diff options
Diffstat (limited to 'docs/yodldocs')
-rw-r--r-- | docs/yodldocs/smbpasswd.5.yo | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/docs/yodldocs/smbpasswd.5.yo b/docs/yodldocs/smbpasswd.5.yo index 2466b826b9..692bbfe0e9 100644 --- a/docs/yodldocs/smbpasswd.5.yo +++ b/docs/yodldocs/smbpasswd.5.yo @@ -95,8 +95,90 @@ dit(bf(NT Password Hash)) nl() nl() bf(smbpasswd) file itself must be set to be read/write only by root, with no other access. +label(AccountFlags) +dit(bf(Account Flags)) nl() nl() + + This section contains flags that describe the attributes of the users + account. In the bf(Samba2.0) release this field is bracketed by tt('[') + and tt(']') characters and is always 13 characters in length (including + the tt('[') and tt(']') characters). The contents of this field may be + any of the characters. + + startit() + + label(capU) + it() bf('U') This means this is a em("User") account, ie. an ordinary + user. Only bf(User) and link(bf(Worskstation Trust))(capW) accounts are + currently supported in the bf(smbpasswd) file. + + label(capN) + it() bf('N') This means the account has em(no) password (the passwords + in the fields link(bf(Lanman Password Hash))(LanmanPasswordHash) and + link(bf(NT Password Hash))(NTPasswordHash) are ignored). Note that this + will only allow users to log on with no password if the + url(bf(null passwords))(smb.conf.5.html#nullpasswords) parameter is set + in the url(bf(smb.conf (5)))(smb.conf.5.html) config file. + + label(capD) + it() bf('D') This means the account is diabled and no SMB/CIFS logins + will be allowed for this user. + + label(capW) + it() bf('W') This means this account is a em("Workstation Trust") account. + This kind of account is used in the Samba PDC code stream to allow Windows + NT Workstations and Servers to join a Domain hosted by a Samba PDC. + + endit() + + Other flags may be added as the code is extended in future. The rest of + this field space is filled in with spaces. + +label(LastChangeTime) +dit(bf(Last Change Time)) nl() nl() + + This field consists of the time the account was last modified. It consists of + the characters tt(LCT-) (standing for em("Last Change Time")) followed by a numeric + encoding of the UNIX time in seconds since the epoch (1970) that the last change + was made. + +dit(bf(Following fields)) nl() nl() + + All other colon separated fields are ignored at this time. + enddit() +label(NOTES) +manpagesection(NOTES) + +In previous versions of Samba (notably the 1.9.18 series) this file +did not contain the link(bf(Account Flags))(AccountFlags) or +link(bf(Last Change Time))(LastChangeTime) fields. The Samba 2.0 +code will read and write these older password files but will not be able to +modify the old entries to add the new fields. New entries added with +url(bf(smbpasswd (8)))(smbpasswd.8.html) will contain the new fields +in the added accounts however. Thus an older bf(smbpasswd) file used +with Samba 2.0 may end up with some accounts containing the new fields +and some not. + +In order to convert from an old-style bf(smbpasswd) file to a new +style, run the script bf(convert_smbpasswd), installed in the +Samba tt(bin/) directory (the same place that the url(bf(smbd))(smbd.8.html) +and url(bf(nmbd))(nmbd.8.html) binaries are installed) as follows: + +verb( + + cat old_smbpasswd_file | convert_smbpasswd > new_smbpasswd_file + +) + +The bf(convert_smbpasswd) script reads from stdin and writes to stdout +so as not to overwrite any files by accident. + +Once this script has been run, check the contents of the new smbpasswd +file to ensure that it has not been damaged by the conversion script +(which uses bf(awk)), and then replace the tt(<old smbpasswd file>) +with the tt(<new smbpasswd file>). + label(VERSION) manpagesection(VERSION) |