. See the \fBsecurity=domain\fP
+option in the \fBsmb\&.conf (5)\fP man page\&.
+.IP 
+In order to be used in this way, the Administrator for the Windows
+NT Domain must have used the program \fI"Server Manager for Domains"\fP
+to add the primary NetBIOS name of 
+the Samba server as a member of the Domain\&.
+.IP 
+After this has been done, to join the Domain invoke \fBsmbpasswd\fP with
+this parameter\&. \fBsmbpasswd\fP will then look up the Primary Domain
+Controller for the Domain (found in the
+\fBsmb\&.conf\fP file in the parameter
+\fBpassword server\fP and change
+the machine account password used to create the secure Domain
+communication\&.  This password is then stored by \fBsmbpasswd\fP in a
+file, read only by root, called \f(CW<Domain>\&.<Machine>\&.mac\fP where
+\f(CW<Domain>\fP is the name of the Domain we are joining and tt<Machine>
+is the primary NetBIOS name of the machine we are running on\&.
+.IP 
+Once this operation has been performed the
+\fBsmb\&.conf\fP file may be updated to set the
+\fBsecurity=domain\fP option and all
+future logins to the Samba server will be authenticated to the Windows
+NT PDC\&.
+.IP 
+Note that even though the authentication is being done to the PDC all
+users accessing the Samba server must still have a valid UNIX account
+on that machine\&.
+.IP 
+This option is only available when running \fBsmbpasswd\fP as root\&.
+.IP 
+.IP "\fB-U username\fP" 
+This option may only be used in
+conjunction with the \fB-r\fP
+option\&. When changing a password on a remote machine it allows the
+user to specify the user name on that machine whose password will be
+changed\&. It is present to allow users who have different user names on
+different systems to change these passwords\&.
+.IP 
+.IP "\fB-h\fP" 
+This option prints the help string for \fBsmbpasswd\fP, 
+selecting the correct one for running as root or as an ordinary user\&.
+.IP 
+.IP "\fB-s\fP" 
+This option causes \fBsmbpasswd\fP to be silent (ie\&. not
+issue prompts) and to read it\'s old and new passwords from standard 
+input, rather than from \f(CW/dev/tty\fP (like the \fBpasswd (1)\fP program
+does)\&. This option is to aid people writing scripts to drive \fBsmbpasswd\fP
+.IP 
+dir(\fBusername\fP) This specifies the username for all of the \fIroot
+only\fP options to operate on\&. Only root can specify this parameter as
+only root has the permission needed to modify attributes directly
+in the local \fBsmbpasswd\fP file\&.
+.IP 
+.SH "NOTES" 
+.IP 
+As \fBsmbpasswd\fP works in client-server mode communicating with a
+local \fBsmbd\fP for a non-root user then the \fBsmbd\fP
+daemon must be running for this to work\&. A common problem is to add a
+restriction to the hosts that may access the \fBsmbd\fP running on the
+local machine by specifying a \fB"allow
+hosts"\fP or \fB"deny
+hosts"\fP entry in the
+\fBsmb\&.conf\fP file and neglecting to allow
+\fI"localhost"\fP access to the \fBsmbd\fP\&.
+.IP 
+In addition, the \fBsmbpasswd\fP command is only useful if \fBSamba\fP has
+been set up to use encrypted passwords\&. See the file \fBENCRYPTION\&.txt\fP
+in the docs directory for details on how to do this\&.
+.IP 
+.SH "VERSION" 
+.IP 
+This man page is correct for version 2\&.0 of the Samba suite\&.
+.IP 
+.SH "AUTHOR" 
+.IP 
+The original Samba software and related utilities were created by
+Andrew Tridgell \fIsamba-bugs@samba\&.anu\&.edu\&.au\fP\&. Samba is now developed
+by the Samba Team as an Open Source project similar to the way the
+Linux kernel is developed\&.
+.IP 
+The original Samba man pages were written by Karl Auer\&. The man page
+sources were converted to YODL format (another excellent piece of Open
+Source software) and updated for the Samba2\&.0 release by Jeremy
+Allison, \fIsamba-bugs@samba\&.anu\&.edu\&.au\fP\&.
+.IP 
+See \fBsamba (7)\fP to find out how to get a full
+list of contributors and details on how to submit bug reports,
+comments etc\&.