summaryrefslogtreecommitdiff
path: root/docs/manpages/smbpasswd.8
diff options
context:
space:
mode:
Diffstat (limited to 'docs/manpages/smbpasswd.8')
-rw-r--r--docs/manpages/smbpasswd.8607
1 files changed, 300 insertions, 307 deletions
diff --git a/docs/manpages/smbpasswd.8 b/docs/manpages/smbpasswd.8
index be70fad031..3c134913a9 100644
--- a/docs/manpages/smbpasswd.8
+++ b/docs/manpages/smbpasswd.8
@@ -1,308 +1,301 @@
-.TH "smbpasswd " "8" "23 Oct 1998" "Samba" "SAMBA"
-.PP
-.SH "NAME"
+.\" This manpage has been automatically generated by docbook2man-spec
+.\" from a DocBook document. docbook2man-spec can be found at:
+.\" <http://shell.ipoline.com/~elmert/hacks/docbook2X/>
+.\" Please send any bug reports, improvements, comments, patches,
+.\" etc. to Steve Cheng <steve@ggi-project.org>.
+.TH "SMBPASSWD" "8" "22 February 2001" "" ""
+.SH NAME
smbpasswd \- change a users SMB password
-.PP
-.SH "SYNOPSIS"
-.PP
-\fBsmbpasswd\fP [-a] [-x] [-d] [-e] [-D debug level] [-n] [-r remote_machine] [-R name resolve order] [-m] [-j DOMAIN] [-U username] [-h] [-s] username
-.PP
-.SH "DESCRIPTION"
-.PP
-This program is part of the \fBSamba\fP suite\&.
-.PP
-The \fBsmbpasswd\fP program has several different functions, depending
-on whether it is run by the \fIroot\fP user or not\&. When run as a normal
-user it allows the user to change the password used for their SMB
-sessions on any machines that store SMB passwords\&.
-.PP
-By default (when run with no arguments) it will attempt to change the
-current users SMB password on the local machine\&. This is similar to
-the way the \fBpasswd (1)\fP program works\&. \fBsmbpasswd\fP differs from how
-the \fBpasswd\fP program works however in that it is not \fIsetuid root\fP
-but works in a client-server mode and communicates with a locally
-running \fBsmbd\fP\&. As a consequence in order for this
-to succeed the \fBsmbd\fP daemon must be running on
-the local machine\&. On a UNIX machine the encrypted SMB passwords are
-usually stored in the \fBsmbpasswd (5)\fP file\&.
-.PP
-When run by an ordinary user with no options\&. \fBsmbpasswd\fP will
-prompt them for their old smb password and then ask them for their new
-password twice, to ensure that the new password was typed
-correctly\&. No passwords will be echoed on the screen whilst being
-typed\&. If you have a blank smb password (specified by the string "NO
-PASSWORD" in the \fBsmbpasswd\fP file) then just
-press the <Enter> key when asked for your old password\&.
-.PP
-\fBsmbpasswd\fP can also be used by a normal user to change their SMB
-password on remote machines, such as Windows NT Primary Domain
-Controllers\&. See the (\fB-r\fP) and
-\fB-U\fP options below\&.
-.PP
-When run by root, \fBsmbpasswd\fP allows new users to be added and
-deleted in the \fBsmbpasswd\fP file, as well as
-allows changes to the attributes of the user in this file to be made\&. When
-run by root, \fBsmbpasswd\fP accesses the local
-\fBsmbpasswd\fP file directly, thus enabling
-changes to be made even if \fBsmbd\fP is not running\&.
-.PP
-.SH "OPTIONS"
-.PP
-.IP
-.IP "\fB-a\fP"
-This option specifies that the username following should
-be added to the local \fBsmbpasswd\fP file, with
-the new password typed (type <Enter> for the old password)\&. This
-option is ignored if the username following already exists in the
-\fBsmbpasswd\fP file and it is treated like a
-regular change password command\&. Note that the user to be added
-\fBmust\fP already exist in the system password file (usually /etc/passwd)
-else the request to add the user will fail\&.
-.IP
-This option is only available when running \fBsmbpasswd\fP as
-root\&.
-.IP
-.IP "\fB-x\fP"
-This option specifies that the username following should
-be deleted from the local \fBsmbpasswd\fP file\&.
-.IP
-This option is only available when running \fBsmbpasswd\fP as
-root\&.
-.IP
-.IP "\fB-d\fP"
-This option specifies that the username following should be
-\fIdisabled\fP in the local \fBsmbpasswd\fP file\&.
-This is done by writing a \fI\'D\'\fP flag into the account control space
-in the \fBsmbpasswd\fP file\&. Once this is done
-all attempts to authenticate via SMB using this username will fail\&.
-.IP
-If the \fBsmbpasswd\fP file is in the \'old\'
-format (pre-Samba 2\&.0 format) there is no space in the users password
-entry to write this information and so the user is disabled by writing
-\'X\' characters into the password space in the
-\fBsmbpasswd\fP file\&. See \fBsmbpasswd
-(5)\fP for details on the \'old\' and new password file
-formats\&.
-.IP
-This option is only available when running \fBsmbpasswd\fP as root\&.
-.IP
-.IP "\fB-e\fP"
-This option specifies that the username following should be
-\fIenabled\fP in the local \fBsmbpasswd\fP file,
-if the account was previously disabled\&. If the account was not
-disabled this option has no effect\&. Once the account is enabled
-then the user will be able to authenticate via SMB once again\&.
-.IP
-If the smbpasswd file is in the \'old\' format then \fBsmbpasswd\fP will
-prompt for a new password for this user, otherwise the account will be
-enabled by removing the \fI\'D\'\fP flag from account control space in the
-\fBsmbpasswd\fP file\&. See \fBsmbpasswd
-(5)\fP for details on the \'old\' and new password file
-formats\&.
-.IP
-This option is only available when running \fBsmbpasswd\fP as root\&.
-.IP
-.IP "\fB-D debuglevel\fP"
-debuglevel is an integer from 0
-to 10\&. The default value if this parameter is not specified is zero\&.
-.IP
-The higher this value, the more detail will be logged to the log files
-about the activities of smbpasswd\&. At level 0, only critical errors
-and serious warnings will be logged\&.
-.IP
-Levels above 1 will generate considerable amounts of log data, and
-should only be used when investigating a problem\&. Levels above 3 are
-designed for use only by developers and generate HUGE amounts of log
-data, most of which is extremely cryptic\&.
-.IP
-.IP "\fB-n\fP"
-This option specifies that the username following should
-have their password set to null (i\&.e\&. a blank password) in the local
-\fBsmbpasswd\fP file\&. This is done by writing the
-string "NO PASSWORD" as the first part of the first password stored in
-the \fBsmbpasswd\fP file\&.
-.IP
-Note that to allow users to logon to a Samba server once the password
-has been set to "NO PASSWORD" in the
-\fBsmbpasswd\fP file the administrator must set
-the following parameter in the [global] section of the
-\fBsmb\&.conf\fP file :
-.IP
-null passwords = true
-.IP
-This option is only available when running \fBsmbpasswd\fP as root\&.
-.IP
-.IP "\fB-r remote machine name\fP"
-This option allows a
-user to specify what machine they wish to change their password
-on\&. Without this parameter \fBsmbpasswd\fP defaults to the local
-host\&. The \fI"remote machine name"\fP is the NetBIOS name of the
-SMB/CIFS server to contact to attempt the password change\&. This name
-is resolved into an IP address using the standard name resolution
-mechanism in all programs of the \fBSamba\fP
-suite\&. See the \fB-R name resolve order\fP parameter for details on changing this resolving
-mechanism\&.
-.IP
-The username whose password is changed is that of the current UNIX
-logged on user\&. See the \fB-U username\fP
-parameter for details on changing the password for a different
-username\&.
-.IP
-Note that if changing a Windows NT Domain password the remote machine
-specified must be the Primary Domain Controller for the domain (Backup
-Domain Controllers only have a read-only copy of the user account
-database and will not allow the password change)\&.
-.IP
-\fINote\fP that Windows 95/98 do not have a real password database
-so it is not possible to change passwords specifying a Win95/98
-machine as remote machine target\&.
-.IP
-.IP "\fB-R name resolve order\fP"
-This option allows the user of
-smbclient to determine what name resolution services to use when
-looking up the NetBIOS name of the host being connected to\&.
-.IP
-The options are :"lmhosts", "host",
-"wins" and "bcast"\&. They cause names to be
-resolved as follows :
-.IP
-.IP
-.IP o
-\fBlmhosts\fP : Lookup an IP address in the Samba lmhosts file\&.
-.IP
-.IP o
-\fBhost\fP : Do a standard host name to IP address resolution,
-using the system /etc/hosts, NIS, or DNS lookups\&. This method of name
-resolution is operating system dependent\&. For instance on IRIX or
-Solaris, this may be controlled by the \fI/etc/nsswitch\&.conf\fP file)\&.
-.IP
-.IP o
-\fBwins\fP : Query a name with the IP address listed in the
-\fBwins server\fP parameter in the
-\fBsmb\&.conf file\fP\&. If
-no WINS server has been specified this method will be ignored\&.
-.IP
-.IP o
-\fBbcast\fP : Do a broadcast on each of the known local interfaces
-listed in the \fBinterfaces\fP parameter
-in the smb\&.conf file\&. This is the least reliable of the name resolution
-methods as it depends on the target host being on a locally connected
-subnet\&.
-.IP
-.IP
-If this parameter is not set then the name resolve order defined
-in the \fBsmb\&.conf\fP file parameter
-\fBname resolve order\fP
-will be used\&.
-.IP
-The default order is lmhosts, host, wins, bcast and without this
-parameter or any entry in the \fBsmb\&.conf\fP
-file the name resolution methods will be attempted in this order\&.
-.IP
-.IP "\fB-m\fP"
-This option tells \fBsmbpasswd\fP that the account being
-changed is a \fIMACHINE\fP account\&. Currently this is used when Samba is
-being used as an NT Primary Domain Controller\&. PDC support is not a
-supported feature in Samba2\&.0 but will become supported in a later
-release\&. If you wish to know more about using Samba as an NT PDC then
-please subscribe to the mailing list
-samba-ntdom@samba\&.org\&.
-.IP
-This option is only available when running \fBsmbpasswd\fP as root\&.
-.IP
-.IP "\fB-j DOMAIN\fP"
-This option is used to add a Samba server into a
-Windows NT Domain, as a Domain member capable of authenticating user
-accounts to any Domain Controller in the same way as a Windows NT
-Server\&. See the \fBsecurity=domain\fP
-option in the \fBsmb\&.conf (5)\fP man page\&.
-.IP
-In order to be used in this way, the Administrator for the Windows
-NT Domain must have used the program \fI"Server Manager for Domains"\fP
-to add the primary NetBIOS name of
-the Samba server as a member of the Domain\&.
-.IP
-After this has been done, to join the Domain invoke \fBsmbpasswd\fP with
-this parameter\&. \fBsmbpasswd\fP will then look up the Primary Domain
-Controller for the Domain (found in the
-\fBsmb\&.conf\fP file in the parameter
-\fBpassword server\fP and change
-the machine account password used to create the secure Domain
-communication\&. This password is then stored by \fBsmbpasswd\fP in a
-file, read only by root, called \f(CW<Domain>\&.<Machine>\&.mac\fP where
-\f(CW<Domain>\fP is the name of the Domain we are joining and \f(CW<Machine>\fP
-is the primary NetBIOS name of the machine we are running on\&.
-.IP
-Once this operation has been performed the
-\fBsmb\&.conf\fP file may be updated to set the
-\fBsecurity=domain\fP option and all
-future logins to the Samba server will be authenticated to the Windows
-NT PDC\&.
-.IP
-Note that even though the authentication is being done to the PDC all
-users accessing the Samba server must still have a valid UNIX account
-on that machine\&.
-.IP
-This option is only available when running \fBsmbpasswd\fP as root\&.
-.IP
-.IP "\fB-U username\fP"
-This option may only be used in
-conjunction with the \fB-r\fP
-option\&. When changing a password on a remote machine it allows the
-user to specify the user name on that machine whose password will be
-changed\&. It is present to allow users who have different user names on
-different systems to change these passwords\&.
-.IP
-.IP "\fB-h\fP"
-This option prints the help string for \fBsmbpasswd\fP,
-selecting the correct one for running as root or as an ordinary user\&.
-.IP
-.IP "\fB-s\fP"
-This option causes \fBsmbpasswd\fP to be silent (i\&.e\&. not
-issue prompts) and to read it\'s old and new passwords from standard
-input, rather than from \f(CW/dev/tty\fP (like the \fBpasswd (1)\fP program
-does)\&. This option is to aid people writing scripts to drive \fBsmbpasswd\fP
-.IP
-.IP "\fBusername\fP"
-This specifies the username for all of the \fIroot
-only\fP options to operate on\&. Only root can specify this parameter as
-only root has the permission needed to modify attributes directly
-in the local \fBsmbpasswd\fP file\&.
-.IP
-.SH "NOTES"
-.IP
-Since \fBsmbpasswd\fP works in client-server mode communicating with a
-local \fBsmbd\fP for a non-root user then the \fBsmbd\fP
-daemon must be running for this to work\&. A common problem is to add a
-restriction to the hosts that may access the \fBsmbd\fP running on the
-local machine by specifying a \fB"allow
-hosts"\fP or \fB"deny
-hosts"\fP entry in the
-\fBsmb\&.conf\fP file and neglecting to allow
-\fI"localhost"\fP access to the \fBsmbd\fP\&.
-.IP
-In addition, the \fBsmbpasswd\fP command is only useful if \fBSamba\fP has
-been set up to use encrypted passwords\&. See the file \fBENCRYPTION\&.txt\fP
-in the docs directory for details on how to do this\&.
-.IP
-.SH "VERSION"
-.IP
-This man page is correct for version 2\&.0 of the Samba suite\&.
-.IP
-.SH "AUTHOR"
-.IP
-The original Samba software and related utilities were created by
-Andrew Tridgell samba@samba\&.org\&. Samba is now developed
-by the Samba Team as an Open Source project similar to the way the
-Linux kernel is developed\&.
-.IP
-The original Samba man pages were written by Karl Auer\&. The man page
-sources were converted to YODL format (another excellent piece of Open
-Source software, available at
-\fBftp://ftp\&.icce\&.rug\&.nl/pub/unix/\fP)
-and updated for the Samba2\&.0 release by Jeremy Allison\&.
-samba@samba\&.org\&.
-.IP
-See \fBsamba (7)\fP to find out how to get a full
-list of contributors and details on how to submit bug reports,
-comments etc\&.
+.SH SYNOPSIS
+.sp
+\fBsmbpasswd\fR [ \fB-a\fR ] [ \fB-x\fR ] [ \fB-d\fR ] [ \fB-e\fR ] [ \fB-D debuglevel\fR ] [ \fB-n\fR ] [ \fB-r <remote machine>\fR ] [ \fB-R <name resolve order>\fR ] [ \fB-m\fR ] [ \fB-j DOMAIN\fR ] [ \fB-U username\fR ] [ \fB-h\fR ] [ \fB-s\fR ] [ \fBusername\fR ]
+.SH "DESCRIPTION"
+.PP
+This tool is part of the Samba <URL:samba.7.html> suite.
+.PP
+The smbpasswd program has several different
+functions, depending on whether it is run by the \fBroot\fR
+user or not. When run as a normal user it allows the user to change
+the password used for their SMB sessions on any machines that store
+SMB passwords.
+.PP
+By default (when run with no arguments) it will attempt to
+change the current users SMB password on the local machine. This is
+similar to the way the \fBpasswd(1)\fR program works.
+\fBsmbpasswd\fR differs from how the passwd program works
+however in that it is not \fBsetuid root\fR but works in
+a client-server mode and communicates with a locally running
+\fBsmbd(8)\fR. As a consequence in order for this to
+succeed the smbd daemon must be running on the local machine. On a
+UNIX machine the encrypted SMB passwords are usually stored in
+the \fIsmbpasswd(5)\fR file.
+.PP
+When run by an ordinary user with no options. smbpasswd
+will prompt them for their old smb password and then ask them
+for their new password twice, to ensure that the new password
+was typed correctly. No passwords will be echoed on the screen
+whilst being typed. If you have a blank smb password (specified by
+the string "NO PASSWORD" in the smbpasswd file) then just press
+the <Enter> key when asked for your old password.
+.PP
+smbpasswd can also be used by a normal user to change their
+SMB password on remote machines, such as Windows NT Primary Domain
+Controllers. See the (-r) and -U options below.
+.PP
+When run by root, smbpasswd allows new users to be added
+and deleted in the smbpasswd file, as well as allows changes to
+the attributes of the user in this file to be made. When run by root,
+\fBsmbpasswd\fR accesses the local smbpasswd file
+directly, thus enabling changes to be made even if smbd is not
+running.
+.SH "OPTIONS"
+.TP
+\fB-a\fR
+This option specifies that the username
+following should be added to the local smbpasswd file, with the
+new password typed (type <Enter> for the old password). This
+option is ignored if the username following already exists in
+the smbpasswd file and it is treated like a regular change
+password command. Note that the user to be added must already exist
+in the system password file (usually \fI/etc/passwd\fR)
+else the request to add the user will fail.
+
+This option is only available when running smbpasswd
+as root.
+.TP
+\fB-x\fR
+This option specifies that the username
+following should be deleted from the local smbpasswd file.
+
+This option is only available when running smbpasswd as
+root.
+.TP
+\fB-d\fR
+This option specifies that the username following
+should be disabled in the local smbpasswd
+file. This is done by writing a 'D' flag
+into the account control space in the smbpasswd file. Once this
+is done all attempts to authenticate via SMB using this username
+will fail.
+
+If the smbpasswd file is in the 'old' format (pre-Samba 2.0
+format) there is no space in the users password entry to write
+this information and so the user is disabled by writing 'X' characters
+into the password space in the smbpasswd file. See \fBsmbpasswd(5)
+\fRfor details on the 'old' and new password file formats.
+
+This option is only available when running smbpasswd as
+root.
+.TP
+\fB-e\fR
+This option specifies that the username following
+should be enabled in the local smbpasswd file,
+if the account was previously disabled. If the account was not
+disabled this option has no effect. Once the account is enabled then
+the user will be able to authenticate via SMB once again.
+
+If the smbpasswd file is in the 'old' format, then \fB smbpasswd\fR will prompt for a new password for this user,
+otherwise the account will be enabled by removing the 'D'
+flag from account control space in the \fI smbpasswd\fR file. See \fBsmbpasswd (5)\fR for
+details on the 'old' and new password file formats.
+
+This option is only available when running smbpasswd as root.
+.TP
+\fB-D debuglevel\fR
+\fIdebuglevel\fR is an integer
+from 0 to 10. The default value if this parameter is not specified
+is zero.
+
+The higher this value, the more detail will be logged to the
+log files about the activities of smbpasswd. At level 0, only
+critical errors and serious warnings will be logged.
+
+Levels above 1 will generate considerable amounts of log
+data, and should only be used when investigating a problem. Levels
+above 3 are designed for use only by developers and generate
+HUGE amounts of log data, most of which is extremely cryptic.
+.TP
+\fB-n\fR
+This option specifies that the username following
+should have their password set to null (i.e. a blank password) in
+the local smbpasswd file. This is done by writing the string "NO
+PASSWORD" as the first part of the first password stored in the
+smbpasswd file.
+
+Note that to allow users to logon to a Samba server once
+the password has been set to "NO PASSWORD" in the smbpasswd
+file the administrator must set the following parameter in the [global]
+section of the \fIsmb.conf\fR file :
+
+\fBnull passwords = yes\fR
+
+This option is only available when running smbpasswd as
+root.
+.TP
+\fB-r remote machine name\fR
+This option allows a user to specify what machine
+they wish to change their password on. Without this parameter
+smbpasswd defaults to the local host. The \fIremote
+machine name\fR is the NetBIOS name of the SMB/CIFS
+server to contact to attempt the password change. This name is
+resolved into an IP address using the standard name resolution
+mechanism in all programs of the Samba suite. See the \fI-R
+name resolve order\fR parameter for details on changing
+this resolving mechanism.
+
+The username whose password is changed is that of the
+current UNIX logged on user. See the \fI-U username\fR
+parameter for details on changing the password for a different
+username.
+
+Note that if changing a Windows NT Domain password the
+remote machine specified must be the Primary Domain Controller for
+the domain (Backup Domain Controllers only have a read-only
+copy of the user account database and will not allow the password
+change).
+
+\fBNote\fR that Windows 95/98 do not have
+a real password database so it is not possible to change passwords
+specifying a Win95/98 machine as remote machine target.
+.TP
+\fB-R name resolve order\fR
+This option allows the user of smbclient to determine
+what name resolution services to use when looking up the NetBIOS
+name of the host being connected to.
+
+The options are :"lmhosts", "host", "wins" and "bcast". They cause
+names to be resolved as follows :
+.RS
+.TP 0.2i
+\(bu
+lmhosts : Lookup an IP
+address in the Samba lmhosts file. If the line in lmhosts has
+no name type attached to the NetBIOS name (see the lmhosts(5) <URL:lmhosts.5.html> for details) then
+any name type matches for lookup.
+.TP 0.2i
+\(bu
+host : Do a standard host
+name to IP address resolution, using the system \fI/etc/hosts
+\fR, NIS, or DNS lookups. This method of name resolution
+is operating system depended for instance on IRIX or Solaris this
+may be controlled by the \fI/etc/nsswitch.conf\fR
+file). Note that this method is only used if the NetBIOS name
+type being queried is the 0x20 (server) name type, otherwise
+it is ignored.
+.TP 0.2i
+\(bu
+wins : Query a name with
+the IP address listed in the \fIwins server\fR
+parameter. If no WINS server has been specified this method
+will be ignored.
+.TP 0.2i
+\(bu
+bcast : Do a broadcast on
+each of the known local interfaces listed in the
+\fIinterfaces\fR parameter. This is the least
+reliable of the name resolution methods as it depends on the
+target host being on a locally connected subnet.
+.RE
+.PP
+The default order is \fBlmhosts, host, wins, bcast\fR
+and without this parameter or any entry in the
+\fIsmb.conf\fR file the name resolution methods will
+be attempted in this order.
+.PP
+.TP
+\fB-m\fR
+This option tells smbpasswd that the account
+being changed is a MACHINE account. Currently this is used
+when Samba is being used as an NT Primary Domain Controller.
+
+This option is only available when running smbpasswd as root.
+.TP
+\fB-j DOMAIN\fR
+This option is used to add a Samba server
+into a Windows NT Domain, as a Domain member capable of authenticating
+user accounts to any Domain Controller in the same way as a Windows
+NT Server. See the \fBsecurity = domain\fR option in
+the \fIsmb.conf(5)\fR man page.
+
+In order to be used in this way, the Administrator for
+the Windows NT Domain must have used the program "Server Manager
+for Domains" to add the primary NetBIOS name of the Samba server
+as a member of the Domain.
+
+After this has been done, to join the Domain invoke \fB smbpasswd\fR with this parameter. smbpasswd will then
+look up the Primary Domain Controller for the Domain (found in
+the \fIsmb.conf\fR file in the parameter
+\fIpassword server\fR and change the machine account
+password used to create the secure Domain communication. This
+password is then stored by smbpasswd in a TDB, writeable only by root,
+called \fIsecrets.tdb\fR
+
+Once this operation has been performed the \fI smb.conf\fR file may be updated to set the \fB security = domain\fR option and all future logins
+to the Samba server will be authenticated to the Windows NT
+PDC.
+
+Note that even though the authentication is being
+done to the PDC all users accessing the Samba server must still
+have a valid UNIX account on that machine.
+
+This option is only available when running smbpasswd as root.
+.TP
+\fB-U username\fR
+This option may only be used in conjunction
+with the \fI-r\fR option. When changing
+a password on a remote machine it allows the user to specify
+the user name on that machine whose password will be changed. It
+is present to allow users who have different user names on
+different systems to change these passwords.
+.TP
+\fB-h\fR
+This option prints the help string for \fB smbpasswd\fR, selecting the correct one for running as root
+or as an ordinary user.
+.TP
+\fB-s\fR
+This option causes smbpasswd to be silent (i.e.
+not issue prompts) and to read it's old and new passwords from
+standard input, rather than from \fI/dev/tty\fR
+(like the \fBpasswd(1)\fR program does). This option
+is to aid people writing scripts to drive smbpasswd
+.TP
+\fBusername\fR
+This specifies the username for all of the
+\fBroot only\fR options to operate on. Only root
+can specify this parameter as only root has the permission needed
+to modify attributes directly in the local smbpasswd file.
+.SH "NOTES"
+.PP
+Since \fBsmbpasswd\fR works in client-server
+mode communicating with a local smbd for a non-root user then
+the smbd daemon must be running for this to work. A common problem
+is to add a restriction to the hosts that may access the \fB smbd\fR running on the local machine by specifying a
+\fIallow hosts\fR or \fIdeny hosts\fR
+entry in the \fIsmb.conf\fR file and neglecting to
+allow "localhost" access to the smbd.
+.PP
+In addition, the smbpasswd command is only useful if Samba
+has been set up to use encrypted passwords. See the file
+\fIENCRYPTION.txt\fR in the docs directory for details
+on how to do this.
+.SH "VERSION"
+.PP
+This man page is correct for version 2.2 of
+the Samba suite.
+.SH "SEE ALSO"
+.PP
+\fIsmbpasswd(5)\fR <URL:smbpasswd.5.html>,
+samba(7) <URL:samba.7.html>
+.SH "AUTHOR"
+.PP
+The original Samba software and related utilities
+were created by Andrew Tridgell. Samba is now developed
+by the Samba Team as an Open Source project similar
+to the way the Linux kernel is developed.
+.PP
+The original Samba man pages were written by Karl Auer.
+The man page sources were converted to YODL format (another
+excellent piece of Open Source software, available at
+ftp://ftp.icce.rug.nl/pub/unix/ <URL:ftp://ftp.icce.rug.nl/pub/unix/>) and updated for the Samba 2.0
+release by Jeremy Allison. The conversion to DocBook for
+Samba 2.2 was done by Gerald Carter