summaryrefslogtreecommitdiff
path: root/docs/smbdotconf/security/renameuserscript.xml
blob: 1ec1dcb6eb1b176720f338a0d93781810f8bde38 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
<samba:parameter name="rename user script"
                 context="G"
                 advanced="1" developer="1"
				 type="boolean"
				 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
    <para>
	This is the full pathname to a script that will be run as root by <citerefentry><refentrytitle>smbd</refentrytitle>
	<manvolnum>8</manvolnum></citerefentry> under special circumstances described below.
	</para>

	<para>
	When a user with admin authority or SeAddUserPrivilege rights renames a user (e.g.: from the NT4 User Manager
	for Domains), this script will be run to rename the POSIX user.  Two variables, <literal>%uold</literal> and
	<literal>%unew</literal>, will be substituted with the old and new usernames, respectively.  The script should
	return 0 upon successful completion, and nonzero otherwise.
	</para>

	<note><para>
	The script has all responsibility to rename all the necessary data that is accessible in this posix method.
	This can mean different requirements for different backends.  The tdbsam and smbpasswd backends will take care
	of the contents of their respective files, so the script is responsible only for changing the POSIX username, and
	other data that may required for your circumstances, such as home directory.  Please also consider whether or
	not you need to rename the actual home directories themselves.  The ldapsam backend will not make any changes,
	because of the potential issues with renaming the LDAP naming attribute.  In this case the script is
	responsible for changing the attribute that samba uses (uid) for locating users, as well as any data that
	needs to change for other applications using the same directory.
	</para></note>

</description>

<value type="default">no</value>
</samba:parameter>