HP CIFS Server Administrator Guide Version A.03.01.03 (5900-2006, October 2011)
Table Of Contents
- HP CIFS Server Administrator Guide Version A.03.01.03
- Contents
- About this document
- 1 Introduction to the HP CIFS Server
- 2 Installing and configuring HP CIFS Server
- HP CIFS Server requirements and limitations
- Step 1: Installing HP CIFS Server software
- Step 2: Running the configuration script
- Step 3: Modify the configuration
- Step 4: Starting HP CIFS Server
- Other Samba configuration issues
- 3 Managing HP-UX file access permissions from Windows NT/XP/2000/Vista/Windows 7
- Introduction
- UNIX file permissions and POSIX ACLs
- Using the Windows NT Explorer GUI to create ACLs
- Using the Windows Vista Explorer GUI to create ACLs
- POSIX ACLs and Windows 2000, Windows XP, Windows Vista, and Windows 7 clients
- HP CIFS Server Directory ACLs and Windows 2000, Windows XP, Windows Vista, and Windows 7 clients
- In conclusion
- 4 Windows style domains
- Introduction
- Configure HP CIFS Server as a PDC
- Configure HP CIFS Server as a BDC
- Domain member server
- Create the Machine Trust Accounts
- Configure domain users
- Join a Windows client to a Samba domain
- Roaming profiles
- Configuring user logon scripts
- Home drive mapping support
- Trust relationships
- 5 Windows 2003 and Windows 2008 domains
- 6 LDAP integration support
- Overview
- Network environments
- Summary of installing and configuring
- Installing and configuring your Directory Server
- Installing LDAP-UX Client Services on an HP CIFS Server
- Configuring the LDAP-UX Client Services
- Enabling Secure Sockets Layer (SSL)
- Extending the Samba subschema into your Directory Server
- Migrating your data to the Directory Server
- Configuring the HP CIFS Server
- Creating Samba users in directory
- Management tools
- 7 Winbind support
- 8 Kerberos support
- 9 HP CIFS deployment models
- Introduction
- Samba Domain Model
- Windows Domain Model
- Unified Domain Model
- 10 Securing HP CIFS Server
- 11 Configuring HA HP CIFS
- 12 HP-UX configuration for HP CIFS
- 13 Tool reference
- Glossary
- Index
13 Tool reference
This chapter describes tools for management of Samba user, group account database. It includes
the following topics:
• “HP CIFS management tools” (page 158)
• “LDAP directory management tools” (page 168)
HP CIFS management tools
Several HP CIFS Server tools are available for management of CIFS user data stored in the
smbpasswd file or in Netscape/Red Hat Directory Server database. This section documents the
following user management tools:
smbpasswd Tool for management of the Samba encrypted password database.
syncsmbpasswd Tool for Synchronizing the HP CIFS Samba users with the UNIX or POSIX
users.
pdbedit Tool for management of the SAM database (Database of Samba Users).
net Tool for administration of Samba and remote CIFS servers.
wbinfo Tool for querying information from the winbind daemon.
These management tools are available in the /opt/samba/bin directory.
Smbpasswd
This tool is used to manage a users' SMB password that is stored in the Samba encrypted password
file, smbpasswd, or in the LDAP directory server. The Samba password database contains the
user name, UNIX user id and the SMB hashed passwords of the user, as well as account flag
information and the time the password was last changed.
The smbpasswd program has several different functions, depending on whether it is run by the
root user or not. When run by a normal user, it allows the user to change the password used for
their SMB sessions on any machine that store SMB passwords. When you run it as a root user, it
allows you to add or delete user accounts, and to change the attributes of the user accounts in the
SMB password database.
Use smbpasswd to perform the following operations:
• Add user or machine accounts.
• Delete user or machine accounts.
• Enable user or machine accounts.
• Disable user or machine accounts.
• Set user passwords to NULL.
• Manage inter-domain trust accounts.
For detailed information on the smbpasswd command, refer to the smbpasswd man page, SWAT
or The Official Samba HOWTO and Reference Guide.
The smbpasswd tool performs its operations on the data store specified by the passdb backend
parameter in the smb.conf file. If a LDAP directory is to be used, then this parameter is set to
ldapsam:ldap://<LDAP server name>. If a Samba password file, smbpasswd, is used,
this parameter is set to smbpasswd.
If you manage user accounts in an LDAP directory server, an existing POSIX user must already
exist in the LDAP directory before you run the smbpasswd -a command to add the corresponding
Samba user and its sambaSamAccount information required for HP CIFS Server user authentication.
158 Tool reference